| Organization | Specification | Status | SSI Stack | Description |
|---|---|---|---|---|
| W3C | Decentralized Identifiers (DIDs) | Working Group | Secure Connections | New type of identifier which is globally unique, highly available & cryptographically verifiable. |
| W3C | Decentralized Identifier (DID) Resolution | Community Group | Secure Connections | Specifies guidelines for resolving and dereferencing DIDs to obtain DID Docs. |
| W3C | DID Spec Registries | Working Group | Secure Connections | Official registry for all known global parameters, properties, and values used by the decentralized identifier ecosystem. Includes the DID Method Registry, a list of DID methods with known implementations. |
| W3C | DID Use Cases | Working Group | Secure Connections | Outline of several interactions involving decentralized identifiers to demonstrate value and utility of DID-based systems. |
| W3C | DID Rubric | Community Group | Secure Connections | A rubric — a scoring guide used to evaluate performance, a product, or a project — to explore what "decentralization" means in the context of DIDs, and to evaluate a given DID Method according to one's own requirements. |
| W3C | DID Key | Draft | Secure Connections | Minimal DID method that does not utilize a ledger or public registry such as a blockchain. It is simply based on expanding a cryptographic public key into a DID Document. |
| W3C | DID Web | Community Group | Secure Connections | DID method that allows blockchain-based DIDs to bootstrap trust using a web domain’s existing reputation. |
| W3C | WebCrypto | Standard | Secure Connections | Standard JavaScript API for performing a variety of cryptographic operations in web applications and browsers and managing the crypto keys required. |
| W3C | WebAuthn | Standard | Secure Connections | An API for creating and using public-key credentials in web applications and browsers for the purpose of strongly authenticating users. |
| W3C | WebKMS | Draft | Secure Connections | Common data model and interface for systems that want to perform secure cryptographic operations utilizing encryption and public-key crypto. Used by ZCAP-LD. |
| W3C | Verifiable Credentials (VCs) | Standard | Secure Data | Data model for expressing cryptographically secure digital credentials on the web. Verifiable Presentations are generated from VCs and presented by users for verification. |
| W3C | VC Use Cases | Working Group | Secure Data | Outline of several interactions involving verifiable credentials to demonstrate value and utility of VC-based systems. |
| W3C | VC JSON Schemas | Community Group | Secure Data | Standard mechanism for expressing a credential using JSON Schema and the protocols for evolving the schema over time. |
| W3C | Credential Revocation List | Community Group | Secure Data | Simple list-based mechanism for publishing & checking status of a credential. |
| W3C | Credential Handler API (CHAPI) | Community Group | Secure Data | Standard API for exchanging VCs between a website and user. |
| W3C | Verifiable Presentation Request | Community Group | Secure Data | Defines data formats for VP exchange to and from browsers using a polyfill (for use with CHAPI). |
| W3C | JSON Linked Data (JSON-LD) | Standard | Secure Data | Extends JSON to enable serialization of linked data, i.e. sharing and discovering data in web-based environments. |
| W3C | CBOR Linked Data (CBOR-LD) | Draft | Secure Data | CBOR-based serialization for linked data. It provides benefits over other linked data representations in terms of compression while preserving semantic processing. |
| W3C | Authorization Capabilities (ZCAP-LD) | Community Group | Secure Connections + Secure Data | Secure way for linked data systems to grant and express authority using an Object Capabilities approach. |
| W3C | Linked Data Security Vocab | Community Group | Secure Connections + Secure Data | An open data vocabulary that defines signature classes and signature properties to encrypt, decrypt, and sign linked data. |
| W3C | Linked Data Citizenship Vocab | Community Group | Secure Data | An open data vocabulary for expressing attributes related to citizenship in linked data. |
| W3C | Linked Data Traceability Vocab | Community Group | Secure Data | An open data vocabulary for expressing attributes related to traceability in linked data. |
| W3C | Linked Data Cryptographic Suite Registry | Community Group | Secure Connections + Secure Data | Registry for all known Linked Data Key formats. |
| W3C | Linked Data Proofs | Community Group | Secure Connections + Secure Data | Verifying the authenticity and integrity of Linked Data documents with mathematical proofs and public/private key crypto. |
