 I have started the recording, so watch what you say. There are people still trickling in one by one, and I don't see Stefan, so maybe I'll wait for a minute or two, minute, maybe. Maybe we can start with the announcements, couple of things. One is, of course, the antitrust policy of Hyperledger, which is the only requirement for people to join the meeting, and it's an open meeting, and I was told that the link I had in the LinkedIn was wrong, but I had since connected it, so hopefully people will trickle in. The second point is that we have to abide by the Hyperledger Code of Conduct, which necessitates us to be nice, behave. So even when we are disagreeing with people, we shouldn't not be disagreeable. That is the second point. That's about it, but let me introduce the people who are here. As you know, I see Stefan connecting, so hopefully he'll be here soon. One of the most interesting things about Europe is that because they are a collection of states, they are forced to deal with many of the issues of collaboration, and as you know, GDPR is highly influential. They had started this unification, or sort of a assurance level approach to national identity systems in 2014, and Stefan had also presented about this before, but I believe the latest addition is very important because it'll also be highly influential, and specifically the identity wallet work that is in the latest EI-DAS is bound to be influential. So the three people here that are going to make a presentation, one is Stefan, who I've known from my work at BNP Paribas is now the head of SGM Consulting, and he is also a member of many committees that are set up as part of the EI-DAS effort, and he's also a known expert in identity, and identity, KYC, AML, and so on. The other person that I wanna talk about is Luca Bolden, who's, yeah, he is the, yeah, Stefan, I can see the screen. Okay, perfect. So Luca is an R&D member of InfoCert, also a practitioner of the latest, I mean, he has to obey the regulations of the European Union. The third person here is also deeply steeped in, in the practice. So he's an expert roll-on from Aero Suerte, Surete, which is a company that works with compliance aspects of the logistics supply chain logistics. So he is also watching EI-DAS closely because that will affect his work a lot. Having said that, I think I should just retreat into the background and let Stefan or Howard, they want to drive the presentation forward. And of course, there will be time for questions. Okay, I'm trying to make my video work, but it doesn't seem to be possible, is that normal? I don't... I don't mind you, I'm not sure there's much to see, you know. Well, yeah, I mean, the presentation is very important. Okay, let's remain with the presentation. So thank you for your kind introduction. Indeed, this is a team effort, okay? So there are three of us and that's certainly needed for this important piece of news that has been published, released a couple of weeks ago now. What you should know, I know a lot of participants are not from Europe, but if you are in the European region, EI-DAS is all important. And if you're interested in digital identity, EI-DAS is by far the most important piece of regulation you must know about. The reason is that it's still the only international regulation that's organized the material admission of digital identities on a cross-border basis. So that's... Now, what did happen two weeks ago, and that was a combination of consultation efforts that took nearly a year, was that the EI-DAS regulation is going to be amended. So we're talking here about EI-DAS too. It's not the official terminology, but I think it's really easier to understand. So what's EI-DAS too? And I think we have three of us, and we thought we might think three chapters or three parts to speak first. Why is EI-DAS too talking about identity-wise? Then Luca, that I'm going to take short of that. Luca is going to be involved in a discussion between about the SSI concepts and EI-DAS too. And I hope to her to learn a lot on that. And last but not least, Rolo is going to focus on a number of questions. As you will see, there are still plenty of questions that can be asked. We can offer a few answers, but there are a lot more that are to remain to be considered. So why is EI-DAS too talking about digital identity-wise? That's the first question. Maybe before we move into EI-DAS too, you have to understand that EI-DAS too comes after EI-DAS one, which is pretty basic. EI-DAS one has been in place for seven years now. It was officially published in 2014. So this is an EU regulation that applies to across all EU countries. In fact, it's a little bit wider than EU countries. It's the European Economic Area itself, which includes Norway and another few other countries. It has, and it's important to realize that it contains two pillars, which are only partially integrated. One is so-called trust services, addressed on the left on the right side column here. Typically what you're talking about is electronic signatures and seals, electronic registered delivery services, timestamps, website authentication. These services are fairly defined in fairly comprehensive terms. There's nothing particularly, and hopefully Luca is going to agree with me. I don't think there's anything remarkable in the EI-DAS regulation regarding trust services because what do you find there is also to be found in other regulatory frameworks. The important point though, is to know that those trust services are fully open to the private sector and based on certification processes and open standards, which are mostly EDC standards. So what is critical for trust services providers is to get certified, and once they get certified, they can offer the so-called recognized trust services defined there, and they can offer those throughout the EU and they are recognized equally and directly into each every and every member state. To put it very succinctly, the verdict there has been quite a success It's, you have about 250 trust service providers. A lot of