Dec 27 2019 44 mins 8
In this talk we present re:claimID, a decentralized, self-sovereign identity management system. re:claimID allows users to reclaim authority over their identities and personal data. The system is built on top if a state-of-the-art, decentralized directory service: The GNU Name System. Built-in cryptographic mechanisms allow users to selectively disclose personal data and the directory service ensures that this data is accessible to authorized parties even if the user is offline. Through OpenID Connect, integration and use of re:claimID is straight-forward and authorization flows are familiar. In this talk, we present the current state of re:claimID as well as a future roadmap. Today, users are often required to share personal data, like email addresses, to use services on the web. As part of normal service operation, such as notifications or billing, services require access to -- ideally fresh and correct -- user data. Sharing attributes in the Web today is often done via centralized service providers to reduce data redundancy and to give services access to current, up-to-date information even if the user is currently offline. Abuse of this power is theoretically limited by local laws and regulations. But, the past has shown that even well-meaning identity providers struggle to keep user data safe as they become major targets for hackers and nation state actors while striving for monetizing anonymized statistics from these data. We advocate for a new, decentralized way for users to manage their identities for the following reasons: * The current state of omniscient identity providers is a significant threat to the users' privacy. * Users must completely trust the service provider with respect to protecting the integrity and confidentiality of their identity in their interest. * The service provider itself is facing substantial liability risks given the responsibility of securely managing potentially sensitive personal data of millions of users. We present re:claimID, a decentralized identity service with the following properties: * Self-sovereign: You manage your identities and attributes locally on your computer. No need to trust a third party service with your data. * Decentralized: You can share your identity attributes securely over a decentralized name system. This allows your friends to access your shared data without the need of a trusted third party. * Standard-compliant: You can use OpenID Connect to integrate reclaim in your web sites. about this event: https://talks.oio.social/36c3-oio/talk/XHLTUD/
