 Well, we should probably get started because I presume there's possibly at least one person on the live stream, maybe even two, and there's a couple of people here in the room, and the video's on and everything, the camera's on me, I can wave to the people who are on the live stream. Okay, great. Well, I'll get started. I'm intending this to be a fairly casual conversation. I was going to be co-presenting this with somebody who we've worked with quite a bit. Actually, let me take my mask off so I'm a little bit clearer when I talk. By the way, I'm Brian Bellendorf. I'm General Manager for Blockchain Healthcare and Identity with the Linux Foundation. For the past five years, I've been leading the Hyperledger Initiative, which has really been centered in the enterprise blockchain space, and increasingly, it's been central to a lot of the remake of the world through something called self-sovereign identity or user-centric identity, if you prefer a different term, and we've been working quite a bit with lots of different companies on how this should work, and one of the companies that's really adopted this for quite a few different projects has been Accenture. When we proposed this a couple months ago, right as vaccines were starting to be distributed, I think there is a hope that things would open up quite a bit, and colleagues from around the world would be able to travel to the United States. Christine is based in London, so that means she couldn't be here, but she did agree to pre-record some stretches of a presentation, and there's a short video as well that we wanted to show in the middle of that, so that'll be about 20 minutes of the conversation. I have a couple of minutes of framing on either side of that, and then thought we'd just open up for conversation, because this is kind of a relatively new space for a lot of folks who've not been familiar, so I wanted to start with the basics of what self-sovereign identity is by looking at just kind of how it's a different model than say OAuth or other kind of traditional login with GitHub kinds of models you might have seen, and then Christine will talk a fair bit about the business, social and technical drivers for digital identity. I will talk about how it actually works, and then the role of hyperledger Aries and Indy in making those happen. Once again, this has been my role for a lot of the last five years, and Christine at Accenture leads their blockchain identity and biometrics division as a managing director, so she's been directly involved in a lot of this. So this slide I think captures for all of really kind of the essence of what's different about self-sovereign identity. At its core, it's about individuals who hold wallets, and in that wallet are credentials that you possess that are signed by issuers on the left-hand side, and then verified by parties on the right-hand side. Now, these aren't just like opaque cookies and hashes. Don't think of this necessarily as like Kerberos tokens, so there may be some passing resemblance to that. It's a little bit like PGP or user certificates in a TLS infrastructure, but a lot of that stuff had never been really adopted, standardized, promoted in quite the same way. We all kind of defaulted to real-time TLS connections to OAuth servers and that sort of thing to make this all work. Instead, self-sovereign identity is really about you, your identity being defined not by what's true about you at LinkedIn or true about you on your Google account or whatever, but what's true about you as expressed by those certificates you hold in a digital wallet. And so as an example, in one of the use cases we've been working with quite a bit, both Hyperledger as well as another organization I co-lead called Linux Foundation Public Health and a whole lot of others who've been involved in this ecosystem, the Trust Over IP Foundation, something called the Good Health Pass Collaborative that we've put together. We've been working in this domain of issuing proof of vaccination status documents that could be held by the issuer and presented in a privacy-respecting way, not just to go to a concert in California or Washington State or wherever I am, but to also board a plane and travel to another country and attend a concert there. Your vaccination, you're vaccinated and that's good wherever you are and that proof of vaccination should be able to carry with you. So really this triangle on the top half of this graphic only works because there's some relationship between the verifiers and issuers, right? You want to know that the issuer of these credentials isn't just, you know, people like Drummond Reid who just walked in the door, you know, but are actually people who've perhaps issued your vaccination to you, right? Or a healthcare clinic who's responsible for those parties who've issued these things. Drummond, this slide looked familiar. I think Drummond actually created this slide as part of our work together on the Good Health Pass Collaborative. And so this is where the governance framework and the governance authorities come together. And the role that they play is to provide that indirect connection, right? You don't want the verifiers having to call in real time to the issuers immediately on an everyday basis to be able to, you know, whenever a credential is presented, because then the issuer knows an awful lot about who the holders are, how they're using these credentials, where those holders went and you have the problem we've been fighting for the last 20 years called cookies and third-party cookies and tracking and all that kind of stuff. You've just reinvented it for a new protocol. So instead, the trust between verifiers and issuers largely comes down to agreeing upon a common trust framework and there's lots of ways that that can express itself. One of those is with blockchain technology. One of those is by having the public keys for the issuers held in a distributed ledger between all the parties and having the verifiers able to query