them are offering electronics insurers, of course, and timestamps, website authentications. On the other hand, you have another pillar, which is focusing on digital identity schemes. Here, you're talking about a completely different set of animals. Here, you're talking about, in fact, it's an international recognition, a mutual recognition framework of national identity schemes. So you have to view it as a sort of international treated recognizing, the French, the German, the Italian, the Spanish ID scheme. And basically, one of the key elements is that there is a common level of assurance framework defined. That's one of the major achievements of the IDS regulation. And there is an infrastructure that allows the interoperability of the digital identities across the various member states. So technically, a German ID can be used in France and vice versa, and in other countries, of course. The result here has been very mixed. And that's even an understatement. Only half of the member states have notified a scheme to the EU Commission. One of the problem is that there is only a very limited range of ID attributes that are available. And on top of that, it is the IDS scheme was very focused on public services. In other words, the private sector was not really considered. It was mentioned here and there, but not really considered as a core focus. And the result is not surprising. I mean, you have extremely limited and at times no cross-border usage of those national identities, even though they are technically recognized throughout the EU, they remain domestic country by country identities. So that is something that has been considered as unsatisfactory. And as you well know, there has been a lot of development as well on the SSI since 2014. Of course, there's been a lot of focus on SSI schemes, the impact of distributed ledger technology, blockchains and so forth. And efforts were made to consider whether, in fact, the IDS framework was compatible with the SSI solutions. The answer has been considered in a fair landmark report published last year. But I'm afraid if you go through the report, you will see that it really takes a lot of adjustment to accommodate the current IDS framework with SSI. The approach that has been taken was to say, look, we can't really live with that. We have to effectively amend the IDS framework. And a consultation process, as mentioned, was launched nearly a year ago. A number of options were submitted. And the draft proposal was released two and a half weeks ago. It is expected, so it's a draft. OK, so it's not a final regulation. It's a draft. It's expected to reach a study built next year. If everything goes well, I think it's likely, mind you. But so what it does on the trust services side, it builds on the current architecture. It doesn't modify it, but just adds a list of new trust services. And one of them, which is interesting, is electronic attestation of attributes, which include a range of attributes that were not considered so far, but will include qualification titles and licenses and financial and company data. And that is something that, of course, will be of interest to the financial sector as a whole. On the digital identity scheme, you still have the current EID framework, no major change. But in fact, you have a newcomer, which is the so-called European Digital Identity Wellets. And these are effectively attracting a lot of attention. What they are is our solution defined in, well, they are wellets that are defined in very broad terms. We have just provided on the slide the definition. What are you should, maybe a number of important features is that they are issued or recognized by member states and their own responsibilities. So don't necessarily assume that any kind of digital identity wellet can certainly become EIDAS compliant and become recognized under EIDAS. This is not what the solution is going to be. Effectively, there will have to be some involvement of a member state. They will be like trust services that will be certified so there will be no more peer review. There will be a common framework of specification and standards applicable. And effectively, every member state will be able to notify digital identity wellets that conform to the set of standards. They will be recognized fully across the whole of Europe. Very importantly, they will be recognized and they will be required to be accepted as alternatives to strong customer authentication mechanisms. And they will have to be accepted by the so-called very large online platforms which are effectively the Microsoft Connect, Google Connect and other GAFA SSI solutions. And lastly, they will be free to use for the user, but at the same time, the operator of the wellet will not be in a position to be prohibited from using any customer behavior data. So they are going to be user-centric in that respect. Now, what you should also realize is that there are a number of principles which are clear, but the fine prints are missing. You know, there is a lot that remains to be mentioned, detailed and only broke principles are available. And even those broke principles at times can be interpreted in different ways. So don't assume that we have a clear picture today because that's clearly not the case. What is, you know, we've highlighted on the slide a number of principles that have gone through some of them and a few others are that the digital identity wallets will have to offer the highest level of security for the personal data and will have to comply with the EIDAS high LOA specification which incidentally are quite challenging. I mean, there are in many ways comparable to the NISD LOA, LOI-3 if I'm not mistaken, OK? And the big difference between the so-called current digital identity schemes under the current EIDAS and the future digital identity wallets is that this time digital identity wallets are primarily targeting private sector quality use cases, OK? So everything requiring strong authentication will in fact be required to accept digital identity wallets and also