Good evening from Helsinki!

Good morning everyone, from Hong Kong.

Hello, I am Catherine Millett from ETS in Princeton, NJ in the USA. Excited to be at my first Trust Over IP Foundation event.

Good evening from Switzerland!

Good morning from Montreal, Canada!

Good evening from Brazil.

And good afternoon from London :-)

Hello I am Deniz Günseli from Ecospend-London

Hello from San Jose CA.

good evening from Finland Inari village

Good morning from Singapore (Its 16th Dec here :) )

Welcome to everyone and thank you for taking the time to join us today.

Good Morning all from Chennai India

Hello from Metro Washington, DC

Hello, I am Jegan Selvaraj from Chennai, India. Great to be at Trust Over IP Foundation event.

Please don’t hesitate to float a question through the Q&A function. Our panelists will try to answer as many as possible, which will be posted to all.

Why do we need the service domains. Isn't it just the holders keeping all credentials together in their wallet be it identity or health credentials?

I apologize in advance, but I am going to enter a “chat” message that is admittedly too long for this medium, but which summarizes a question/issue that can or should be addressed at some point. I will post the message as a series of 4 chat messages.

1) The OMG Blockchain Platform Special Interest Group (PSIG) has issued and RFI that "aims to gain a better understanding of the self-sovereign identity space. In particular, the Blockchain PSIG is exploring the potential for standards setting in the area of contextually constrained or ‘disposable’ self-sovereign identity arrangements, building on top of existing W3C standards for self-sovereign identity [DID] and verifiable credentials [VC]."

2) "A potential new development in this area is the notion of SSIDs that exist and are used within a specific limited time frame, known as ‘disposable’ SSIDs. Since that time frame would generally be the duration of some specific usage context, these can also be thought of as contextual. The term ‘ephemeral’ is also sometimes used for these, since the significant feature is not that they must necessarily expire at a specific time, but that they are expected to be short lived, being limited to their specific usage context, for example some specific part of a journey."

3) I don't particularly like the term "disposable" (it sounds like a "burner phone"), and I think the degree of persistence of a VC -- and how a VC is "retired" (canceled, expired, revoked) – is critical to both the actual trust in a VC as well as the details of what is required to support VC infrastructure operationally. An LEI is globally persistent; a single ticket to an event is valid one time and can only be used once.

4) If VCs are to be trusted for identity, then perhaps they should not be conflated with being directly created with "ephemeral" lifetimes, but, rather, a separate class of object that has contextual constraints should reference a VC.

Who owns the data Chris? Where is the data stored? A traditional data base or through a cloud service provider?

VCs would have certainly been useful to help avoid the scandal of certain parents’ hiring others to take College Board tests in place of their children, would it not ?

What is the purpose of government as an intermediary such as NSC when in the digital model Student and academic institution and/or Employer can interact peer-to-peer?

@Jefferson Braswell: If you can pay the test taker to cheat, you might also be able to buy the VC from them. This very question opens another line of thought in which VCs may need additional authentication mechanisms for some circumstances. This in turn leads to another question of where the line belongs for things like biometrics embedded in VCs. These are difficult problems for which solutions spawn new difficult problems.

@Chris: true enough !

Congratulations to GLEIF for this very significant initiative !

How do vLEI enable legal backing of contract signed using it?

@Chris - the VC may contain biometric information that can bind the presenter to the Holder/Subject (to a specified AAL)

@Peter: question re issuing in digital form: how does that enable (or, how can you prevent) the document to itself be captured and used fraudulently ?

@Karla: Does it also work the same way for cross border agreements?

@Daniel Bachenheimer - Yes - VCs can hold any data. But how do you prevent biometrics being insisted upon improperly by verifiers who don’t need it? Users already suffer from an inverted power structure with respect to digital identity and while the incorporation of biometrics will be necessary, who stands between the user and the verifier who insists upon it needlessly? I think we need to do AAL levels at the edge device and rely on verification vice authentication except in cases where the edge device cannot meet the acceptable risk levels of the verifier. However we need to have some public regulation / guidance for when it is appropriate for a verifier to ask for additional authentication. Looking to NIST to revise 800-63 to recognize this problem.

To all - please consider posting any of your open/unanswered questions in the QA so that panelists can see them as “open.”

excellent (encryption is the key) thanks !

Peter, thank you for the great image of empowering Canadians.

Apologies for posting answer to prior question here in chat. @Steven McCown posted: Will the Lumedic platform require a “Lumedic App” or will users be able to receive & assert the relevant Verifiable Credentials via a standards-compliant app?” Ideally, we will create reciprocity agreements with other layer 4 ecosystem partners to facilitate true interoperability. This is the intent of The Exchange. If you are aware of another Layer 4 ecosystem, please send me contacts and we will get to work!

Exciting work to make VCs work with paper QR codes and on smart cards that are very low cost. This technology has to work for everyone.

@Chris - Verifiers (Service Providers) who ask Holders/Subjects to selectively disclose non-proportional data may loose business , reputation, etc

We wrote an article on “Verify the Verifier – Anti-coercion by Design” together with TNO’s Oskar van Deventerhttps://bloqzone.com/who-wants-to-know/

I highly recommend that article

Thanks, Drummond!

Excellent Panel! Thanks - Linda Van Horn @iShareMedical

Great topics

Thank you! Excellent presentations and exchanges!

Great sharing. Thank you to all the panelist

Thank you for this great session. Learned a lot and enjoyed the learning.

@Daniel - I’d like to ensure that. :)

thank you - see you tonight!

thanks, great session!

thank you