Liaison statement
LS on request of feedback on ITU-T SG17 new work item TR.divs: Rationale and initial approach of decentralized identity verification system (DIVS) based on verifiable data
Additional information about IETF liaison relationships is available on the
IETF webpage
and the
Internet Architecture Board liaison webpage.
State | Posted |
---|---|
Submitted Date | 2024-03-26 |
From Group | ITU-T-SG-17 |
From Contact | Xiaoya Yang |
To Group | IETF |
To Contacts | The IETF Chair <chair@ietf.org> |
Cc | Scott Mansfield <Scott.Mansfield@Ericsson.com> The IETF Chair <chair@ietf.org> itu-t-liaison@iab.org <itu-t-liaison@iab.org> The IESG <iesg@ietf.org> |
Response Contact | hyyoum@sch.ac.kr abarbir@live.ca |
Purpose | For action |
Deadline | 2024-06-30 Action Needed |
Attachments | sp17-sg17-oLS-00132 |
Body |
SG 17 has approved the creation of a new work item on Technical Report, TR.divs: Rationale and initial approach of decentralized identity verification system (DIVS) based on verifiable data”. The scope and summary of this Technical Report is given in Attachment 1. The purpose of this Liaison is to inform you about the new work item and seek any feedback from your end. We look forward to your collaboration. Attachment (1): Scope and Summary of a new work item on Technical Report TR.divs Attachment 1 Draft Technical Report TR.divs Rationale and initial approach of decentralized identity verification system (DIVS) based on verifiable data Scope: This Technical Report provides concept, functional elements, implementation aspects, practical use cases and usability of the Decentralized Identity Verification System (DIVS). It also addresses usability consideration and identifies applications areas of the DIVS. The Technical Report focuses on the technical aspects of the DIVS, including the use of blockchain technology or other distributed repository, cryptography, and self-sovereign identity principles, as well as the application of verifiable credentials. Summary: The absence of identity assurance in the digital space is especially concerning, given the advancements in AI technology and the emergence of new virtual realms. Current mechanisms, which primarily rely on insecure systems, fail to mirror the assurance level we take for granted in the physical world. This deficiency has led to growing risks, including fraud, impersonation by AI-driven entities, and other dangerous activities. The Decentralized Identity Verification System (DIVS) aims to bridge this gap by introducing the assurance of the physical world (e.g., governmental entities) into the digital space. By leveraging secure cryptographic systems and learning from experiences, the goal is to build a digital identity framework that can serve as a robust layer of assurance. The structure and coordination provided by IANA for internet communications, including IP addresses and the domain name system (DNS), have shown the potential for systematic identification. However, merely having unique identifiers does not establish trust. The DIVS is designed to go beyond identification by promoting security and privacy, preventing AI impersonation, and creating an environment that guarantees lawful protection for users and service providers. By extending the identity assurance inherent in our physical interactions into the digital domain, the DIVS represents a significant step toward a more secure, trustworthy, and legally protected online world, aligning digital interactions with the expectations and standards of the physical world. This proposal seeks to extrapolate the learnings from the DNS experience into a similar framework for digital identity management. There's an urgent need for such a system, not just for enhanced security and privacy, but also to prevent impersonation by AI-generated bots and reduce dangerous activity. Critics may argue that such a centralized repository could be a target for dangerous actors, but a strong cybersecurity framework for the "registrars" can address such concerns. The goal is to correctly identify users, promote security and safety, and guarantee lawful privacy. |