that no matter where that ledger sits, right? They probably have a full copy of the ledger. Note that you don't need to store the certificates in that ledger. Note that you don't need to know anything about any of the individuals who are holders. So this is not a system for storing private health data in a blockchain or even who's ever been issued these or certainly not where they use them, but for being able to actually perform the same kind of function as the root key store in your web browser, for example. You're probably all familiar with the fact that every web browser is distributed by default with a set of a couple of hundred certificate authorities and those certificate authorities are what allow the told chain of trust to emerge so that a website can say, hey, I'm actually whitehouse.gov and it's because the CA issued me a certificate. In this space, the digital identity space, we're trying to move away from things that are so strictly hierarchical, right? We're trying to allow for on a use case by use case basis such as in the issuance of proof of vaccination status, those trust frameworks to emerge a little more organically between the issuers and verifiers and so the governance framework is intended to be somewhat use case specific, somewhat set of stakeholders specific. The set of stakeholders around global travel, for example, and the issuance of those health certificates might be very different from the set of stakeholders around primary health data and continuity of care kinds of situations. In fact, you probably want a very clear distinction between the certificates that express some fact in a medical context like I got a heart rate test or I got a blood test of some sort or I got a you know something I might have to prove to an insurer to be able to get a good rate and separate that from I have the ability to board a plane to enter that country and so that's been a big part of the focus of this group called the Good Health Pass Collaborative is how do we separate between the two and it really does come down to this question of who's the trust registry and how does the governance framework work. I wanted to set this as like the big picture context. As I mentioned, my co-presenter Christine could not be here rather than try to have her present remotely, we did pre-record a couple of videos so why don't I turn the mic over to her at this point, let her start talking and then I'll jump back in with a little bit more explanation and follow-up at the end. Take it away Christine. Hi, I'm Christine Leung. Thank you for having me here. I'm the global lead for Accentious Decentralized Identity and Biometrics capabilities and thank you for having me at the Open Source Summit and looking forward to this discussion. What I would like to first start off with is what is decentralized ID and what does digital identity and self-sovereign identity actually mean. To me, I think digital identity is really about a way that we use our identity in a digital world, in a digital context, much like how we have a passport or driving license that we use to verify that we are who we say we are, just to demonstrate from one organization that I got a piece of paper from to another organization that I'm really who I say I am. In a way that we think of digital identity, I like to think that this is a similar process but all of it is done digitally, whether it's the credential itself, the equivalent of a digital passport, digital driving license, my employment credentials for example, to how I share this information, say I got this information from my employer to demonstrate that I work for Accenture, to then share it with say an organization, my bank that I'm trying to apply for a mortgage so that aspect is also done digitally and really if I think of what digital identity means is that whole process of how do I use my identity, a trusted set of data issued by a trusted source and how that is actually verified by the organization that need that information and how do they ensure that this is trusted, this is information, it's verifiable digitally and that I am really who I say I am without seeing me physically or seeing the documentation physically, which is if you think of it most of this process has been around since the dark ages just to demonstrate who you say you are and most of this is still very paper-based driven so hopefully with the onset of self-sorbent identity and many other similar technology we're able to ensure that we can use and leverage these technologies to make this process a fully digital as we go into an increasingly digital way that we live our lives. What it also means to me in terms of self-sovereign identity is that we are as individuals able to control our own data. We today don't have much control over that, we share our data, we don't know where that goes, it's often shared with a lot of third parties and which one of us haven't experienced issues around user experience issues with a lot of cookies, a lot of information that we don't necessarily all read but it's actually important in terms of how we share our data. So how can I take back control of that data and be selective about what data I choose, how I share it, to whom I share it with, an example that I often use is that I have a lifelong condition that I need medication for and as I go into the pharmacy to pick up my repeat prescription I have to provide a lot of data where I live, my condition, so on so for free but if you think about it all they need to do is to confirm, am I that person? Am I really the person who's requesting for that for that medication? The rest of the pharmacy behind me does not need to know where I live and what conditions I have if nothing else it gives me a lot of anxiety and I think that aspects of what self-suffering identity, the technology can really really bring about a lot of potential because of the privacy preserving aspects of this, the selective disclosure capabilities that SSI can bring, the zero knowledge proof, the