the so-called very large online platforms, as mentioned. Now, a lot and when I say a lot, it really is a lot. A lot remains to be built and decided for these wallets. In fact, we don't know much more than what I've said earlier. So as you can assume, there's still plenty to work on. Basically, what has been suggested is in parallel with the implementation process of the new regulation, there is going to be a co-construction process defined as the common toolbox, which was meant to effectively define a common set of standards and specification on the provision of exchange of identity attributes and the functionality and securities of wallets on the reliance mechanisms of wallets and governance aspects. So everything dealing with the technical infrastructure, the common standard is everything is is up to be decided yet. And for that, there is going to be, in fact, an EIS expert group is is going to be set up. So everybody is already trying to position themselves to take part in that. The what what is important to realize is that for anyone who has an idea of a wallet or a proposal of a wallet, a digital identity wallet, we'll have to consider two key requirements. The first one is, of course, meeting the common toolbox requirements, you know, the common specifications that are going to be defined. That's obvious, but I'm afraid that's not the only requirement. The other requirement is to obtain the permission of a member state. And note that because only member states can effectively qualify digital identity wallets. And note that there is no right to obtain the approval of a member state. This is a pure discretionary decision. So who, you know, one member state can approve one or more than one wallets, but you have no, there are no rules defined. And I think that would be no rules defined as to what are the criteria for acceptance by member states of a wallet. So this lives with, as with a number of, I would say structural questions. One of the key, most interesting question is, okay, you have 27 member states in the Europe. They are all required within six months to notify a wallet, okay? First of all, do they all need to notify different wallet? I mean, can two member state approve the same wallet? Why not? I mean, probably not for large member states, but for smaller member states that do not necessarily have the same, you know, the resources to do that. It would make sense to combine forces, so to speak. And another topic that is of relevance is whether once you have a wallet in place, let's say, take a topical example. And the Estonian wallet, Estonia in Europe is known as very digital friendly. So it's been a pioneer in digital identity matters for a number of years. So they are going, the Estonian state is going to effectively notify its own wallet. Now, it's a very small country. There is a strong possibility that if you're a non Estonian like me, maybe you could benefit from that wallet. If it does, you know, if it does bring value or if it does, it is relevant for you. And the question is, is it clear that these EU citizens are given complete flexibility as to which wallet they can use? That even that is not completely agreed. In fact, there's nothing that says no. I think it's likely to be yes, but it's not absolutely conferred. And one last question maybe is, can an industry wallet be considered? For example, banks are, and Luca, I'm sure you will confirm that, you know, banks are saying, oh, you know, we have special needs. We need our own wallet. And, you know, we can't just rely on 27 different wallets for that. So that's about it for me. Luca, your turn now. Thank you. Oh, you go. Well, I'll give you the slides. Okay. Thanks. Yes, my focus will be on trying to give my view. This is a personal perspective on how this new regulation comes towards what we all are very familiar with, which is the SSI paradigm. A part of the fact of introducing an identity wallet, which is, as we all know, an SSI concept. I think it's worthwhile understanding what's the main movement behind. So this slide, this is about starting from the pre-digital world. I'm sorry, I don't want to teach you the basics of identity. But this is necessary for me to bring what to me is the main concept which I just version two is bringing. So in the physical world, what the problem that we all need to deal with is when a person introduces himself at a different, some say office, say an airport and an office. I want to prove that he is some specific person and that he has some specific attributes. We do that via paper certificates and there are different kinds of certificates. The typical classifications that there are and documents which bind a biometrics, a picture typically, but they might be digital fingerprint, something, to a name or a name is a set of attributes identified a person. So name, family name, place of birth, et cetera. So this is the first kind of things and this is normally referred to as an identity card. Then you also have a certificates which bind the name to specific attributes, think of degree. In the degree, you are binding my name to and the fact that I'm a mathematician would have a degree or whatever. And normally if you want to prove in person to someone that you have some attribute, you need to present both the certificate, degree certificate and an identity card in order that they can join using the name as the joining variable conceptually. But there's also a third way which is the direct binding between biometric and attributes. What would you see in the picture is an Italian old-fashioned driving license which binds a photo with the fact that you can drive a car. Incidentally, it also brings the name which is the identifier but that would be not necessary principle. It might be simply association of some biometric attributes and the fact that you can drive. Next slide, please, Estefan. Yeah. Thanks. The same is happening in the digital world with some differences and especially the differences of the fact that the name is substituted by an identifier and the