| W3C | Linked Data Proofs BBS+ Signatures | Community Group | Secure Data | A technique to implement privacy-preserving selective disclosure in JSON-LD based verifiable credentials using the cryptography of BBS+ signatures. |
| W3C | Universal Wallet | Community Group | Secure Data | An attempt to unify wallet implementations in the digital identity ecosystem by introducing a portable, extensible, JSON-LD wallet representation for storing credentials and currencies. |
| W3C | Encrypted Data Vaults (EDVs) | Community Group | Secure Data | Mechanism for storing and accessing encrypted data. |
| W3C | Data Privacy Vocabulary | Community Group | Secure Data | Defines terminology to categorize instances of legally compliant personal data handling according to GDPR. |
| W3C | Data Minimization | Community Group | Secure Data | Describes several alternative privacy-enhancing strategies for selective disclosure of digital attributes. |
| W3C | ActivityPub | Standard | Secure Data | Decentralized social networking protocol providing APIs for creating and sharing data. |
| DIF + W3C | Confidential Storage | Working Group | Secure Data | Large community effort to create a foundational layer for secure data storage (including personal data), specifically data models for storage and transport, syntax, data at rest protection, CRUD API, access control, synchronization, and an HTTP-based interface compatible with W3C DIDs/VCs. Joint approach which incorporates Identity Hubs and EDVs. |
| DIF + Hyperledger Aries | DID Peer | Community Group | Secure Connections | DID method which is entirely peer-to-peer, relying on peer endorsements instead of a single source of truth such as a ledger or blockchian. It's intended to be cheap, fast, scalable, and secure, so it will mostly be used in a private and pairwise fashion. |
| DIF + Hyperledger Aries | DIDComm Messaging | Community Group | Secure Connections | Standards enabling trustworthy communication based on DIDs. |
| DIF | Well Known DID Configuration | Community Group | Secure Connections | Enabling linkage between an internet domain owner and a DID owner. |
| DIF | Self-Issued DID Profile for OpenID | Community Group | Secure Connections | Adapter to use DIDs as authentication method in OpenID Connect. |
| DIF | Verifiable Presentation Exchange | Community Group | Secure Data | Data format which provides a mechanism for Verifiers of a VC to define their proof requirements, and Subjects of a VC to encode submissions of proof to align with those requirements. |
| DIF | Identity Hubs | Community Group | Secure Data | Well-documented open-source protocol for secure storage & sharing of data. |
| DIF | Credential Manifest | Community Group | Secure Data | The Credential Manifest is a common data format for describing the inputs a Subject must provide to an Issuer for subsequent evaluation and issuance of the credential indicated in the Credential Manifest. |
| DIF | Sidetree | Community Group | Public Key Registry | An open-source Layer-2 protocol that sits on top of DID infrastructure i.e. blockchains and distributed ledgers. |
| DIF | Key Event Receipt Infrastructure (KERI) | Community Group | Public Key Registry | An approach to public key cryptography which standardizes public-key self-certification and unifies DID methods by allowing witnesses to publish and validate key event logs. |
| IETF | OAuth 2.0 | Standard | Secure Connections | Industry standard for web authorization. |
| IETF | Grant Negotiation Access Protocol (GNAP) | Working Group | Secure Connections | The evolution of OAuth which aims to address limitations of OAuth 2.0. |
| IETF | JWA/JWK | Standard | Secure Connections + Secure Data | Standards that describe how to define algorithms and represent crypto keys in JSON. These algorithms are used by other specs for signing (JWS) and encryption (JWT). Parameters of JWKs and JWAs are both registered in an IANA Registry. |
| IETF | JWT/JWS/JWE | Standard | Secure Connections + Secure Data | Standards for signing and encrypting data -- primarily identity tokens -- on the web. Header parameters (JWE & JWS) and payload claims (JWT) are both registered in an IANA Registry. |
| IETF | JSON Web Message (JWM) | Community Group | Secure Connections + Secure Data | Standard for universal secure messaging. Belongs to JOSE family. |
| IETF | HTTP Signatures | Working Group | Secure Connections + Secure Data | Describes a way for servers and clients to simultaneously add authentication and message integrity to HTTP messages by using a digital signature. |
