Episode 113 - GluuFederation/identerati-office-hours GitHub Wiki

Title: MOSIP - Verifiable Credentials Update

Channels

Description

MOSIP’s innovative use of OpenID for Verifiable Presentations over BLE will potentially enable citizens to securely share their government identity with verifiers even in environments with no Internet connectivity, which is critical in remote or underserved areas. Wallet-based credentials like this promise to decrease cost and improve the security of credentials for citizens with smart phones. But the standards, technologies, user expectations and business models are changing fast. Join us in this episode for a deep dive on how MOSIP sees the current environment for verifiable credentials, and where they are steering their project.

Homework

Takeaways

  • ⚡ The name of MOSIP's wallet, "Inji" means "recognition" in Korean. And it's easily pronouncable in multiple langugages!

  • ⚡ MOSIP has done more work then anyone in the industry on using BLE to present verifiable credentials. Much of the core code for the Inji wallet was contributed recently to the Open Wallet Foundation. BLE is useful for offline presentation, and could be really useful for kiosks. For example, a citizen would start by scanning a QR code on the kiosk, which initiates the BLE connection, and prompts for approval of the presentation.

  • ⚡ SD-JWT is on the roadmap for selective disclosure of claims. There is still more work to be done, but this seems like the most mainstream approach with the current technology stack. Also on the roadmap is using OAuth Status List for revocation.

  • ⚡ QR-code presentation of credentials is also supported. But obviously the bandwidth of a QR code is constrained, even with CBOR encoding.

  • ⚡ Web wallets may help bridge the gap for citizens who don't have smart phones. There are also some advantages of recoverability for web wallets. This is another service MOSIP may prioritze in the future.

Livestream Audio Archive

here