ecosistema-social-decentral.../topics/identity.md

# Identity

Centralized identities are tied to a single service. Decentralized identity is not.

We will call entities with identities "actors", because non-human entities such as companies, organizations, and bots may have identities on a social network.

Identity allows an actor to:

- control an account and access private data
- communicate with another actor
- establish visible reputation and credibility

Desirable qualities for decentralized identities:

- Allow authentication and migration between services
- Allow communication across services
- Unique, global, and memorable

## Decentralized Identity

OAuth is currently the most successful identity standard. OAuth was created to securely transfer user credentials from one site to another. OAuth identity providers became centralized because users could not run or choose their own identity providers.

### Identity in federated applications:

- email
- XMPP
- Matrix
- Diaspora: User identities in Diaspora are tied to their pod, and cannot be migrated. Diaspora uses the Webfinger protocol to discover users from other pods. User information is returned via hCard, an open microformat standard for identity.
- Mastodon:
- Solid

### Identity in p2p applications:

P2p systems key management, key verification, key backup. Account recovery.

- IPFS
- Peergos
- Hypercore
- Gun
- Ssb
- Aether
- Iris

### Blockchain identity

- Namecoin
- Handshake

Lots of them.
Microsoft
IBM

### Decentralized Identifiers (DIDs)

[DIDs](https://w3c-ccg.github.io/did-primer/) are a new type of globally unique identifier that do not require a centralized registration authority, and can serve as a decentralized public key infrastructure. DIDs are a [W3C standard](https://www.w3.org/TR/did-core/).

The format of a DID is: a scheme identifier, followed by the DID method, followed by a method-specific identifier. A simple example: `did:example:123456789abcdefghi`

## Reputation & Trust

Web-of-trust

P2p network can ban, but cannot take away identity

## Social graph proof

- Handshake problem and collusion protection (see IRIS)

## Fail cases

Account recovery.
Sybils and spam
Impersonation

## Links

- [What are Decentralized Identifiers](https://www.evernym.com/blog/what-are-decentralized-identifiers-dids/)
- [Decentralizing the Social Web](https://hal.inria.fr/hal-01966561/document)
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00			`# Identity`

Add identity draft 2020-06-16 22:45:41 +02:00			`Centralized identities are tied to a single service. Decentralized identity is not.`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
Draft identity 2020-06-16 22:18:25 +02:00			`We will call entities with identities "actors", because non-human entities such as companies, organizations, and bots may have identities on a social network.`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
Draft identity 2020-06-16 22:18:25 +02:00			`Identity allows an actor to:`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
Draft identity 2020-06-16 22:18:25 +02:00			`- control an account and access private data`
			`- communicate with another actor`
			`- establish visible reputation and credibility`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
Draft identity 2020-06-16 22:18:25 +02:00			`Desirable qualities for decentralized identities:`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
Add identity draft 2020-06-16 22:45:41 +02:00			`- Allow authentication and migration between services`
			`- Allow communication across services`
Draft identity 2020-06-16 22:18:25 +02:00			`- Unique, global, and memorable`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
Draft identity 2020-06-16 22:18:25 +02:00			`## Decentralized Identity`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
Draft identity 2020-06-16 22:18:25 +02:00			`OAuth is currently the most successful identity standard. OAuth was created to securely transfer user credentials from one site to another. OAuth identity providers became centralized because users could not run or choose their own identity providers.`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
Add identity draft 2020-06-16 22:45:41 +02:00			`### Identity in federated applications:`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
Draft identity 2020-06-16 22:18:25 +02:00			`- email`
			`- XMPP`
Add identity draft 2020-06-16 22:45:41 +02:00			`- Matrix`
Draft identity 2020-06-16 22:18:25 +02:00			`- Diaspora: User identities in Diaspora are tied to their pod, and cannot be migrated. Diaspora uses the Webfinger protocol to discover users from other pods. User information is returned via hCard, an open microformat standard for identity.`
Add identity draft 2020-06-16 22:45:41 +02:00			`- Mastodon:`
			`- Solid`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
Add identity draft 2020-06-16 22:45:41 +02:00			`### Identity in p2p applications:`
Draft identity 2020-06-16 22:18:25 +02:00
			`P2p systems key management, key verification, key backup. Account recovery.`

Add identity draft 2020-06-16 22:45:41 +02:00			`- IPFS`
			`- Peergos`
			`- Hypercore`
			`- Gun`
			`- Ssb`
			`- Aether`
			`- Iris`

Draft identity 2020-06-16 22:18:25 +02:00			`### Blockchain identity`

Add identity draft 2020-06-16 22:45:41 +02:00			`- Namecoin`
			`- Handshake`

			`Lots of them.`
			`Microsoft`
			`IBM`
Draft identity 2020-06-16 22:18:25 +02:00
			`### Decentralized Identifiers (DIDs)`

			`[DIDs](https://w3c-ccg.github.io/did-primer/) are a new type of globally unique identifier that do not require a centralized registration authority, and can serve as a decentralized public key infrastructure. DIDs are a [W3C standard](https://www.w3.org/TR/did-core/).`

			The format of a DID is: a scheme identifier, followed by the DID method, followed by a method-specific identifier. A simple example: `did:example:123456789abcdefghi`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
Add identity draft 2020-06-16 22:45:41 +02:00			`## Reputation & Trust`

			`Web-of-trust`

			`P2p network can ban, but cannot take away identity`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
			`## Social graph proof`

Draft identity 2020-06-16 22:18:25 +02:00			`- Handshake problem and collusion protection (see IRIS)`

			`## Fail cases`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
Add identity draft 2020-06-16 22:45:41 +02:00			`Account recovery.`
			`Sybils and spam`
			`Impersonation`
Update governance.md (WIP) 2020-06-11 06:38:33 +02:00
			`## Links`

Draft identity 2020-06-16 22:18:25 +02:00			`- [What are Decentralized Identifiers](https://www.evernym.com/blog/what-are-decentralized-identifiers-dids/)`
			`- [Decentralizing the Social Web](https://hal.inria.fr/hal-01966561/document)`