| IETF | Hashlink | Community Group | Secure Data | Cryptographic hyperlinks for verifying the integrity of published data. |
| IETF | BBS+ Signatures Scheme | Draft | Secure Data | BBS+ is a short group digital signature that allows a set of messages to be signed with a single key. BBS+ supports an efficient Zero-Knowledge Proof of Knowledge construction where a holder can selectively disclose any subset of signed messages to another party without revealing the signature or the hidden messages. |
| Hyperledger | Biometric Service Providers (BSPs) | Community Group | Secure Connections | Uses established biometric standards to define how a service provider can perform identity verification, authentication, and recovery in a uniform interface to clients such as wallets and agents. |
| Hyperledger | Aries RFCs | Community Group | Secure Connections + Secure Data | Open-source project focused on creating interoperable software frameworks and implementing Identity Agents for peer-to-peer digital interactions. |
| Hyperledger | Interop Test Suite | Community Group | Secure Connections + Secure Data | Defines the goals, scope, and interoperability contract of the Aries Interop Test Suite. |
| Hyperledger | The Trust Over IP (ToIP) Stack | Community Group | Secure Connections + Secure Data + Public Key Registries + Trust Frameworks | Describes a complete architecture for Internet-scale digital trust that integrates cryptographic trust at the machine layer with human trust at the business, legal, and social layers. |
| Hyperledger | Rich Schemas | Community Group | Secure Data | Defines a rich semantic data model for verifiable credentials using JSON-LD. |
| Hyperledger | Chained Credentials | Community Group | Secure Data | Uses the data model of verifiable credentials to enable delegated authority use-cases that utilize a cross-domain, distributed root-of-trust. |
| Hyperledger | Data Overlays | Community Group | Secure Data | Data capture architecture that separates raw schema building blocks from additional semantic layers such as business logic, sensitive attributes, etc. |
| Hyperledger | Data Consent Lifecycle | Community Group | Secure Data | Defines a protocol for generating a consent proof that is compatible with distributed ledger technology. |
| Hyperledger | Indirect Identity Control | Community Group | Secure Data | An approach to credentials which allows for delegation, guardianship, and controller relationships between a credential subject and a proxied subject. |
| Hyperledger | Anoncreds | Community Group | Secure Data | Anonymous credentials allow an identity owner to prove certain properties about their identity privately without revealing other identity details. |
| Hyperledger | Machine-Readable Trust Frameworks | Community Group | Secure Data | Defines a standard method for embodying governance frameworks in formal data structures so they can easily be read and consumed by identity software. |
| OASIS + Hyperledger | Decentralized Key Management System (DKMS) | Community Group | Secure Connections | Standardized approach to cryptographic key management for decentralized systems. |
| OASIS | eXtensible Data Interchange (XDI) | Community Group | Secure Data | Semantic data protocol & messaging protocol combined in a single framework. |
| OpenID Foundation | OpenID Connect (OIDC) | Standard | Secure Connections | Identity layer that builds authentication on top of OAuth 2.0. |
| OpenID Foundation | OIDC Credential Provider | Draft | Secure Data | An extension to the OpenID Connect protocol that allows issuance of credentials which are bound to the client in an authenticatable manner based on public/private key cryptography. |
| Kantara Initiative | User-Managed Access (UMA) 2.0 | Community Group | Secure Connections | Defines an extension OAuth 2.0 grant type and defines a more modular and consent-driven flow for controlling and requesting protected resources. |
| Kantara Initiative | Consent Receipts | Community Group | Secure Data | Standard digital format for managing consent practices by providing a record to consumers about privacy and what people have consented to. |
| Kantara Initiative | Blinding Identity Taxonomy (BIT) | Community Group | Secure Data | A list that identifies which specific data elements need to be protected to preserve the privacy and identity of individual user. |
Last active
November 15, 2022 13:56
-
-
Save creatornader/c8a20c534d3cf8f65a9b34ce2ad81725 to your computer and use it in GitHub Desktop.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment