Fax Self Countersign with airSlate SignNow

Send countersign self

you welcome to SSI Meetup today we have our second webinar with Drummond Ruiz and we had a first one also with agreement where we gave us a general overview behind the story of the exercised standards which which are the IDS you came as did off and five five verifiable credentials and today we will go deep dive into D IDs and with Drummond and in the next slide I will share briefly and what the ideas are behind what we're doing here basically as I meet up is an initiative to empower global SSI communities SSI community's needs companies people organizations whoever's interested in pushing us around the world and want to do this in an open way and sharing with everyone and to chief sharing with everyone a lot of content and the republishing here is creative commons share-alike license which is using number four which is the latest one you have a link here that you can check out about what that means that ensure that basically means that we're making these PowerPoint presentations in Google sign form available to you so that you can read down about them and use them especially say hey I want to set up my own acai meet up wherever you are in the world or just share the knowledge so we make it as possible the only thing you have to do is to please credit back and be great of the present presentation which today is from it and also as I meet up and then you can just keep on moving and and and and use this material to create your own local SSI communities so the Drummond Tagore game going from here we'll be presenting the IDs we have 18 people right now and please join in I'll be managing the chat and so if you have any questions you can interrupt any time and please don't hesitate and so last time we kept it small this time and in the future what we're trying to do is to make this as dynamic as possible so I will try to pick up your questions and so that care so that drum can answer demand Drummond will cover what the ID means was coming from and also what the structures how the structures work and where this standard has developed and why does this relevant to the whole surface of an identity system so I'm coming from here I think the next slides will be presenting yourself so I don't have to you can explain more all right thank you very much Alex it's great to be here again and talking about a topic that I am extremely passionate about and so again for folks that didn't see the first webinar I have been living the world of internet identity for the last 20 years been at all 26 the instances of the internet identity workshop and a good 15 years in these various internet standards organizations and I wear a whole bunch of different hats and and you can you can see them here primarily achieve trust officer Devon M and then a trustee of the sovereign foundation where I share the trust working group and all of sovereign what we're doing is building on these open standards building a global public utility for self sum and identity and you can see some of the other some of the standards ironically what's not listed here is the most relevant thing today I am the co-editor of the di D specification at the w3c credentials community group which I'll talk about here in this slide presentation so so let's let's dive right into it now for folks who saw the first webinar I'm going to repeat just a couple slides at the opening because I want to provide the overall context for understanding D IDs because it really you know they are as I said in the outset the foundational building block of decentralized identity and so I want to quickly explain why so here the the standard model for for that we started with before you know at the outside of the internet this was how you had identity you were not really you didn't have your own identity you only had accounts at different organizations but even just to do that with a separate user name and password ever every word have it be secure we had to have standards for how we're going to do encrypted communications verifiable communications on the internet and that of course is a knocking your browser SSL and TLS but the hassle of trying to manage all those accounts as you you know starting to develop all these relationships over the Internet led to the the need for a more efficient model and that was what we call third party or IDP federated identity and there you solved the problem by putting a service provider in the middle now you haven't encountered with that service provider and they Confederate your identity out to many different organizations this of course and the we know this on the web as social login using Google or Facebook or Twitter or LinkedIn and and that's that's very broad is used by many companies and organizations and interesting enough it actually has developed three whole generations of standards to support federated identity over the last fifteen to twenty years that this has been evolving and so despite all the the advantages of being able to use this intermediate service provider and and simplifying it for users there's still a lot of challenges it's a different it inserts somewhat an intermediary into into your relationships it limits what is available in terms of the information that we shared and what's supported by that IDP and and and the biggest challenges no one Federation even Google or Facebook covers everyone that you actually need to federate with so we've evolved into and the whole reason we're here at SSI meetup is the self sovereign identity model and the third major wave and that's distinguished because now we're back to a peer-to-peer model but you as an individual or an organization or even a connected thing you have an identity a full you know you're a full peer with every other appear on the internet you have your own independent self sovereign identity and that's instantiated what makes it real because it is it's it's it's enabled by blockchain but what makes it real is you Oh forgot to mention you in when you have this relationship you don't just have an account with every peer that you that you share this identity with you have a connection and you'll see this come up over and over again some sort of an identity is about the identity you have in the context of every connection you have whether it's with another person or an organization or an app or a connected device they're all connections now what's at the end of those connections it's a digital wallet that's where your keys are stored that's where your credentials are stored that's where over time your tokens will be stored and what makes that digital wallet work is some of the credentials in there you will issue yourself but many of them that actually prove your identity are going to be coming from one of those peers that's called the issuer of the credential many classic credentials we carry in our wallets today that's they're going to come from you know the same the same folks from the passport office when the driver's license authority from your employer from you know your loyalty card from your coffee company and when you need then to go and prove your identity you form a connection with another peer we'll talk about that process here with the IDS and then you share a credential with them for them to verify and and they verify it by virtue of a the signature on the credential will verify the public key using a D ID down on the ledger so that is the first and most fundamental standard of what enables self sovereign identity is these decentralize identifiers and and did documents that are on the ledger that's what the webinars about today now just to make sure the whole picture is clear the second major standard is called DKMS for interoperable key management in those wallets so that your wallet is not locked into one vendor and you can actually use different wallets on different devices and all have them interoperate the third key standard is called did off that's how you actually authenticate over a connection i did ii did connection and then of course verifiable credentials for how you're going to interrupt probably have credentials that work across multiple wallets so as we covered last week these four emerging standards I'll just put them up here these are the different places that the this this work is going on or headed to and the the two that are most advanced in this are actually the the top and the bottom verifiable credentials is a full working group at WCA it's already in the stage of being prepared to become an official w3c standard probably within the next year decentralized identifiers at the bottom here that we're going to be talking about today is actually in what's called a credentials community group at WC a community group is the stage before a working group that's where you incubate a standard and get it up to the point where you can make the case to the w3c and the members hey you should approve a full working group so that we can complete this as an official w3c standard so we are I'll talk about that more at the very end we're very close to that to the end of that incubation process and in the process now preparing for the formal working group so happy to answer questions about that standardization process but first let's dive in and get down to the nitty gritties and this one is going to get more technical than the last one because I'm gonna I'm gonna repeat my introduction to DD IDs but then we're gonna dive down beyond that now a quick way to that I find to illustrate for people just how different D IDs are is to show what in the United States is the canonical identifier that we carry today here in the US it's a social security number and I'm putting this up on the screen and no that's not mine the irony is that social security numbers from the Wikipedia article on social security numbers it's been used by over 40,000 people because it was printed on a little insert in a wallet that was sold back in the 1930s by Roche company and it was the social security number of the boss's secretary and he just wanted to put something in there that would show what you could do with this little Clear Panel on the wallet and so people would buy this wallet had this little half size social security card in it just so I'm just gonna use that as my social security number the point being there's no way to prove in the United States that a social security number is yours and the little cards they hand out are so trivial to to copy that it's just it's it's nearly impossible now if you contrast that with what the IRS the Internal Revenue Service in the US has told us they want to switch to for filing of tax returns it's something would look like that that is a di D a decentralized identifier and yes it's longer and it's not very human memorable but you can prove that you own and control that and that's because it is the address of a public key on the ledger and you have the private key so you can use the idea that we'll talk about again at another webinar in this series to prove that you actually control it and you can do that for as long as you know as you're alive that this is your identifier now you can just look at this slide and immediately recognize none of these numbers are human member human memorable no one is going to you know the sort of you know without an eidetic memory is going to be able to to keep this in mind so what you're going to use to to both generate and then control these D IDs is the same thing we used in most cases to control our address books today I personally have probably over a thousand contacts and I only know the phone numbers for a handful of them these days I use one of these devices and I'm going to continue to for self sovereign identity now the other thing that is very different about D IDs is in the US a social security number your by law you can have only one it's illegal to have more than one but with the IDS you will not have just one you are in fact to have thousands of them and that's because at least in the sovereign ecosystem the the default for individuals would be paralyzed pseudonymous D IDs and we time we form a relationship you will share a different D ID and the other party will with you and you'll have pairwise we call them pair and Y's synonymous di DS and the keys behind them so those keys are