identifier might be a dumb identifier or it might be even contain some data like my Google identifiers look at a ball drain which is not dumb, but normally this is dumb. So the name, the real name, which has legal value is moved to the attribute side. So what you need are two things. One is binding the identifier to some authentication mean and in the digital world, the authentication mean cannot be biometrics anymore. So we use some crypto techniques since you don't have the physical presence of the person to meet the face with or at least that's not sufficient in most cases. So there's a clear difference between the authentication part which is proving that you are the owner of an identifier and then the provision of trust that's attributed which are related to this. I insist on this point since this is exactly where EIDAS 1 was very weak since it made kind of messing up those concepts which are now being clarified with the introduction of the identity wallet. As you see in this picture, there's also a narrow linking authentication means directly to attributes. So avoiding skipping the identifier and that's very relevant to avoid traceability. But a wanting system that seems this is not really in the focus of the EIDAS. It seems that there's not particularly relevant to the new regulation. Oh, next slide please, is that fun? Okay, so let us EIDAS 2 offer now clear the coupling. So they will offer identity wallet which might be used both for authentication and for the provision of trusted attributes and they're clearly separated. EIDAS 1, as I was saying, in fact, was a bundle. You couldn't take just one part of that. Authentication with EIDAS 1 meant that you had to provide your real name, your real family name and so on. There's a set of core attributes which were necessary implicit in the EIDAS authentication. This seems to me to be no more the case since the electronic digital identity wallet supports authentication as an independent feature and this is some text from the regulation. So it says that, for instance, very large online platform may use authentication with the digital identity wallet. And typically, if you think of very large online platform which means Amazon, Google and so on, they do not need necessary to identify you. They're not asking for your real-world identity. They're just asking you to authenticate. They very often did not care about trusted attributes. Sometimes they need, for instance, the case that when you need to prove that you are of age in order to have some services and the like. But most cases, they just, Amazon just deal with your credit card number. Any other attributes can be fake. You can just declare it. So it appears that the digital identity wallet can be, in fact, must be accepted also for pure authentication. And the rest of the text is just underlying this concept. Every line party is able to authenticate the user and to receive then, as a follow-up step, electronic attestation. So next slide, Christopher. Thanks so much. So there's a strong focus on private sector which, as was mentioned by Stefan before, was not in the focus of YIDAS 1. And in fact, it was one of the reasons for kind of a failure of the identity party in YIDAS 1. And here you see that there's a strong mention of private relying party providing services, the era of transport, energy, banking, financial services, security, et cetera. Education to the good education. They should accept the use of the digital identity wallet. In this case, this was strong user authentication for online identification is required. Seeing some services, regulated services, I think provisioning of telco services, need to identify you. But this is also required, as we already mentioned, when only authentication is required. This is the example of a very large online platform. Okay, next one. So we covered authentication until now. This is about provisioning of trusted attributes, which is the other arrow in the triangle, the upper arrow. And this is again something really new since the electronic digital identity wallet does not only supports a limited set of attributes, but it should be open to, as it's saying in the text, the current YIDAS framework does not cover provision of electronic attributes, which are required both by public services and private services. Moreover, there's selective disclosure as a requirement. So the user must be able to decide which attributes to provide, which is only partially the case in present-day regulation. And in fact, present-day regulation, the set of attributes which are managed are very limited and there's very limited choice on what you can and what you want to provide and what you don't want to provide. Okay, next one. There's an additional step, which is introduced in YIDAS VUCHU, which is the electronic attestation of attributes. This concept is fairly new and to some extent it differs from the traditional SSI vision where you have an issuer and you have a holder and a verifier. In fact, they introduced the concept of electronic attestation of attributes and qualified electronic attestation of attributes, which means if you read the clause 45, an electronic attestation of attributes which is issued by a qualified trust service provider. Qualified trust service provider, as Stefan mentioned before, was the second pillar of YIDAS. So we are now in the field where there's some intermediary qualified trust service provider of private entities, commercial companies that provide services like timestamping, digital signature and the like. And there's now a role for these providers to attest attributes. We normally in this SSI and it also may happen that they have a role in the validation of attributes. So this is a very important aspect of the process of attestation is the other aspect which should be covered. If we go to the next and I think final slide, you may have seen this picture in some different fashion since this comes from VO and X, the Canadian initiative. But here I introduced the TSP in the middle. This is the TSP credential to the