re:claimID - Self-sovereign, Decentralised Identity Management and Personal Data Sharing


Playlists: '36c3-oio' videos starting here

Today, users are often required to share personal data, like emailaddresses, to use services on the web. As part of normal service operation,such as notifications or billing, services require access to -- ideallyfresh and correct -- user data. Sharing attributes in the Web today is oftendone via centralized service providers to reduce data redundancy and to giveservices access to current, up-to-date information even if the user iscurrently offline. Abuse of this power is theoretically limited by locallaws and regulations. But, the past has shown that even well-meaningidentity providers struggle to keep user data safe as they become majortargets for hackers and nation state actors while striving for monetizinganonymized statistics from these data. We advocate for a new, decentralizedway for users to manage their identities for the following reasons:

The current state of omniscient identity providers is a significantthreat to the users' privacy.

Users must completely trust the service provider with respect toprotecting the integrity and confidentiality of their identity in their interest.

The service provider itself is facing substantial liability risksgiven the responsibility of securely managing potentially sensitive personaldata of millions of users. We present re:claimID, a decentralized identity service with the followingproperties:

Self-sovereign: You manage your identities and attributes locally onyour computer. No need to trust a third party service with your data.

Decentralized: You can share your identity attributes securely overa decentralized name system. This allows your friends to access your shareddata without the need of a trusted third party.

Standard-compliant: You can use OpenID Connect to integrate reclaimin your web sites.