Chairs: Robert Ott, Niels van Dijk, Gert De Braekeleer

Supported by: Licia Florio, Michelle Williams

Monday 21st February 2022, 14:00-16:00 CET

https://events.geant.org/event/1106/


AGENDA (slides)

14:00-14:10

Welcome and follow up to December's meeting

14:10-14:30

Presentation reporting on EBSI (results, challenges, with Q&A)

Gert de Braekeleer and Daniël Du Seuil


14:40-15:10


Description of three proposed use cases

Niels van Dijk

    1. eduID and SSI
    2. Open Accreditation: Identity Federations set up a lot of trust, but with a lot of effort and preparation to create that trust – an opportunity offered by SSI is to establish trust in a different (more open) way, making it easier to share the data in our sector with other sectors (e.g. providing evidence of qualifications to employment agencies, where the receiving entity doesn’t want to become a federation member).
    3. Frictionless research collaboration based on the sharing of credentials in such a way that doesn’t require complex routing/context where the user has to know which IdP, VO, etc to utilise in which context, exploring ways to collect ’tokens’ from multiple sources.

The use cases would encompass various aspects such as technology (both DLT and SSI), legal, ‘service model’, etc, as not some may be appropriate for SSI, some may (or may not) be appropriate for a public ledger.

15:10-15:50

Discussion


NOTE: Zoom links will no longer be included in meeting pages: it will only be possible to gain access to the room after registration, and it will be necessary to authenticate to Zoom before joining.

Future meetings:Monday 21st February, 14:00-16:00 CET
Monday 25th April, 14:00-16:00 CET https://events.geant.org/event/1128/
Monday 27th June, 14:00-16:00 CET https://events.geant.org/event/1129/
Monday 19th September, 14:00-16:00 CET https://events.geant.org/event/1130/
Monday 21st November, 14:00-16:00 CET https://events.geant.org/event/1131/
Post event survey: https://events.geant.org/event/1106/manage/surveys/

Meeting recording: https://geant.app.box.com/folder/156832745281

Attending:

  • Licia Florio (GEANT)
  • Niels van Dijk (SURF)
  • Robert Ott (SWITCH)
  • Davide Vaghetti (GARR)
  • Marcus Hardt
  • Christos Kanellopoulos (GEANT)
  • Wolfgang Pempe (DFN)
  • Janne Lauros (CSC)
  • Mads Freek Petersen (WAYF)
  • Jurgen Brauckmann (DFN)
  • Slavek
  • Jose Manuel Macias (redIRIS)
  • Daniel Du Seuil (ESSIF)
  • Ignasi Oliva Corrales
  • Mikael Linden (CSC)
  • Ivan Kanakarakis (SUNET)
  • Gert de Braekeleer (Belnet)
  • Jose Maria Fontanillo Muniz (redIRIS)
  • Claudio Piso (GARR)
  • Susan Rea (MTU)
  • Janos Mohacsi (FIFU)


NOTES:

Presentation reporting on EBSI (results, challenges, with Q&A): Gert de Braekeleer and Daniël Du Seuil

The focus of the coming months is to move towards production (legal assessments, security assessments, etc) with a large amount of technical progress having been made since 2020.

There are 41 nodes across Europe, in 22 countries, many of which are hosted by NRENs.

Currently progressing through the process of production readiness.

EBSI use cases are in two main segments.

The Early Adopters Programme took place.

23 cross-border scenarios were identified.

Demo days are planned in Spring 2022.

The plan is for EBSI to be a building block inside an ecosystem.

Looking towards potential synergies with the European Digital Identity Wallet Roadmap.

Members of EBP can contribute.

It is currently publically focused, but private companies can potentially participate.

Question: Is there a public blockchain that countries outside Europe can use? Answer: Certain use cases are more closed (information exchange between ministry of taxations, for example) other use cases are more open. 

Question: How does this project manage the criticism of the blockchain technology? Answer: This is similar to other situations that are also perceived to be using emerging or novel technologies. A hybrid approach is being taken in order to keep an open mind to all available technologies, including those that are new. Also, the ledger is finding its place, potentially as a decentralised ledger, rather than blockchain per se. It is quite sensitive, as 'blockchain' can provoke a wide range of reactions in discussion. EIDAS2 is for the next 5-10 years. Also some are taking a 'wait and see' approach.

Question: How do you foresee sustainability of EBSI infrastructure? What source of resources are foresee? Answer: Sustainability is on the agenda - we want to see it as a public infeastructure, but longer term no doubt it needs to evolve. Other models need to be explored, and one objective of the call is to see how this can be approached.

Question: There is governance as well as cost - they are both part of the sustainability topic. Will the governance also be public? Will policies, etc, be made public? Could you please elaborate a bit on how issuers and verifiers are onboarded? What are the rules/regulations? Answer: this is linked to trusted issuers, in some cases are identified by ministries. The trust needs to be robust, and the chain of trust needs to be clear, and will be influenced by the nature of information (e.g. financial and medical information will need strong governance). 60-80% of the work is to define the governance model and the associated policies, such as who can issue an ID, how do you deal with suspensions, etc.

Question: Could you envisage a multi-layer governance and trust model or is it the intention to have a single layer? Answer: it's likely that there will be diferentiated governance model based on the focus area. Some will not need a heavy centralised governance model, as is used in EBSI. Perhaps the technical aspects don't need to be so intertwined with the governance. Centralised and less centralised models will inevitably have a place.

Question: I know that in Italy there is a parallel "Italian Blockchain Service Infrastructure" initiative run by a government agency. Do you know if there are other national initiatives and how do they relate with EBSI? Answer: there are many! The challenge comes where the focus is different, the approach is different, etc. 

Question: there are  many parallels with EBSI and what was happening in EIDAS previously. Do you consider it will scale? Answer: there is a lot of interest, and a lot of participants, so we can use the momentum to translate that to support, however, it will be difficult. Legislation isn't necessarily the answer!

Question: there is value in addressing these challenges at a European level, but when I see that users at universities are struggling with even the basics, how will they manage with these more challenging use cases? We have to bring everyone along, and make the application/deployment something that can bridge that gap? And given that position why would someone use this blockchain infrastructure when others would be others (maybe commercial) available? Answer: perhaps a variety of approaches including having pan-European iniaitives such as GEANT can support this by offering it as part of the 'backbone of services', for example?

It would be helpful if EBSI was a little more open to applications wanting to use its infrastructure, e.g. SWITCH diploma use case has 20k diplomas already verifiable on the blockchain is because of the approach they took using a public blockchain.

Daniel: if you any questions reach out to me via or via Gert

Description of three proposed use cases: Niels van Dijk

Presentation of ongoing work in the GN4-3 Incubator.

Questions:

  1. Question: How would you manage virtual groups with SSI? Who would be responsible for group management? Answer: as in groups that comprise members of many organisations, i.e. a VO, all VOs would technically need to onboard their own members, to their own rules and procedures. 
  2. Question: As for the trust model - how is trust established between verifier and holder? All I see as an end user is a QR code? Is there a way to check if the URL belongs to a trustworthy verifier and not a possibly malevolent man in the middle? In SAML there are Binding URLs registered with the federation metadata... Answer: the trust model is one of the critical aspects that we (as community) need to look into it. There are potentially a number of implmentations, e.g. a distributed ledger such as EBSI are using, where on the ledger the issuer and trusted entities are registered. Question: as an end user, I have to trust an entity that tells me it's a verifier, and end users in this example will only see an anonymous QR code - how do I know I can trust it?


  • No labels