ESSIF: The European self-sovereign identity framework
This blog-post aims to help the reader understand current developments regarding the adoption of self-sovereign identity solutions on a European level via ESSIF.
EDIT (16.06.2020): This article originally referred to the framework as “eSSIF”, which has been adjusted to the official syntax.
The European self-sovereign identity framework (ESSIF) is part of the European blockchain service infrastructure (EBSI). The EBSI is a joint initiative from the European Commission and the European Blockchain Partnership (EBP) to deliver EU-wide cross-border public services using blockchain technology.
The EBSI aims to become a “gold standard” digital infrastructure to support the launch and operation of EU-wide cross-border public services. It is a multi-blockchain network with multiple use-cases such as notarization of documents, ESSIF, certification of diplomas and trusted data sharing. While there is an EBSI wallet, it’s for test purposes only and not for the public. The consensus of the permissioned network might be achieved via proof of authority (POA) with one node per member state. The architecture can support multiple protocols and currently is mainly based on Hyperledger.
ESSIF aims to implement a generic self-sovereign identity (SSI) capability, allowing users to create and control their own identity across borders without relying on centralized authorities.
The information written on blockchain can range from decentralized identifiers (DIDs) and potentially include public legal entities, the fact that something has been proved, a revocation-list (or pointer to it) as well as public information like list of trusted universities among other information.
The EBSI guiding principles are as followed:
PUBLIC PERMISSIONED — The identity of all participating nodes is known
DECENTRALIZED — Each member state should run its own set of nodes
SCALABLE — Support for high-throughput and high number of nodes
OPEN — (Preferably) open-source
SUSTAINABLE — Energy efficient
INTEROPERABLE — The EBSI should, as much as possible, be based on well-known standards and technical specifications
The goals of ESSIF:
- provide seamless cross-border services for citizens
- Help make institutions more efficient
- Facilitate economic activity flow across borders
The scope of ESSIF:
ESSIF will not intervene in the business flow between the EU citizens/entities and relying parties. The request of services and the obtainment of those services are out of scope of ESSIF. ESSIF, however, will allow an EU entity to “obtain” verifiable credentials, to “register” verifiable mandates/consents, and to “obtain” verify verifiable claims, which then can be used to identify/authenticate relying parties and provide those with required claims/attestations.
Within the scope: How to:
- facilitate cross-border interaction with SSI?
- make/keep national SSI projects interoperable?
- integrate/align existing building blocks such as eIDAS, e-delivery, once-only with SSI?
- conceptualize and build an identity layer within the EBSI?
- preserve European/democratic values in the implementation of SSI?
- stimulate the SSI-transformation of public services
- stimulate SSI development and standardization on a global level.
Out of scope:
The interpretations of the data (semantics) and the necessary standardizations and business logic. ESSIF will not build and maintain an SSI wallet for all European citizens.
The legal environment around ESSIF:
The legal assessment is still work in progress and mainly addresses the legal consequences and relationships of using DIDs and verified credentials (VCs) as well as the alignment of SSI solutions to the eIDAS regulation. Furthermore, legal questions are open for the trust framework regarding the legal input of the level of assurances (LoAs), governance aspects, conformity, etc.
The eIDAS regulation and its importance for SSI
eIDAS is a European regulation including “electronic identification (eID) and electronic Trust Services (eTS), which are key enablers for secure cross-border electronic transactions and central building blocks of the Digital Single Market […] a milestone to provide a predictable regulatory environment to enable secure and seamless electronic interactions between businesses, citizens and public authorities.” (EU Commission, 2015).
So basically, they standardized and recognized different means of electronic signatures [simple (SES), advanced (AES) and qualified (QES)] and electronic services to harmonize legal aspects of cross-border communication between member state implementations while simultaneously increasing convenience and predictability for the involved parties.
The relevance of eIDAS for SSI is that the regulation constitutes the main electronic identification trust framework in the EU. It’s an elemental building block of the digital single market and might be extended to include the recognition of eIDs for private sector uses, such as AML/CFT, online platforms, etc. It is a technology-neutral approach, which has a strong influence on the international regulatory space.
This is important for the validation of identity attributes. By providing means of identification recognized in accordance with the eIDAS regulation it enables the verification of the information that will be included in a verifiable credential.
The main advantage of using this approach is that the verifiable credential inherits the level of assurance of the eIDAS electronic identification means, allowing a person with this kind of eID to get different verifiable IDs and leveraging their use in the space of decentralized transactions, gaining real privacy.
However, the stakeholders recognize, that there are still a multitude of legal challenges, which need to be addressed such as the legal consequences of on-ledger transactions, the definition of rights and obligations as well as legal consequences for all stakeholders in regards to eIDAS and GDPR.
What is expected from the market?
- Compliant self-custody wallets with support for multiple governance frameworks like Sovrin, LISSI, ESSIF, Jolocom, etc.
- Sector-specific ledgers like the velocity network / Market identity hubs
- New qualified trusted services providers (e.g. timestamp providers)
- Network of trusted issuers
Pilots in 2020:
The SSI community wants to initiate and support new pilot projects and is actively looking for partners and industry stakeholders such as:
The ESSIF lab, Horizon 2020 digital Europe for all, Decentralized identity foundation, ID2020, British Columbia, INATABA identity working group, National projects like Spanish Alastria and many more.
Join the initiative:
If you want to participate in the development of ESSIF you can join the stakeholder meeting organized by the Connecting Europe Facility (CEF). The second stakeholder meeting was mid-January with around 100 attendees online and locally in the Brussels offices combined. Subscribe to their newsletter on their website. You can find all documents from the last stakeholder meeting on my Github.
Disclaimer: While being based on official sources, this blog-post does not represent the official view of any entity mentioned in this article and solely represents the opinion of the author.
Own your keys