IIW 38 Proposed Topics

From IIW

Register here for IIW 38: https://iiw38.eventbrite.com

These possible Session Topics have been put forth by individuals who have registered to attend IIW 37

What topics are you planning to present about or lead a discussion about at this IIW?

  • Securing APIs with self-generated DIDs and VCs vs API Tokens
  • SSI without end user wallets; Public verifiable data, from decentralized business networks à la LinkedIn to verifiable websites, imprints, partner logos
  • Digital fiduciaries, Functional privacy, AI and identity
  • SSO, SSI, Passwordless, ZeroTrust, IAM, PAM, OIDC
  • Practical use case of DI
  • Blockchain governance and ecosystems
  • DWN, open badges 3.0
  • Decentralized Protocols require thoughtful decentralized deployment architectures to deliver on the promise of autonomy and stop the accelerating erosion of digital trust.
  • did:webs
  • The work our team has done with reusable identity ecosystems and plans for empowering identity providers to monetize credentials
  • Unique Media Identifier - Trust Spanning Protocol - Authentic GAI - OpenWallet"
  • Media and storytelling about decentralized identity
  • Comparison between verifiable credentials and traditional cryptographic credentials
  • The work our team has done with reusable identity ecosystems and plans for empowering identity providers to monetize credentials
  • KERI/ACDC, Healthcare
  • Federated Identity on the web; IDPro
  • Introductions to Trust Over IP
  • Issuance and verification of verifiable credentials Lightweight web wallets A critical perspective on the EU eIDAS regulation
  • Use of DIDs in software supply chains
  • Verifiable Credentials
  • DIDComm services
  • Identity verification and complexities of identifying individuals globally... and all the tech
  • Maybe an informal discussion on Content Provenance and Authenticity and how we can leverage Trust Algorithms to preserve privacy.
  • KERI as a incremental gains tech for US Healthcare
  • Decentralized Authorization -- when your own authorization decisions depend on access to to resources in other apps/services/systems. ""If you can't read a file, you shouldn't read its backups
  • Policies in Plain English -- converting natural language business goals into operational access control policies and guarding who can join or leave groups
  • CedarCamp -- discuss current extension proposals, trade implementation tips, and find contract work
  • Zed-in-a-Box -- how to improve developer experiences for embedding AuthZ in GUIs and APIs
  • PolicyPedia -- how to use generative AI to document actual business policies and exception processes
  • CSI:AuthZ -- Forensic-grade reconstruction of authorization policy to test and prevent misconfiguration: how can we ""backup"" policies in a usable format?
  • Fediverify -- How can end-user predict where their personal information flows in the Fediverse? How can they recall it?
  • Federated Learning from Private Configs and Logs -- how can operators safely share enough about the authorization policy configurations to still learn useful models of ""what permissions go together"" or the ""best way to spell test/prod/dev to tag assets"" or collaboratively score risks for a ""no-fly list"" of domains?"
  • Life long learning and how a transient/trusted profile is necessary.
  • vLEI & KERI
  • KERI utilization in digital government services; ICAM issues in state government; cooperative procurement
  • SSI Governance Application ToIP Governance Based Application E-Commerce Verifiable Credential Use Case
  • DIDComm services
  • verifiable LEIs
  • Decentralized Verifiable Credentials