holder. Credentials go to a TSP who's in charge of provider attestation. And then the attested attributes goes to the holder. This is my understanding of how the flow works. And this has especially been conceived in my view to solve an issue which we have typically when dealing with the identity wallet which is how can I trust the issuer. This was simple in the digital world since in the digital world when you have a paper EID document well you easily recognize it by the features of the document and there are very few possible providers of these kinds of documented university or some state agencies and healthcare agencies and you normally know which kind of documents they provide. So validation of the document is provided simply by looking at the document itself of the physical characteristics of the document some specific say watermarking or whatever. This is the way validation happened up to now. In the digital world this is a problem since when you have a large number of issuers how can I trust the issuer? Here the concept of trust framework long discussion on this. The European way for this seems to go through specialized entities which collect attributes and attest attributes. So in the end the verifier simply needs to trust the attester, not the issuer. It's quite different and it is based on the history of the EIDAS which normally was based around the concept of trust provider service list and so on. We'll see whether this is really something which applies to real world necessities but to me this is the way they are putting it. And I think this closes my presentation so I'll give the floor. Now to Roland. Thank you so much Luca. My view is based on perspective because as far as you can understand all the project is not completely clear and completely written. And I would want to point out the main points that can give you relevant information in order to be able to act and to be sometimes force of proposal relating to this regulation. Firstly I would say that electronic digital identity wallets project appears to be both official national electronic proof of the identity which explains Stefan really based on a sovereign approach. What we should precise this word because EU Commission is coordinating very large number of member states which are on their own really responsible of their prerogative and of course identity management which is as explained Luca currently with real life ID cards is a key subject for them. I would want to add on the main points that there will be a real challenge between this project of electronic digital identity wallets with the way they will be negotiated and I would say on board it with the large SSI providers including large platforms but also over SSI solution providers such as implementers. I would want to stress the fact that for many European I would say commission and people are quite of importance in EU management this project of digital identity wallets appears as a first step to another big subject which is digital currency for the Euro some of our famous digital currency already exists there are some of our famous digital currency projects that you have already presented and today the rumors this must be read between the lines but for many people who are deciding things in the European community this is a first step towards digital currency for the Euro please Stefan can you on the website on other open points including the first announcements is the requirement for large platforms like Apple, Amazon, Google and Facebook to accept the use of the new digital identity wallets you can request of the user for example for H-Proof according to access to any service for example bargaining online I have used the word sovereign online because it is linked to I would say European community structure based on states which are their own sovereign requirements but according to this context we of course have to face some challenges which are quite important and one appears to be that European digital identity wallets could be both a huge opportunity for SSI providers or in a pessimistic approach a threat I want to open the discussion on these two possible aspects in order to understand the complexity of the subject I would want to stress the fact that onboarding strategies will be a real trick for our chief technical officers and there is a real question of governance and that has to be said for example will it be who will be the master will it be the European digital identity wallets onboarding masters or is the third party onboarding will be validated by the national authority which is designed to be the referee of the market and at the end of the line will be strictly confirmed or in the other end could be a delegation of the system under the control of each member states and of course with a real coordination this situation is quite similar to a subject I practice everyday is the worldwide rules which have to be applied to avoid bombs in planes after 9-11 there was a very huge request for security of course and there was a big rush of every actors to build the best regulation in order to fit this need which was crucial and there happens to be an international organization which was both a big club for all the states and this club could arrange a worldwide set of standards and could also be the inspirator of the national regulation and at the end was to an authority who was able to audit each national authority on this subject please Stefan can you turn the slide at the end I wanted to stress the fact that this expert group will be tasked in the European community and will be open to discussion with stakeholders and will be the interlocutor for all the stakeholders for the purposes of implementing and I think it's a huge opportunity at this level in order to build common standards then there's also in the regulation a point which allows operators to I would say reuse some existing working frameworks I guess one and particularly new concepts of catalogues of attributes and schemes could be reduced in order to provide interoperability