Highlights from the 38th Internet Identity Workshop (IIW) Event

The Internet Identity Workshop (IIW) 2023, held at the Computer History Museum in Mountain View, California, from April 16th to April 18th, brought together experts from various fields to discuss and explore the future of digital identity, content authenticity, and website management technologies.

One of the key themes of the event was the emphasis on decentralized digital identity and self-sovereign identity (SSI). Discussions highlighted the importance of users having control over their digital identities without relying on centralized third parties. SSI models were seen as crucial for secure onboarding and verification across platforms, ensuring trusted identity proofing for users and websites alike.

Another significant focus was on content authenticity and verifiable credentials. Workshops delved into the deployment of verifiable credentials that cryptographically prove authenticity, whether for individuals (KYC, IDV) or organizations. This supports trust in digital interactions, including trust in content origin and management permissions.

The role of AI in identity and content management was also explored. Workshops discussed leveraging AI tools to enhance digital identity processes and content authenticity detection. For instance, visual AI tools were suggested for creative and practical applications, indicating the growing importance of AI in managing, verifying, and generating trustworthy digital content.

Addressing the challenge of privacy and consent management, IIW highlighted efforts like the IEEE P7012/MyTerms standard for machine-readable privacy terms. This standard aims to elevate trust by allowing people to bring their own privacy terms to websites, beyond cookie consent notices.

Technical integration was also a topic of discussion, with sessions covering the OpenID Connect Extended Authentication Profile (EAP). This integration ties OpenID Connect, Web Authentication, and FIDO Authenticators together, enabling seamless, secure authentication crucial for website management and identity verification in the AI era.

Signed Data JSON Web Tokens (SD-JWTs) were discussed as a vital tool in securing digital identities. These can be integrated within various website frameworks, potentially revolutionizing the management and verification of digital identities.

The Decentralized Web Nodes (DWN) were also discussed as a shift towards more robust and versatile website management frameworks. The integration of traditional X.509 infrastructure with decentralized identifiers (DIDs) was explored, potentially bridging the gap between old and new technologies.

Eric Scouten from Adobe presented on the Coalition for Content Provenance and Authenticity (C2PA), an initiative aimed at addressing concerns about digital content authenticity. C2PA ensures the integrity and origin of digital content through manifest data models.

Predictions for Future Trends include increased use of verifiable credentials, greater industry consolidation, and enhanced user control and privacy. The discussions at IIW have significant implications for the digital landscape, indicating a shift toward more secure, efficient, and user-centric solutions.

The IIW operates with a unique format, allowing attendees to choose the topics for each session on the day itself. This approach fosters a dynamic and engaging environment, ensuring that the discussions remain relevant and forward-thinking.

Notable developments included Apple and Google showcasing interoperability between their respective wallets via a browser, highlighting a trend towards government-issued credentials being managed within official wallets. The updates on the EU Digital Identity (EUDI) Wallet under eIDAS 2 also reviewed progress and outlined future plans, including an innovation competition designed to foster the creation of innovative prototypes in Germany.

The Personal Data Store Faceoff session provided a detailed comparison of existing personal data storage solutions, while the focus on standardizing digital website technologies and protocols aimed to create a developer-friendly ecosystem. Personal AI agents were discussed as autonomous entities that could manage various aspects of digital websites and privacy.

The integration of authenticity and security in digital communications was explored, focusing on how website information can be seamlessly integrated within C2PA manifests. The OpenID4VP session showcased new features aimed at enhancing privacy and security, including capability negotiation and a new browser API.

In conclusion, the IIW 2023 emphasized the importance of authentic, privacy-respecting digital identities in securing and managing content. AI and modern web technologies were seen as crucial in enhancing authenticity verification and user experience, aiming to build mutual trust in digital interactions, critical for website management technologies and content authenticity in a rapidly evolving AI context.

[1] SSI models accelerate secure onboarding and verification across platforms, ensuring trusted identity proofing for users and websites alike. [2] Addressing the challenge of consent and privacy in identity and content management. [3] There is a strong focus on deploying verifiable credentials that cryptographically prove authenticity, whether verifying individuals (KYC, IDV) or organizations. [4] Workshops explore leveraging AI tools to enhance digital identity processes and content authenticity detection. [5] This integration ties OpenID Connect, Web Authentication, and FIDO Authenticators together, enabling seamless, secure authentication crucial for website management and identity verification in the AI era.

The emphasis on SSI models at the IIW 2023 underscores their importance in ensuring secure and smooth onboarding processes across various platforms, aiming to establish trust between users and websites.
The discussions at the workshop also revolve around the critical challenge of managing privacy and consent, with the goal of creating more secure and user-friendly digital experiences.