  • DIDComm services
  • Zero Trust, vLEI, KERI
  • BBS+ signatures
  • SSO, SSI, Passwordless, ZeroTrust, IAM, PAM, OIDC
  • Update on how Content Authenticity is incorporating SSI technology
  • SSO, SSI, Passwordless, ZeroTrust, IAM, PAM, OIDC
  • KERI ACDC SPAC
  • We would like to present and discuss or 'Unique Media Identifiers' (UMId), which is an official standard setting initiative of ISO, the International Organization for Standardization.
  • transaction tokens
  • Blockchain governance and ecosystems
  • SSI Governance Application ToIP Governance Based Application E-Commerce Verifiable Credential Use Case
  • Practical use case of DI
  • The work our team has done with reusable identity ecosystems and plans for empowering identity providers to monetize credentials
  • Issuer Requirements Guide, Monetizing Digital Trust
  • Personal Information Managment System Adoption
  • Accounts with verified identity and authenticity of content in Fediverse
  • Web-based DID methods, privacy preserving Verifiable Credentials, W3C VCs with parallel signatures, DIDComm, Supply Chain uses cases of VCs/Traceability
  • Standards for personal agency in the age of large language models
  • multistakeholder governance
  • Query languages for credential presentation OpenID Connect
  • Internet Identity Solved Algorithms for the people by the people forming bug-free software point-to-point. Identity comes from your p2p DewDrop home hubs and those of your 1024 friends and neighbors, not gov, not profit corp.
  • Zero trust at the application level, mobile ux authentication experience
  • Decentralized Trust & Reputation
  • Data Markets, Provenance, and KERI based approaches to PKI.
  • DIDComm, governance, DIDs
  • DIDComm
  • Privacy & Mobile Credentials Data Governance"
  • Maybe some discussions on KERI, did:webs, ToIP or related topics.
  • vLEI / KERI
  • I would love to lead a discussion around how blockchain tools can be used to curate crowdsourced authenticated information to help newsrooms and policymakers better understand what’s happening in underreported communities. 
I’m a Journalism Fellow at Stanford & USC’s Starling Lab for Data Integrity and I’m currently working to build out a case study around provenance tools with the lab.
  • Leading up to the 2024 elections, my team is seeking to bring our provenance-based grassroots reporting training to key cities across America to help more citizens get involved in using provenance-based tools to help report on underrepresented issues that need more coverage. Before doing so, we at the Vngle Grassroots News Agency want to critique our process with the experts at IIW as we further expand how we source verified information from trained citizens and help newsrooms combat misinformation before the November elections.
  • Web5, DID DHT, DWN
  • ZK Proofs, privacy preserving credentials
  • SecDataOps Intersection of Data & Security Adaptation & Evolution
  • Self sovereign Identity
  • Holder privacy and interoperability in the SSI space
  • A specified cryptographic identity ecology (DID and VC methods) that excludes super intelligent human imitating bots while still allowing persistent pseudonymity and presentation of de-correlated identities.
  • The structure of Taiwan Digital Identity Wallet
  • Decentralized Identity, Digital Identity, Verifiable Credential for Business License /Certificate
  • Governance
  • Verifiable Credentials and the three party model.
  • Wallet fraud prevention
  • I'd like to propose a basic "Vocabulary 101" session at the beginning so everyone's eyes don't glaze over when the acronyms come out.
  • Adoption of reusable identity