is hard to say as an end and to finally open the debate I would say that international mutual recognition between all the authorities and all the stakeholders should be questioned that can be asked to the community and that probably will have an impact on the process explained by Stefan on this expert group which is I think the place to be in order to give an impact and an overview of stakeholders requirements on this regulation. I think this is some time for questions I already see a couple of questions in the in the chat one of which is for Stefan what was the rationale this is by Brett McDowell from Hedera does he require equivalent requirements or is it a backdoor mechanism for national ideas to be weaker than what PSD2 and SCA require Stefan if you can answer that that would be great otherwise if I can be blunt and direct forgive me for that but I think it is important to ensure that digital identity is accepted everywhere and because as mentioned by Luca they include they can be used as authentication solutions they should become more secure now Diane has his hand up so I'm sure he has questions it ties into your last point on strong identity authentication you know and EIDIS unfortunately only has three levels of assurance the first level is ISO or NIST does and separate authentic assurance level and identity assurance level or federation assurance level for that matter and I mention that because the way you get the strongest levels of authentic assurance is either supervised remote or in person you can prove that you're in possession of this unfortunately the solution that they are legislating a while I don't agree with that but anyhow that's a different subject so to get strong authentication how are you binding that to the person based on something that they know I'm sure I'm able to answer that question but what I can tell you is that I'm also working on the as part of the Etsy standardization process which effectively is defining standards precisely on that nature on that topic and we are effectively within Etsy the requirements for identity proofing that will be linked to the trust services and that will indirectly be linked to the digital identity so classically we have the three routes what you are, what you have and what you know so any identity scheme that builds on each one of them collectively meaning if you have a set of attributes that are somehow established with these three methods together rather than one or the other then that would be obviously stronger than just one and dance the point I guess is in terms of current EIDW regulation I didn't realize it was only for something that you know bear in mind that the strong authentication requirement is a requirement that is mostly used I would say within the financial planning sector for the payment systems so in Europe I don't know if it applies but if you are effectively making an online payment above a certain threshold the bank is technically required to use strong authentication and if it doesn't it can still do it but it has completed it's in a much weaker position legally so I think what the coming back to the original question whenever that regulatory requirement kicks in effectively what the intent here and I'm not saying it's perfect and it's fully armed up but the intent is clearly to say look instead of using your usual strong authentication credentials that you would typically use for the when you're interacting with your financial service provider you could use the digital identity for that specific purpose how that will apply that's still you know there are pretty there are a lot of things that still need to be worked out but that is intent effectively it looks like it looks like Brett I mean Dan did you get your question answers by the way no Brett has his hand up but no lots more to discuss on this but yeah to be fair let's have Brett yeah so this is just a recommendation very hard with European Banking Authority and DG FISMA on SCA requirements so to the extent that they can be reused here I think that is highly advisable only years of debate well that is certainly that is a concern you know I can't talk for the European Commission because I'm not you know I'm not related for that purpose but what I know from discussion with the European Commission people especially DG FISMA happen to be contracted DG FISMA is they are acutely aware of the fact that they should not try to reinvent every wheel okay and if there are good international standards that are existing out there it would be a lot more simpler more efficient and more productive to use them so they have no don't I mean don't assume they are they are fully aware of the need to reuse existing standards and protocols that can be reused beautiful the one of the things that seems to be missing in this whole debate sort of thing is that that simplicity like for example you know if you take the digital ledger payment commitment which is a initiative that has come out of WF and all that just with 13 attributes or so you can perfect an instrument that is valid for a digital signature and for a payment commitment but obviously the identity part is you know deals mostly with the signatures and so on but the aim should be to be able to get the highest level of assurance even with limited attributes because I mean it is not the attributes themselves I mean like people say that with about three or four or even a few attributes you can actually accurately place a person I mean it is only the level of assurance that attaches to those attributes that are more important than anything else may I give a short answer yes this is a question of trust and the real element is that you have to certify all the elements of the chain and that you have a system with updating constantly in any risk of breach by acting immediately and closing the issue and that is the reason why I believe that the question relevant of certification should apply on every actor of the chain of trust that is my point of view and that is the reason why we should of course comply