yes-no aspects of the cryptographic proof that can be used to just say is this person really at this address can you calculate using the cryptographic proof to ensure that my address proof is the same? So those aspects of going back to sort of user centricity that how those capabilities within the set of technology can help with making this more private, more user centric and also enabling us if we want to share more data for example if I'm participating in a drug trial I would like to share more information about myself but at the moment it's very very hard to do that so how do I use that technology to enable that I share more data because it came from a trusted source, I've been validated, the organizations that gave me the identity are on the trusted ecosystem and that aspects of trust whether it's the individual the organizations that are within the identity ecosystem that has been proven and therefore how they can validate using their public bits and ensuring that organizations can share data through the individual and know that the source of the data is trusted, has not been tampered with and that the users have control over all of their data is I think critical as we evolve in SSI I also think that it is incredibly important in order to get adoption that there are other ways of saying for example identity for disheries custodians the way we can potentially share data and have some blanket approval for certain verifiers and certain types of transactions to ensure that the user experience is good I think half the battle with identity is really about adoption and that as we as the SSI market evolves it's also really important from what we see in the market that it is not a binary conversation that it's not SSI or nothing it is an I often think of SSI as an evolution of what existing identity capabilities there are you know solutions that use PKI similar to how we our passports work today solutions that work with identity access management system and the way that I think of the ecosystem is not about one size fits all it's about all of those existing technology will need to work with SSI and vice versa and I think that aspects of being not a binary or nothing mentality is incredibly important to get this amazing set of technologies out there so that it can be augment is going to augment the capabilities of existing IEM solution existing PKI solutions to ensure that the aspects of sharing and using our identity data and the way to ensure that it can be trusted and verifiable and I think the trust and the verifiability aspect as what you and the the sort of selective disclosure the privacy preserving aspects of this technology can really differentiate what came before and what will continue to exist I think that aspects of working with existing technology stacks are really important and ensure that we don't we have the rest of the technology community in terms of the legacy technology that can can support it and not about ripping and replacing to ensure that we are practical and can get this technology out there for people to really benefit from and of course where there also comes a number of challenges you know we've seen we've seen that COVID has really accelerated the demand for a number of digital identity solutions and SSI being a huge potential candidate for this we've seen the great work that the Linux COVID credentials group have been developing the good health pass collaborative which Accenture's heavily contributed to also thinking through what this could mean and I think now more so than ever before with the need for digital identity credentials are really really important as we are still unable to travel people can now work anywhere I mean I've been sort of stuck at home like everyone else and it means that we are able to hire people from different places but we need a way to prove that they are really who they say they are and that to do this without seeing them face to face or using very weird you know sort of loading my passport up to the camera so that could be captured also so um not quite secure way of doing something so how I think SSI can really help to solve some of this but the critical thing will be helping to get adoption getting people to use it and that does mean overcoming some of the key challenges like governance how do we set up networks that that are trusted by multiple parties getting the governance model sorted out so that the business the organizational level see the benefit of the technology as much as our technologist can see the benefits of that technology and of course the aspects of the importance of open source is really also to encourage adoption and for this we need more of the communities more of the the folks that are building the capability to participate in open source we as a center as we build our solutions around SSI heavily leverages all of the open source aspects of this technology because we strongly believe that in order to get the right set of adoption it means that that more people need to contribute to the open source code and to use the capabilities to improve and point it that's why we'll also join trust of IP amongst other organizations to help and drive some of this adoption and we strongly believe this technology has a strong future but it is up to all of us to contribute to the community as well as start working through to the organizational levels the business levels to understand that the value of this technology is not just technology but it really can truly transform the way we do things and the way we share our data and reduce all the headache and the repetition the inefficiency and of course the cost and the fraud around the paper based processes that we have today around identity proofing and the use of our identity you know many of these examples include you know one of our marquee projects which is the world economic forums known traveler digital identity program that we work with with government of Canada, Netherlands, KLM, Air Canada, Toronto airport, Monterey