only used those cryptographic key pairs only use with one other person or organisation which means every di D is not just an identifier it gives you an a lifetime encrypted private channel with that other party that person or organisation or thing that you've shared it with all of us will have the capability to have private encrypted channels and over those channels we can now prove higher levels of trust using verifiable digital credentials another one of the key standards here that we'll touch on just at the end of this webinar huh and then the the best part about all this there is no central registration authority you registered the IDS directly on either a public or private blockchain or distributed network whatever but there's no intermediary this is why they're truly self sovereign you own and control them so to summarize this if you are an identifier walk like me what stands out is that the idea is for things right it's a permanent also called persistent identifier that never needs to change okay you you sign it and it can last not just for your lifetime but forever it's a resolvable identifier meaning you can actually go look it up on the target blockchain or system to get the metadata that will talk about the dead document and that's where you're going to find the associated public key thirdly it's cryptographically verifiable that you own and control it as I was just explaining using that public private key cryptography and lastly it's decentralized you don't need any centralized registration authority the reason there's so much excitement about D IDs and that this working group is now forming among you know the the the biggest of the w3c members is there's never been an identifier in history that does all four of those things and driving just two questions here that are coming up I don't know if it's the right time for them but maybe you can you can comment there's one question from Beshear he said could you please quickly explain how to have pairwise fits in the connections step it's one question and the other question is um Jordan are you saying that every D ID will be will have its own private key that needs to be managed these are the questions that have been coming in so far so the second one is easy to answer yes every day ID does have its own private key that needs to be managed so key management is really critical that's why it was the second of the standards I talked about at the opening now on the first one I want to explain pairwise the IDS but I think I should wait until a little bit later in the presentation I wanna I want to go ahead and lay the groundwork and then let's get back to that question and because pair-wise is is an extremely important property of how di DS can be deployed but I think once we have a little bit more of the exposition out it will be easier to answer that Alex awesome okay all right so and Alex I'm not seeing the question so just let me know when you know when they whenever you have a question just interrupt me okay will do alright that's good okay so we get back here so let's dive now down into some of the specifics of D IDs and again feel free to ask as technical question is you want about any of what I'm going to cover here so first the the overall format that we arrived at for di DS was based on the the pattern established by this RFC which is 20 years old this year it's you rn's uniform resource names are the standard for persistent identifiers than the internet meaning identifiers that are signed and never changed and if you think about it your phone number your email address or a domain name none of those are persistent identifiers you can if you stop using your phone number it's gonna get reassigned to someone else same thing with an email address or a domain name if you if you stop registering it someone else can register it a personal identifier is assigned once and never reassigned so it always stands for whoever whatever whomever or whatever it was it was designed for D IDs need to have that same property so you can always rely on it's never gonna be reused for someone else so we took the same three part form and that's what we adopted for D IDs and the reason we did that is that second part the method identifier allows D IDs what we call D ID methods to be designed to work with different block chains so that you can have the IDs for Bitcoin and etherium and sovereign and various one and we'll cover the whole list in a minute now each of those has what's called a D ID method spec and the first thing the method spec says is for that particular method in this case it's sovereign and you're looking at twenty two characters here it says here is how the D ID will be generated and all the methods the six of them I'm about to show you do it differently today as it happens sovereign is one that does it specifically the the it's generated at the edge in sovereign your D ID is a base 56 encoding of the first half the first 128 bits of an e d two five five one nine verification key so sovereign uses elliptic curve kryptonite family and so when you generate a key pair takes the first 128 bits of your verification key your public key and encodes it and that's the 22 characters that become your D ID now when you go to register that if you choose to register on public blockchain it will also check and make sure that that is is unique but in the generation process that's as long as a UUID and so they should you know the chances of collision are very small now that again that is how sovereign does it I want to now talk about the ID method specs and I can mention how the other the some of the others do it so a method specification is says okay for a specific B ID method how do you read and write that D ID on that blockchain or distributed in network because they're all different and these are the six D IDs that are actively DoD methods are actively in development today now I've already we've already additional ones are being registered with the w3c credentials community group so if if you're working on a D ID method and it's not listed here just let us know or ping me and we'll be updating this list the authority authoritative