Skip to main content

Liaison statement
LS on request of feedback on ITU-T SG17 new work item TR.divs: Rationale and initial approach of decentralized identity verification system (DIVS) based on verifiable data

Additional information about IETF liaison relationships is available on the IETF webpage and the Internet Architecture Board liaison webpage.
State Posted
Submitted Date 2024-03-26
From Group ITU-T-SG-17
From Contact Xiaoya Yang
To Group IETF
To Contacts The IETF Chair <chair@ietf.org>
Cc Scott Mansfield <Scott.Mansfield@Ericsson.com>
The IETF Chair <chair@ietf.org>
itu-t-liaison@iab.org <itu-t-liaison@iab.org>
The IESG <iesg@ietf.org>
Response Contact hyyoum@sch.ac.kr
abarbir@live.ca
Purpose For action
Deadline 2024-06-30 Action Needed
Attachments sp17-sg17-oLS-00132
Body
SG 17 has approved the creation of a new work item on Technical Report,
TR.divs: Rationale and initial approach of decentralized identity verification
system (DIVS) based on verifiable data”.

The scope and summary of this Technical Report is given in Attachment 1.

The purpose of this Liaison is to inform you about the new work item and seek
any feedback from your end.

We look forward to your collaboration.

Attachment (1):
       Scope and Summary of a new work item on Technical Report TR.divs

Attachment 1
Draft Technical Report TR.divs
Rationale and initial approach of decentralized identity verification system
(DIVS) based on verifiable data

Scope:
This Technical Report provides concept, functional elements, implementation
aspects, practical use cases and usability of the Decentralized Identity
Verification System (DIVS). It also addresses usability consideration and
identifies applications areas of the DIVS. The Technical Report focuses on the
technical aspects of the DIVS, including the use of blockchain technology or
other distributed repository, cryptography, and self-sovereign identity
principles, as well as the application of verifiable credentials.

Summary:

The absence of identity assurance in the digital space is especially
concerning, given the advancements in AI technology and the emergence of new
virtual realms. Current mechanisms, which primarily rely on insecure systems,
fail to mirror the assurance level we take for granted in the physical world.
This deficiency has led to growing risks, including fraud, impersonation by
AI-driven entities, and other dangerous activities. The Decentralized Identity
Verification System (DIVS) aims to bridge this gap by introducing the assurance
of the physical world (e.g., governmental entities) into the digital space. By
leveraging secure cryptographic systems and learning from experiences, the goal
is to build a digital identity framework that can serve as a robust layer of
assurance. The structure and coordination provided by IANA for internet
communications, including IP addresses and the domain name system (DNS), have
shown the potential for systematic identification. However, merely having
unique identifiers does not establish trust. The DIVS is designed to go beyond
identification by promoting security and privacy, preventing AI impersonation,
and creating an environment that guarantees lawful protection for users and
service providers. By extending the identity assurance inherent in our physical
interactions into the digital domain, the DIVS represents a significant step
toward a more secure, trustworthy, and legally protected online world, aligning
digital interactions with the expectations and standards of the physical world.
This proposal seeks to extrapolate the learnings from the DNS experience into a
similar framework for digital identity management. There's an urgent need for
such a system, not just for enhanced security and privacy, but also to prevent
impersonation by AI-generated bots and reduce dangerous activity. Critics may
argue that such a centralized repository could be a target for dangerous
actors, but a strong cybersecurity framework for the "registrars" can address
such concerns. The goal is to correctly identify users, promote security and
safety, and guarantee lawful privacy.