in a common standard of requirements in order to provide this trust and you have anything more to add on that no I think it is we could go on I mean it can go on forever I mean it is certainly generating that whole debate and announcement has been generating a lot of attention in Europe it certainly is one of the landmark announcements in terms of in the field of digital identity and everybody is talking about that if you have some interest in this next week marking in fact to the day the 5th anniversary of the launch of the EIDAS regulation there is a fairly substantial digital summit called the EIDAS where including people from the European Commission will talk so if you want to know more I would suggest you may consider that another thing that also is worth mentioning maybe that there is a second announcement that is not specifically related to EIDAS but clicks into fairly neatly with that is the new AML regulation that will effectively enable the AML directive and that will aim to ensure a much greater level of KYC and CDD data unification or harmonization across member states so that is more specific to the financial sector no doubt but it will leverage the use of it is expected to leverage the use of the EIDAS regulation in the financial sector which as we know is quite critical anyhow thank you guys if I may make a short remark on some notes in the chat yes in fact I guess that is true that credentials should be my wallet they are not necessarily part of my national EID but as I see it the commission is moving in the field of providing a general purpose authentication tool which is something additional with respect to the national EID I fully agree and this general purpose authentication tool which works as a wallet should form a kind of basis to promote interoperability this is behind what a commission would have the mandate to do it is not just doing something on the identity level they are adopting tools in support of authentication which is something that some commercial identity company could do as well on the other side I think why does the need of this authentication tool go through national member states this is a bit strange and I think since this could have been done as just one single tool it might be even be adopted by Samsung by whoever just by one and that's done and I think that has to do with political issues since you know the identity issues are very sensitive member states want to have some kind of control so to me this is kind of compromise from the necessity of having something general purpose on one side and the requirement to maintain some kind of national sovereignty on the identity concept yeah that's very true there is a difference between what is called the Genesis identity like your bug certificate or you know that is completely controlled by the state and all these others are accretions that add on things and so there is a qualitative difference right right we define that as foundational versus functional identity foundational identity is that core some people call it legal identity like the UN versus functional and that's one of the things that Estonia did as the folks said on this call and that's where EIDIS comes from basically Estonia the first thing they legislated in 2000 was that digital signatures as ink signatures and then they had their national ID two years later anyhow so in Estonia the Estonian government issues that foundational identity and then everything else is functional your voting your health any of those are functional identities and in Estonia they legislate the law says the government cannot ask for the same identity information that's why if you give your if you have your foundational identity your first name, last name, date of birth register with the government when you go to vote they cannot ask for that information again that's part of your foundational identity so that must have some ramifications in the debates happening here in the United States but you know we have a lot of data because of the federated nature of the government but at the same time we have this dual thing going on the states rights versus the federal rights and you know the health certificates the birth certificates are a local matter and the foundational identifiers are established at the local level then they propagate to the national level so you know there's all kinds of stuff about this and it's some you know we can like Stefan noted we can keep talking about this for a long time but it's been a very good discussion so far and I think we should continue some of this and of course Dan who's a member of the OIP knows the debates going on there I'm sure look at too it's only starting now in fact well it's always since life is a continuous journey it's always a story half told and I think the Greeks recognized it a long time ago when you die you cannot say you're a happy man anyway so I take you know I'm taking so much information that I have to write a piece on interoperability for the digital currency global initiative and one of the foundational aspects of interoperability any type of silo including digital currency is identity so identity and it's you know the it's basically just going to be a suggestion for standardization not standards themselves so we take lessons from all of this and thank you for showing up and talking about this very important subject if there's interest in getting access to the slideshow that's another thing I was meaning to ask you we should put in the slides in the wikipage so that anyone can have access to this thank you thank you guys I did put in the chat we're doing a similar thing via you know providing feedback to the EIDIS legislation so yeah so I'll participate in that but as you guys pointed out they're looking for public comment anybody on this call I guess to provide comment I'll do so through it in Napa that is a lot unknown but there's enough to in that legislation for us collectively to provide some feedback okay thanks thank you and wonderful we'll we'll meet again okay thank you thank you