registry for for these different methods and it's not it's not there is no centralized place but the w3c credentials community group is keeping track as different open-source projects or organizations saying yes we're developing a DND method now quickly the Bitcoin you port and block stack methods I can speak for all of them they actually generate the the D IDs by by virtue of the address on on the various Ledger's so in order to to know what the D ID that is there you actually have to do it the cryptographic operation of registering on the ledger and then the address that you register will actually then turn into your D ID um and I don't I'd note with ipfs it's actually of course content hash and burst one I actually don't know the the answer to that right now I think it's also address based on the ledger but in any case these are the different aspects and so in each case in addition how you generate the D ID they they cover the crud operations how you're going to create read update and you don't delete but actually revoke a D ID document and that leads us into the idea what's yeah what's in a method spec is how you're going to do these operations on a good document so that takes us into what's a good document so if you think of all what di DS enable it's it's it's to allow all of the blockchain or decentralized network space to be considered a giant key value store in which the key is the D ID and the that's a location key and the value you're going to get back when you look it up is the did document now this is a json-ld document jason link data which is a standard JSON that has some additional rules for a cooperating link data so that it's globally understandable what's inside of it and if you're not if you have nothing to jason LD I highly recommend the jason LD playground to go check it out and the the point is it's a very simple document format and what it's intended to convey to you is actually primarily the first four of the six things that I have listed here and so the D ID itself is always part of the D ID documents so that if you find at the idea document you've got it stored in a database or a file system or program someplace you can actually say what D ID is this and you can quickly go verify that that is in fact still the current and an accurate document for that D ID so I'm just one more one more question maybe and I am this Jason he's asking how would these D ID methods method specs change the way people use Bitcoin aetherium etc don't don't they already have public keys wallet addresses thanks that's a great question and the answer is it won't change what you do currently with those Ledger's in terms of of what they're natively designed to do what it does is it makes those Ledger's capable of now supporting self sovereign identity meaning as long as you can register use them now to start registering kids same Ledger's are actually supporting this the lookup of did documents which will make those public keys now available to use for other things in a standard way now by contrast there are new Ledger's that are designed just to do this meaning their only purpose itself sovereign identity the sovereign sov Rin ledger is one of those Varys 1vr ESO NE is another that's all they do is you know is did documents and support for other self sovereign identity primitives so to existing Ledger's it just adds new functionality and some of that functionality may eventually be used to actually enhance how those Ledger's operate I know that the U port team is deep into looking at how di DS can be used to help with management of theorem wallets and and and and you know incorporate it into smart contracts so you can have smart ways of referencing you know the the owner of the contract different parties to a contract so it just adds richness to what you can do today with aetherium so that's that's a short answer there I can I can go into longer one later if any other questions Alex right now it's not a ton me okay and we'll just keep doing this just just let me know when one comes up so again it after the D idea itself probably the most important thing you're doing with the document is that's how you're discovering the Associated public key fundamentally with with dids and did documents di D infrastructure we are decentralizing PKI public key infrastructure making it possible to discover and verify the public key for any D ID on any blockchain anywhere and in addition the public key discovery what you're also able discovers how can I go authenticate right now in real time against that the idea if I've got if I'm a website and someone is saying here's my D ID right it's like it's like someone showing up saying oh here's my username well the only thing the website can do if it's if there's an account it's okay well give me your password and I'll check my own database well with a D ID anyone can show up and go here's my D ID the website doesn't have to keep any password or any internal database at all instead it can just go alright I can look up your public key sign this challenge and I'll believe that that's actually you that you control that that D ID and and that signing of that challenge in returning that is ditte off and again you can now seed it off completely decentralized there's no intermediary there's no need for the Federation server in the middle and it will work every place that's why we're excited about it the third thing you need are potentially if you want to actually interact with that the entity represented by that D ID it's called the D ID subject then how do you do that and this is where the did document can list service endpoints and the services the the standard services that added document will point to depend again on who is using it for what in sovereign we call that standard service and agent you're going to interact with a sovereign identity agent and everyone in sorry you know persons organisations connected things all have these identity agents they are not on the ledger they're off ledger and therefore they don't you know it's much more scalable architecture and having everything go through the ledger at the DI FD centralized at any foundation there's an architecture called hubs and you have an identity hub and it's it's a more database centric way of looking at how you would interact but any type of service endpoint can be listed in a document any type of service you want to associate with the D ID it's totally extensible ty says the signatures are just there for integrity now I wanted it quickly for the more technical folks on the call show you quickly here in two slides so just what does this look like well this is about as simple and straightforward as you can get in in JSON assist this is a dead document that actually so here's the the context is is a standard json-ld piece the ID here this element is the ID that this document describes there's exactly one public key it happens to be an RSA key signing key here there's one authentication method and there's one service you know very generic service type in here on the next slide we just show and you could have the the all of these by the way created updated and signature optional I'll point out for the more technical folks on this the you don't actually have to store a this JSON document on the Associated ledger obviously I'd be difficult that's something like Bitcoin you can you can you can store a pointer to the document on the ledger you can dynamically produce the document from attributes stored on the ledger there are many different ways to do it and all the different methods use different ways to do it so so that's a brief tour of did documents I always it's important for developers listening to this it did is a URI technically a URL meaning it is a standard identifier that follows the RFC 3986 meaning it also can support a path a query or a fragment and in combination and they're very specific rules if you have a path than you are basically using the D ID to route access to some resource that's not in the D ID document if there's no path than a query or fragment is addressing things in the document itself so all this is in the is is covered in the D ID spec and that's that's sort of the the guts of D ID so I'll stop right there and see if there any other questions about the guts of dids and did docs before i go into how you use them and other questions in this moment all right excellent and in this next section I will get into back to that question about pairwise D IDs so I just want to clarify now that we we've sort of talked about the guts the dudes and did documents and did methods this is only everything we're talking about is the very bottom of what I call the decentralize identity stack and let's take a look at this stack so so that can be clear so we've got this did layer and again I don't I don't I'm not calling out specific anyone ledger did method all of them together form the did layer now above that in the full in the in the complete picture and this is the picture we use for DKMS the decentralized key management system design and architecture that been part of the team that's been developing over the last 18 months we show to layers of agents agents being a generic term for the piece of software that you're going to interact with to to assert an identity or to exchange verifiable credentials and we show both of those paired with wallets now I want to clarify different architectures and different instantiations use subsets of this some only use cloud agents some only use edge agents some use combinations in between and we also so you you will definitely have peer to peer connectivity at the cloud agent layer that's what it's for this is this is like two email servers talking to each other because they're both available 24 by 7 in the cloud we show a dotted line here between edge agents that would actually be able to communicate at the edge there are very good use cases for that but it's not necessarily something that every edge agent will support if you look at this this overall you know stack and you and you you can actually see it's very much like if you said browser web server web server browser or email client email server email server email client you'll see that you know it's the same basic configuration now where the DIDS come in in this whole thing is whenever let's just take an example of one edge agent wants to form a connection with these two let's say these are just two people and one agent wants to form a connection with the other one well in order to do that you need to discover you know if you have some pointer to the did document whether it's the did itself or something that recognizes it now you can this edge agent can ask it's either do it directly or assets cloud agent look that up on the ledger find out the public key and the service endpoint and now this say this agent can compose and send an encrypted message to the cloud agent which has the endpoint which can then of course if it's if it's there push it to the edge agent and you've got a way to to introduce and do an introduction protocol um that message is encrypted all the way the edge and this agent can turn around and it's gotta from the ID it can turn around look up the deed document get the public key and send an encrypted message back and if the two parties have agreed they can actually form a connection now to initiate that whole process you either need a public D ID that's easily discoverable or you need some form of an introduction service that will get this started without the public D ID what you what you can do as long as you've got a way to kick started is when the connection forms this agent can generate a D ID just for this relationship just for this one connection here and that will be paralyzed synonymous when this second party if they decide yes I want that relationship they can do the same thing and generate their pairwise D ID and return it to the other agent and now you've got pairwise synonymous D IDs each of which has pairwise synonymous keys a key pair that's just used for that relationship and lastly if you want to fully keep it synonymous these two endpoints are also paralyzed anonymous meaning it won't look like the same cloud agent endpoint to anyone else in the world yeah go ahead just havin fun Bush here on this and he's saying Kenan edge edge agent make a restful call to the cloud agent and he says example website makes us all to server which is a cloud agent so yes you're gonna absolutely implement a cloud agent as you know with a restful api and and in fact there that's that that is being done it's it's definitely one way to do that you can also in so I would say that is the difficulties hubs in the sovereign approach there is a agent to agent protocol that that that it's an agent agent messaging protocol that works actually at all for all of these legs so one is more messaging based one is more database but both can work absolutely any other questions in the queue out yeah I have one more from a tool well she is saying thank you for the perfect and so but I told us asking with one third of the IDS potentially for millions of identities and billions of concurrent transactions on the blockchain could you speak to the performance who could on blockchain etc yeah definitely so one of one of the most important aspects of if you're going to be made doing a pairwise pseudonymous then notice all of the communications you know the agent agent messaging it takes place up here does not touch the the the public chain these are private pairwise relationships and in sovereign they use what we call Micro ledger architecture so as you created the ID and then share it with the other party you're doing so on a micro ledger that's just shared between these two parties and micro Ledger's of course are as scalable as you know any cloud service out there because they don't you're not putting all the transactions through through the public ledger all that all that's needed on the on the public ledger is in some way when you're kicking off this whole dance of introduction to to publicly reference the first point you're going to be starting but two individuals here this D ID layer for them could be a micro ledger that's not a public ledger and now if you're going to engage in a transaction or exchange tokens that for which you need to prevent double spend then that is going to interact with the ledger for you know for reconciliation of those tokens and there and if you're going to engage in smart contract interactions that can also need to resolve up to a public ledger but these micro Ledger's are you know they're also called state channels you know there are many different ways to take these things offline get the same advantages of the you know peer-to-peer crypto without having to touch a pub ledger and I can only really speak to how the sovereign is using that for scalability I know we're in discussions constantly with the you port team about how etherium is going to be doing that verse1 how they're going to be doing it etc yeah nice i we have another question from stanley which you answered kind of already but just maybe you want to expand on that which is this micro Ledger's kind like the micro payment in this part and he sang brackets piping network yeah yeah exactly very similar really what it is is it's sort of its standardizing because again sovereigns building entirely on on open standards standardizing how any two edged agents or cloud agents can form these connections and basically set up a micro ledger and then synchronize anything they want on it certainly did documents but also as they exchange therefore in fact I should press down and go the whole point of this micro ledger channel is any form of encrypted p2p interaction and so no it did off is not actually you don't have to do that you the keys are on the micro ledger did off it's just a message exchanged between the two of them verifiable credentials are exchanged that way but actually could be on the micro ledger and that would that would take me into the next slide just to quickly I want to make sure this last piece of the sort of architectural puzzle all of what we've just covered basically sets up again that channel that relationship that connection for then the exchange of these verifiable credentials and those credentials it's I want to make sure it's clear howdy IDs play in those because you got a credential from an issuer let's say a driver's license and the Department of Motor Vehicles for whatever governmental jurisdiction issues that before they start issuing that claim they register a public D ID okay on their choice of method where whatever you know blockchain public watch a and they they want to use they registered that D ID and then when when the south sovereign identity old owner which the w3c calls the holder will become the holder new credential when they come to the issuer the issuer will create that driver's license credential and sign it with the private key for that D ID and give it to the holder to put in their wallet when the wallet is going to present that to a verifier the holders also establish a D ID that they use with the verifier and with that D ID whether it's on a public ledger or micro ledger that's what they counter sign that claim with so when the verifier gets that digital credential they're able to basically use refer to the whether public or micro ledger for the holder check the public key and verify that signature and then check the public key on the public D ID for the issuer and verify that signature and that's how we can have an interoperable infrastructure decentralized completely there's no centralized authority for the exchange of digital credentials and and that's really what even though it's just this bottom layer what makes that whole thing work is this decentralized PKI so any of the questions pending right now Alice well the Commission's no alright then I'm going to wrap up here just by covering what we are doing for D ID standardization a little background that I covered in the last slide so the ID started they were actually originally conceived and the term D ID by the the verifiable claims task force which was the community group that that existed w3c before they created the working group so subsequently in early 2016 Evernham the company I work for applied to the US Department Homeland Security was actually funding decentralized ident work and decentralized identity and we proposed that they fund a project to create to turn this concept of the IDS into an open standard and that project took pretty much all of 2016 and we worked with you know we went to pretty much every identity conference rebooting web of trust crusher Allen and others have put together the internet identity workshop your peanut identity conference what's now identify all of them and we had probably at least a half dozen of the blockchain identity vendors and and many open-source folks involved in that and finally that that suspect which we've completed in November of that year in June of the following year once they had created the verifiable clinics working group we then contributed to the w3c credentials community group to to take forward there and we are currently now completing we're in the very last stages of what's called the second generation of the dead spec it's very stable at the WCC G this is a open group even though it is hosted by the w3c no membership fee is required it's open to anyone it does have yet must agree the IPR rules you know so that the the work product is protected and open for everyone two years and again we are now we have started in the CCG the work to be to formally begin the I did working group that's that that is what's necessary to create an official w3c standard I think it's going to take many sporty there who's done this many times it's about a six month process to actually get working group approving w3c so it's likely gonna be around the end of the year that that's done and then probably you know at least another year before you have a full full standard but I just wanted to you know give everyone a set these are the links and I'll leave this up on the screen as we answer other questions actually I want to go forward I do want to provide a thank you to US Department Homeland Security S&T for funding this research not only on D IDs but subsequently on DKMS the key management work that will have it hopefully another webinar about and then I'll just leave these links up for anyone that needs them both how you live this back the issues list and both w3c and sovereign have discussion forums again that anyone can join yeah so I'm doing all the questions right now but I mean but I think will be interesting just very much incentives I don't think everyone's familiar with them why these things are hosted by w3c and what these different groups mean like if you take the verifiable clients task group or the financials working group and how these are structured and how you evolved in how you can get involved yeah absolutely so w3c is one of you know the major open standards organizations for the web the way I always think of it as you've got the ITF internet Engineering Task Force is is the original sort of decentralized crowd-sourced fun standards work that they create the original standards for the Internet itself then w3c evolved when the whole web layer came about and and that needed Standardization it's different because it is a membership organization and you know large members have a lot of influence there so it is all standards are political and and definitely that's that's part of what's involved but w3c originally was only a paid membership organization you had that be yeah I had to have a company or a non-profit to join it is since opened up much more and said we need to have individual involvement we need to be open to open source and helping so they added an entire I think it was about seven or eight years ago they added what they call community groups and community groups are are hosted by the w3c on behalf of the public anyone can come in and create the community group anyone can join them there's no membership fees there is a standard IPR agreement that if you're going to do work together in a community group that everyone agrees it's going to be an open public standard and it's you're not going to go in with and and and have Submarine patents and try and get everyone to adopt an idea it's got to be a royalty-free open standard so so what happened is is a the what's now verifiable credentials formally verifiable claims started as a community group they're the verifiable claims task force and then after several years actually it in late 2016 they finally said hey let's start let's turn this into a formal working group and a working group of w3c is restricted you do have to be a member of ww3 C to participate in a working group the IPR requirements are it's a higher bar because you've got to be very careful about patents but working groups can produce official w3c standards that are actually voted on by the membership when the working group is done so verifiable claims working group was officially approved I think it was January of last year and is about 18 months into its work the the D ID work is in the credentials community group that's not yet an official working group but that's what we're we're working on happening now so so anyway that's how w3c handles it ITF is different that's no membership it's just all volunteer and then Oasis is yet a third example where they have both the individual and corporate membership there it's generally lower cost and more self organized Austin nice so then no other questions Fred no so what we can get to the last slide and alright and just thank you Drummond for taking time again and to explain the IDS and I hope we will get you in future and to do one section on DKMS which is a few key components and also another one for trust frameworks to explain how it's relevant to SSI and for everyone please check out assignment and there you have the telegram channel which is where we share any new specials we will be doing but you also share them via Twitter Linkedin and email so please follow all those channels and we will be sharing and coming two days the recording and and and the slides and the google slide format so you can download them and use the robot and please reference Drummond and ssme Meetup and while you use them or whatever you have to do and thank you very much everyone for having join us today thank you for minute also had thank you very much Alex I really enjoyed these I look forward to doing more in the future awesome thanks