Airport and Skippal you know piloting one of the world's first cross-border decentralized identity capability and there are of course other projects that Accenture has been working on and I think it's KDTI demonstrates that this can be done governments can see value in that think of the our travel continuum prior to COVID we can have we need to take out our travel documents our passport whatnot about eight times in a journey now with COVID we've sort of gone backwards now we need to take it out equally many times but many more pieces of paper and some of the automated touchless part of our journey has been removed due to COVID so thinking of how can SSI really help with making our future travel journeys more touchless more seamless safer and not having to queue ideally it's really where this technology could really help but in order for that reality to take place we need organizations businesses governments to come together to understand how they can form ecosystem and collaborate much like in order to prove how we can return to work our credentials to to get a job to do background checking I'm a consultant right so I need to do background checkings frequently to in order to work at my clients you know how do I avoid having to fill in my the same forms of where are you working what is your role what is your education what is your identity details number what if I can share this with a touch of a button using my phone to all of the clients that I work with that needs to do background check that I've already been background checked so you don't have to waste more money on checking do I have that degree certificate from 20 years ago which hasn't changed and will not change for another 20 years how do I share that verifiable data in a trusted way so that my clients can don't need to wait for me to get on boarded Accenture also doesn't have to wait for me to get chargeable on a project and so I think for many of us who are contractors consultants it will make you know and people who move from jobs to jobs like many of the developers who are contractors this will make a huge amount of sense to show that you have those skills you have been background checked and that you can start your job right away one of the things that the health service in the UK have done pilots for is around sort of skills credentialing to enable the health care profession to move around a lot quicker by showing that this is a set of trusted work credentials and that they don't need to wait to be verified and I think those are the kind of use cases that will really benefit organizations and that we as a community need to help drive and with that I'd like to introduce you to a demo video that we have around COVID and return to workplace and how we can use SSI in a practical manner to help people to gain to get back to work easier to get back into their workplace safer and how we can share these work credentials quicker so that as we are all becoming digital nomads in our work life hopefully that will help a lot of folks to get to work from anyway so with that please show the video okay great pause just for a second here while I get this going and before I start it is really hard sometimes to demo to especially a business level audience like the value of decentralization the value of privacy everything you see as like a wonderful thing you can do with SSI always can be done with a centralized approach so try to read look at this kindly if you will but I actually think you know when it comes to paperwork reduction when it comes to making a lot of like unfortunately necessary processes smoother and easier there's a lot of potential here but with that the COVID-19 outbreak is unprecedented in our lifetimes significantly impacting the global economy rendering millions unemployed but also proving that work can continue for many remotely businesses are realizing that their existing HR processes and the way we work will need to adapt and evolve to meet these new challenges to boost the economy and get people back to work safely businesses must explore solutions that support both the safe return to shared workplaces and a more dynamic job market the success of a digital workforce solution depends on trust between individuals and employers with our dynamic work credential solutions employers can return their employees to shared workplaces safely manage recruitment and on-boarding processes remotely and accelerate decision-making in a trusted and user-centric manner in this demonstration Jane a certified accountant who recently lost a role at the travel agency is looking for new opportunities Jane finds a vacancy with an e-commerce firm which she believes fits the qualifications and experience the employer seeks to map applicant skills to their opportunities vet candidates quickly and ensure safe return to the physical workplace this requires Jane to share her verified credentials remotely on the smartphone screen Jane securely logs into a dynamic work credentials app she selects the credentials tab and can view the digital credentials she has received from various authorities as part of the job application Jane is required to share her education credentials employment history professional accountancy certificates and her training credentials that she listed on her resume this allows the employer to match her trusted skills to the job vacancy Jane receives the job offer as a result of her experience matching the requirements with the firm urgently needing to meet demand and Jane having a family to take care of both parties benefit from having Jane start a new employment as quickly as possible completing a pre-employment screening in near real time will allow Jane to get into employment immediately and will benefit the employer by minimizing the risk of Jane getting frustrated and accepting other offers with the dynamic work credentials platform Jane's new employer can request verified credentials for employment screening followed by credentials for remote onboarding