What are you hoping to learn about or hear a presentation about at IIW?

  • Internationalization of SSI
  • Portable identity
  • New Protocols, Networking
  • Latest standard/protocol developments, particularly the impact of the European requirements
  • New initiatives, protocols, architectures, etc.
  • Latest in VC, protocols, adoption, VC-EDU, KERI
  • Updates of various decentralized identity standards and implementor updates, ecosystem building
  • product use cases
  • Work others are doing, real world case studies
  • Everything identifiers and metadata.
  • AI and decentralized identity
  • ISO/IEC 18013-7
  • Work others are doing, real world case studies
  • KERI, trust registries
  • SD-JWT
  • Digital Wallets
  • eIDAS, Trust Registries, Adoption, and anything new people are talking about.
  • Progress globally on verifiable credentials
  • Real world applications of SSI, Interoperability with legacy systems
  • Latest on authorisation and decentralised ID
  • I am very much looking forward to learning more about emerging identity tech, engaging in conversation about regulations, tech, and protecting identity.
  • Evolution of user identity
  • Self Sovereign Identity. OAuth/OIDC standards.
  • C2PA, KERI, OIDC VC
  • Advancements in everything from DID:Web to biometrics/zero-knowledge proofs.
  • More about self sovereign identity, passkeys, mobile auth and latest trends in the IAM industry. Really keen to meet some of the people who work on the OAuth2 and OIDC specs.
  • AuthZEN, formal trust management, making IAM easier to use for end-users, unifying human and machine identity, new ways to visualize or chat with identity data
  • Holder binding Wallet verification Issuer verification Latest tech stack updates Interoperability (focus on trust)
  • The cutting edge in identity methods, and hopefully get to hear from Dr. Sam Smith and his KERI invention.
  • vLEI, KERI, did:webs, Open Wallet Foundation
  • Everything! As the agenda is open, so am I.
  • Use Cases and challenges of Decentralized Identity Adoption
  • DID standards, current pain points, native applications / wallets
  • Zero Trust, vLEI, KERI, ACDCs
  • European Digital Identity Wallet
  • New Protocols, Networking
  • Learn about latest developments in SSI, KERI, ToIP stakc, etc.
  • New Protocols, Networking
  • We expect to receive feedback and input on the technical specs of UMId (syntax), as well as governance models and verification protocols.
  • authorization and access management in enterprises
  • what's going on
  • New initiatives, protocols, architectures, etc.
  • Use Cases and challenges of Decentralized Identity Adoption
  • Latest standard/protocol developments, particularly the impact of the European requirements
  • Portable identity
  • Work others are doing, real world case studies
  • Governance
  • Trust Spanning Protocol, Verifiable Identifiers (VIDs), KERI, ACDC, PKI, X.509, wallets
  • Personal Information Managment System Adoption, Business Models, Go To Market Strategies
  • Newest trend in identity
  • Validating my understanding of relevant decentralized identity protocols and credential types
  • OIDC4VC, Trust-spanning Protocol, status of LEIs, MSFT Entra - traction thereof, vc issuing platforms in general
  • W3C VCs with parallel signatures, Web-based DID methods, Traceability based on VCs, Digital Trust and AI, ISO mDL, OpenID4VCs
  • Personal agency
  • ecosystem incentives
  • How can a viable identity wallet ecosystem come into being?
  • Authorization
  • Bizdev
  • Near anything, I can't wait to hear what the space is brewing.
  • I’d like to see what else is going on in the identity space to figure out solutions that can help keep people safe while making life easier for everyone
  • AI Bullshit & Hype
  • Everything that's non-KERI related.
  • vLEI / KERI
  • How decentralized tools are being used to create provenance and verify information. I want to learn about other organizations leveraging identity to help combat misinformation in 2024."
  • Collaboration opportunities in schema standards and other areas
  • I'm interested in privacy and security issues in decentralized identifiers, the interoperability and digital wallet architecture.
  • Digital Identity Verifiable Credentials Secure & Private communication channels How verifiable credentials could disrupt traditional, centralized trust stores/business models"
  • OAuth/OpenID as used in portability use cases Trust registries for iDPs and similar"
  • Self sovereign Identity
  • How we can work on ""on demand"" problems, since not every problem requires a solution right now.
  • Also discussing about real impacts and benefits and not ""we do it because we can"""
  • Others working to combat the coming horrors of AI, and implement AI minimizing solutions that leverage human knowledge directly not sloppy statistical methods.
  • How to deal with traditional identity system (e.g. ISO-29115) with SSI.
  • The latest progress of VC, SD-JWT VC, SIOP V2."
  • W3C: DIDs, VCs and VDR
  • Verifiable Credentials, client application attestation,
  • Passkeys rollout, workload identity
  • TBH, I'm looking for a job.
  • Blockchain and Interop, for VC, VP
  • Emerging standards and schemes for digital IDs
  • wallet2browser integration


What are the critical questions about user-centric identity and data you hope to discuss with peers at IIW?

  • What does it take to make SSI usable for end users?
  • Should the browser be the wallet? Or, is the browser key to connecting wallets to websites (something like Metamask's inject web3 for SSI: inject ssi)? Or, is the current QR code based flow sufficient/acceptable?
  • Creation of ids
  • Digital fiduciaries
  • Why can't OSINT be used to enrich realtime physical security access?
  • Market Adoption
  • Are we all turning European?
  • The balance between self-sovereign identity and privacy, etc.
  • Micro credentials for life long learning
  • Overstandardization, privacy/confidentiality, faults in DID methods and protocol implementation architectures
  • production needs
  • Trust Spanning Protocol - Authentic GAI - OpenWallet"
  • How to use two-factor authentication to prove control over a DID
  • How to use a mobile device carrying verifiable credentials or traditional cryptographic credentials as a roaming authenticator for web apps accessed from a laptop"
  • How can user-centric identity be merged with "traditional" identity systems?
  • The right balance between the current strong European focus on hardware security and the need for usability and phishing resistance
  • Deployment issues, privacy, business models
  • What can we do to improve the identity _recovery_ process (such as credential reset), and what lead time between authorization granting/revoking is acceptable in today's world?
  • Ability to maintain identity provenance, protect from potential identity fraud. And every thing else identity.
  • Concept of user identity, how AI is changing the identity landscape
  • Integration of self-sovereign ID and existing standards, to the extent that it is possible. Ways to lower the cost and effort of adoption
  • How to reconcile Content Provenance with Privacy.
  • How do you marry policy and technology together for success?
  • What is the future of passkeys at scale? What is the future of SSI?
  • Niche question but how can we solve authenticated webviews in mobile in OIDC?"
  • How to make the ""shared responsibility model"" of Cloud security work for customers, rather than as a way to disclaim liability and point fingers at customer misconfiguration
  • How can portable personal identity make innovation easier for startups *and* better for society
  • Where is the user in all the business-driven approaches that mainly focus on monetizing SSI?
  • scalability of approaches
  • Addressing interconnection issues concerning legacy systems; government adoption of open source protocols and applications for ICAM
  • How do nonprofit / public interest projects manage fundraising without becoming beholden to rent-seeking shareholders?
  • What is the best strategy for technologies like VC to fly? What is VC anyway?
  • Market Adoption
  • How centralized or decentralized should our approach be to insulate it against potential misuse by bad actors? Which existing building blocks can be integrated and how?
  • Trust Spanning Protocol - Authentic GAI - OpenWallet"
  • How can user-centric identity be merged with "traditional" identity systems?
  • Integration of self-sovereign ID and existing standards, to the extent that it is possible. Ways to lower the cost and effort of adoption
  • The balance between self-sovereign identity and privacy, etc.
  • Why can't OSINT be used to enrich realtime physical security access?
  • Jurisdictional differences, multi-protocol and -format tech stacks
  • Enabling privacy preserving VCs and unlinkability, Digital Trust and AI, Government use cases.
  • The importance of delegation and delegated authorization and how OAuth is inadequate for today's tech and human rights issues.
  • how do we get to a shared problem definition for cooperative work?
  • How can a viable identity wallet ecosystem come into being?
  • What are computers good for?
  • how to be open and interoperable yet keep out bad actors
  • How are we seeing and stewarding the incoming wave of users into key management positions?
  • As we work towards the future, how do we keep children and everyone else safe from the dangers of the internet, while still allowing them access to the data they need?
  • Governments seem to be moving fast on policies but the technology seems to be lagging at the moment. Will this hurt or help privacy and related SSI matters.
  • Thank you for asking :)

- How should we invite and engage more of the general public in the process of using public ledger identity-securing tools? - How to overcome public social stigmas around web3, to bolster the presence of blockchain-powered identity? (move beyond the general public's impressions of seeing blockchain as a tech just for digital assets. - How can we make it simple and easy to get more Americans to leverage identity-securing technology to help take part in confronting the growth of misinformation due to the rise in generative AI online? "

  • What user-centric data portability problems are actively being worked on.- where is progress being made.
  • How will SSI be integrated into our every day products and lives
  • How to Interesse the user privacy and to prevent the relying party to request to much information about us that could be used to manipulate us
  • how do we make sure user identities are unique and human attestation based but still usefully fractured.
  • How to make the balance of certificate authority and DIDs/VC system.
  • User on-boarding, ID proofing, Biometric Binding to create DID for users and credentials.
  • Specifications and challenges for the use of the three party model and verifiable credentials.
  • Fraud prevention
  • How we will create trusted, user-controlled identities that are accepted in the real world