without the need for Jane to leave her home here we can see Jane accepting the request from her new employer and agreeing to share the requested data having established a secure private connection via generated QR code in this case she's sharing her passport previous employment history proof of address and background check result few days before Jane starts her job at a new office her employer made a request for additional data to assess if she can safely attend her first day physically in the office Jane can review the request and the information she's about to share before selecting to share data with a new employer she shares the health status credential which allows her employer to assess Jane's health and ground building access throughout the process Jane remains in full control of her personal data can selectively disclose her information and can consent or choose to revoke access and request deletion of the data at any time in this demonstration a process that normally takes several weeks and many in-person interactions took a matter of minutes and avoided unnecessary physical interaction between Jane and representatives of her employer with the dynamic work credentials app individuals can share their personal information professional skills and health credentials securely and privately anytime anywhere this is crucial to building trust and confidence of individuals businesses and governments and the first step towards reconnecting our society and getting people back to work safely hope you have enjoyed that video of example that we've built for a client and find that to be interesting with that I also want to think of the future and think of what it means for are there any use cases beyond humans one of my personal passion is around you know how can we apply the same set of technology for other areas and it's on things like animals pet health animal health and welfare and I think in the future of SSI I think it can be applied to beyond the human environment where we're looking at things like return to work travel so on but for example one of the patterns I have is on pet health and how to apply SSI for pets and how do we and for livestock also so thinking of when we travel how can we take our pets along and putting in the identity of of let's say a dog went for when they need to cross borders which is very common and especially in in Europe and how do we then replace all of the similar to a vaccine you know they currently have pet passport and in Europe how can we put the pet passport aspects of all of their vaccine credentials whatnot and the beauty is they have a chip so you scan a chip and there's your app that the a pet parent has on their phone and be able to share that information securely so that you can clear customs a lot quicker similarly I think a lot of that from a sustainability angle SSI can really also help think of the carbon footprints that and also you know sort of how each car or each plane can potentially produce each factory and applying SSI to things like cars which there are several initiatives already you know we're working with the likes of Moby to think of building standards for SSI for vehicles and how do you then say right this vehicle has traveled this far this is the emissions that it has released and how do we then encourage car manufacturers factories planes how can that all be applied to play a role in climate change and be able to say right I'm using this much I'm producing this much emissions and therefore by understanding my usage better I can be more responsible in the same way that more accurate data can be tracked and produced if we assign SSI to the particular plane or the factories or so on so that more accurate reporting associated with the entity can be done through tracking of the identity of things the identity of companies as well as things like you know climate change initiatives around you know cars and what the emissions mean so you can have IoT devices in the car that tracks the emissions and tie it back to the vehicle tie it back to the person or the company and so on and be able to see and accurately report and therefore hopefully help to change behavior in contributing to a positive climate change so I think as we move forward in the same way that we look at how SSI can support changes in our identity proofing I think the same thing can be done and in the fight towards the role in climate change initiatives and hopefully be have a positive impact on many other aspects of life whether it be identity of things identity of companies and so on so thank you very much for having me I'll be around for the Q&A later and thank you very much thanks thanks thanks Christine and we couldn't quite get the the distributed Q&A to work I'm going to jump back in to involve her in the follow-up conversation I again for those who joined while we were showing the videos I walked through a little bit of like the fundamental conceptual architecture which is really different about self-sovereign identity a lot of what Christine talked about in the video she showed was the was the why right and again it is really hard in a world where we're so focused on large cloud providers centralized services things like LinkedIn or Indeed or others kind of answering these things for all of us to instead think about technical architectures that are more based on data minimization pushing things to the edge consent oriented architectures and even a little bit of a better answer to this question what does control over data mean right obviously if I share data with you you and I have separate independent controls over it but in a regulatory framework like GDPR now there's some rules that that that can play into the system that actually do confer to me a little bit more control but rather than talking about the big picture I want to just parachute back down this is the open source summit this is I want to just talk about some of the building blocks that came together to put this together the first one to understand actually even before verifiable credentials is something called the DID specifications the dids which have been a part of the W3C but there's been a lot of work done in other groups like the Diff the centralized identity foundation and others to try to formalize and think of it as like the URL for an identity which isn't one identity per person but multiple but many of them contextual and and that like and it's like the fundamental link the fundamental URL in the distributed digital identity ecosystem the next thing that builds on top of that is this thing called verifiable credentials which have been a part of the W3C process for many years now drafts have been published through it and it's on its way to a 1.0 formal standard through W3C you know some some rocky wins notwithstanding and verifiable credentials are basically a way to say this did is attached to this statement of some sort signed by this other party right it's a way to be able to say and drum and maybe there's a more concise way you can think of to describe it but it's a way of saying like what's a diploma a diploma is something that's bound to a person it's a statement that you graduated from this school at this date and this degree right and and it's signed by the school right and you know fake diplomas are out there whatever and but you should be able to look at a paper diploma and know that this is an encapsulation of those three different things that's what verifiable credentials are and they could be used for something as heavyweight as a diploma that could be used as something as lightweight as your ability to board a plane your authorization to board a plane right and a given seat or something like that but this is the atomic unit of of so much of what the rest of the self sovereign id world is built upon the next layer layers up because there are a couple here really been put together by an organization that's part of the linux foundation called the trust over ip foundation how many of you have heard of trust over ip been a part of it great drumming to you you should have raised your hand maybe Daniela too drumming is one of the chief movers and shakers in that community and this is variously called the birthday cake the stack etc these are the four different layers involved in the trust over ip technology stack that are really how we get to from these primitives to use cases like being able to tie issuance of proofs of vaccination status to be able to board a plane drumming would give a much better description of these different layers and i'm trying to compress a bunch of things into some time there's actually a gorgeous white paper written about a year ago but under kind of being updated now that talk about these different layers and if i can try to do it concisely i'll i'll give it a shot the first layer is really what's the what's the underlying utility network that connects the issuers and verifiers of these kinds of credentials and that can be anything from a public blockchain like bitcoin or ethereum although there's reasons strong reasons against using those but a couple reasons for to permission blockchain networks to even a centralized database this is not a blockchain specific system but it turns out these utilities you really want them these as decentralized as you can as fanned out as you can partly for privacy preservation of nothing else the next layer up is encapsulated in a protocol called didcom which is really how do we get these agents and wallets to be able to talk to each other so that when i have a wallet that holds my credentials and i'm showing up to enter a conference like the one here then there's a verifier tool that wants to look at the qr code on that wants to do a bluetooth connection however it wants to verify the integrity of what's been presented that's the role that didcom plays and it can play it in a real world setting it could play it in a virtual setting over over over the network in fact it's somewhat of a messaging protocol and it's peer to peer it's point to point is the most interesting thing so no one else outside of that connection needs to know that this conversation is taking place right an important thing from a data minimization point of view the next level up is around data exchange protocols and i i draw it again i want to get the concise version of this right but think of this as you know if you take a diploma what is the format of the diploma what are the you know what's the schema for it really what are you trying to express in that you know one point of that might be the year that the person had finished their education course right so so these data exchange protocols really govern kind of what are we talking about here that's where we start to get more use case specific about how these might work and then at the top of these are are really what's the governance network around again issuers of that proves the vaccination and verifiers and that might be in a geographically local context or or some other context each of these technical layers have married to them governance layers and we all know that like governance has been a part of open standards and open source software for a long time that's what the lf is kind of a governance as a service organization right but there's others ietf iso i triple e basically any standards body has played a role in governance around a set of technologies well each of these technical layers also speak to a different kind of governance layer correlated to it that that i i really helped make sure that that these are fit for purpose the one thing i'll notice you know the question of the wallet is really interesting will wallets go in the direction of being as general purpose as web browsers where you maybe will have one wallet that holds all sorts of different verifiable credentials from education to health to finance to all these things or will you have use case specific wallets or even service specific is an open question right now almost as if at the beginning of the web we said well we have different web browsers for e-commerce than we will from browsing libraries or something like that so so this is something that the second layer is kind of an unresolved question and someone i think we really need to dive in what we do know is that the anti pattern for that are things like clear or things like your coinbase wallet or things that are extremely specific just to one issuer and i think that's what we all it would be like having a web browser just for a single website and so that's that's what we all want to move on from i this is my last technical slide i and it really tries to put verbs around some of these actors i it really does say it's not just a triangle it's a diamond between these four different parties the holder of these credentials on top the issuer is the verifiers and then the trust registry that connects all of them together i this is a whole lot of work has been done over the last year by actually an amalgamation of many of the different organizations hyperledger linux foundation public health trust over ip id 2020 which has long been in the digital identity in human rights space for a long time working together under the ages of a of a common term called the good health pass collaborative to try to understand can we apply this to proofs of vaccination status that allow us to be globally interoperable and yet at the same time privacy preserving and and still meet all the different differences in opinions out there about how this kind of information should be managed from the european union and a gdpr context to to other countries who perhaps don't have the strong built-in privacy laws or even just not a culture necessarily of privacy so at its root data minimization decentralization consent driven architectures these are all what has driven an architecture that might look a lot more complicated than login with github right but lead us to i think a more just kind of society and that's where a lot of us have been working i'll end with just a little bit of note about what we're doing in hyperledger on this front and then i'll pass it off to you hyper about pass it off to some conversation perhaps hyperledger you might all might not know we are a community of a whole bunch of different projects working together on basically all sorts of blockchain initiatives it turned out that identity was one of the major use cases for this platform partly because of some very thoughtful individuals who brought a series of projects in hyperledger indy which is kind of a ledger platform and then hyperledger aries which is a a project very much focused on the wallet side of making these kinds of systems work and aries is intended to be a library embeddable inside of other people's end user kinds of wallets and to do all the sophisticated verification cryptography things like didcom and others and to be as actually portable across all those and make it easier for people to write both consumer wallets and institutional wallets right businesses are going to be talking to each other about their own credentials and so this is these are the roles that that indian areas have played and they've gotten quite a few deployments out there there's there's some some rather big ones there's one called bonafi which is used to be called member pass this is a collaboration between a set of credit unions in the united states who've come up with a self sovereign id approach for customers of those credit unions to use when they have accounts on multiple those credit unions or somebody is moving from one to another because a credit union might be attached to a geography or to a job somebody has somewhere they switch jobs or they switch careers they bring some of their history with them this allows them in a in a in a individual first kind of way to bring their financial histories with them bring their credit scores bring everything that matters rather than routing this through equifax trans union and what's the third one it's the big three i forget that experience thank you as a as a really really through the individual and their their their wallets to be able to share that with those that they care about it's seven credit unions 20 000 credentials issued so far still very much in early stages but this is this is something that's gotten a lot of people really excited this was built with hyperledger indy and with aries there's another big effort central to the german government who have really jumped into this domain called id union which is a a partnership between 39 different partners building production level infrastructure for verification of identity data in finance manufacturing public sector meaning government functions and healthcare and there were been a couple of pretty major announcements of this recently in fact it was explosively popular in a way that it's timing with the election made for some interesting headlines in the last few weeks but needless to say this is something that a lot of our partners and all of our friends in germany are really excited about seeing adopted more widely including those at high levels of government bringing it back down to earth i in in a very literal way who's familiar with kiva a company that's been involved in the micro kind of pioneered the micro finance domain kiva has been deploying a self sovereign id initiative for the sierra leone government that's intended to just kind of like member pass provide a user-centric credit history kind of system for a country that had no credit history credit bureau kind of infrastructure which meant that lending rates because you couldn't tell whether somebody was a good risk tended to be 30 rather usurious lending rates and so kiva stepped in worked with the sierra leone government with the undp and uncdf on let's let's which is the central and the central banks in sierra leone to implement a system using both hyper ledger fabric which is more of a traditional enterprise blockchain platform and indian aries to give and end user individuals wallets that aren't just about holding some you know financial money but some financial tokens but about proof being able to prove who they are when they want to open a bank account and the like and so this is super exciting and there's some really good friends of ours at kiva and there's not enough time here to tell you about other interesting stuff but just north of us here the government of british columbia has been extremely ambitious in their deployment of this technology not so much for citizens yet although that's certainly on its way and there's some positive word out of on ontario about that from the from the federal government there but at the local level they've been using this for self sovereign id for businesses implementing something they call the org book is kind of a riff on facebook but it's a way for business owners to hold permits and hold the different kinds of when they engage with government you know there's a lot of paperwork involved that it means getting forms from one agency to another different levels of government basically this makes unifying government engagement by businesses pivot around the individual business rather than waiting for governments to integrate their back office systems with a common user id right which is the usual pattern so that's awesome it's built on top of sovereign which is in one of these layer one networks and underneath that the software is hyperledger indy not enough time but maybe we can go into it in q and a to talk about really this other thing we're very excited about and put a lot of effort in through linux foundation public health which has been active for just over a year in both exposure notification but but now increasingly in this proof of vaccination status as a part of that we've been working with health care authorities both in the united states in europe in south korea in singapore and others to talk about the standards for portability between these and bringing into that what we've built with a good health pass collaborative and a directive document that they published which happy to share the link with you into something called the global covid certificate network which if all of our plans and ambitions workout ends up being one of the key ways that at border crossings between countries we get from the california state or washington state issued qr code maybe some of you have or for former states you are into something that that becomes more privacy preserving than just a qr code because you have the cookie problem there and then we're globally recognized and so there's a lot of interesting stuff happening there and probably out of time to explain but i think we have two minutes for any q and a i don't have the app open in front of me so i'm not sure if anyone asking questions online but i see a hand here in the room yes so cci the covid credentials initiative which we brought into lfph in december had been operating since mid march of 2020 on this domain here's how you do use these technologies right and in fact had started to see prototype deployments of this in a couple of different countries but it was really hard to get high level organizations government organizations to pay attention to this they would vacillate between you know folks in the federal government who'd say this is not our problem let's leave it to the states the states going we don't want to touch this leave it to the airlines right or leave it to the you know leave it to the private sector they'll figure it out and then you hit a point we hit a point in march of this year where the vaccines were getting distributed and people like the pandemics over we don't need to worry about this stuff anymore and all the political pushback to the use of you know covid passports you know as a as actually a fairly derogatory term because these things are much more privacy preserving than your average passport is and then and then people started started to realize in the last few months oh no we're going to be dealing with this for five or ten years or longer and now in that window of time between march i'm sorry between december of last year and as of june we published this thing called the good health pass was a june or july the good health pass august right it was it was finally finalized that we had to get ip kind of clearances right but the trust over ip working group on good health pass finally issued the implementation uh it's not the implementation guide the what's the title of the document blueprint thank you the interoperability blueprint and folks have been going off and implementing against that inside of lfph we have two projects one called kardaya the other called uh med creds that are striving to be conforming implementations of that it did drive that whole process did cause a lot of the folks working in the space to realize that there were certain aspects of selective disclosure for example that weren't adequately addressed by the existing standards the ability to say i've got a valid you know credential i'm not going to share my age with you because you can see that i'm over the age of 21 or whatever but i want you to know that i did receive a valid vaccine right that selective disclosure wasn't really enabled when the signature was on the whole package right you know we had to figure out ways to do signatures on each line essentially anyways long story short there's still some hard technical work to do but companies like Accenture and IBM startups and most importantly and this is what we've been working on the right level organizations inside the european union we're trying to get this in we're trying to hide somewhat below the the fray of the political uh minefield the arrows and slings and arrows being shot around but i it's it's all being done in the open so if you want to help let us know and and be happy to tell you show you exactly where to get connected sure other questions all right anything online who um well thank you all for joining i'll call it a day