Exploration of Key Insights Gleaned from the 37th Internet Identity Workshop (IIW)

Exploration of Key Insights Gleaned from the 37th Internet Identity Workshop (IIW)

The **Internet Identity Workshop (IIW) 2021** continued to drive critical discussions and advancements around digital identity protocols, emphasizing a user-centric approach, enhanced security, and interoperability of decentralized systems.

Held at the Computer History Museum in Mountain View, CA, the biannual event saw attendees develop its format, focusing on discussions related to digital identity. Key takeaways and latest developments from the event include:

- **Focus on User-Centric Digital Identity:** IIW has consistently promoted models where users control their own identity data rather than relying solely on centralized authorities. This includes frameworks that prioritize privacy, consent, and user empowerment in identity interactions.

- **Advancement in Protocols like OpenID Connect and DID:** Discussions and implementations around protocols such as OpenID Connect with Level of Authentication (LoA) claims (e.g., LoA1-password, LoA2-authenticator app, LoA3-passkeys) were highlighted. For instance, setups using Keycloak as an identity provider implement these levels, enabling stronger, more granular authentication flows tailored to security needs.

- **Decentralized Identity and Trust Frameworks:** The emergence of alliances such as the DKMS Alliance, which integrate protocols like KERI, cryptographic agility solutions, and verifiable data ecosystems, show a move toward unified, community-driven, and modular architectures. These emphasize transparency, interoperability, and robust governance to avoid vendor lock-in and fragmented digital trust approaches.

- **Governance and Collaboration:** IIW 2021 fostered collaboration among technical leaders, strategists, and funders to define clear roadmaps and governance for decentralized identity infrastructure, focusing on future-proofing the ecosystem and expanding adoption among governments and enterprises.

- **Security and Anti-spoofing Campaigns:** While not directly from IIW 2021 but in line with its ethos, broader cybersecurity initiatives such as coordinated anti-spoofing campaigns demonstrate the importance of collaborative technical efforts at scale to secure internet infrastructure, relevant to identity and trust systems.

In addition, the workshop discussed the importance of secure protocols surrounding digital identity documents. Examples include digital signatures and encryption, ensuring integrity and confidentiality in their creation, issuance, and verification.

Another crucial topic was the eIDAS requirements, which set standards for electronic identification in the European Single Market, emphasizing the importance of strong authentication and secure communication in protecting digital identities.

The W3C CCG DID Method Registry was also a topic of discussion, with a focus on refining the registry and potential deprecation of DID methods, regular liveliness checks, and multiple registrations under a single namespace.

Our website is developing an Identity App, a digital ID app that allows users to request, store, and share verifiable credentials, aiming to embody principles of trust, privacy, and simplicity.

The IIW followed an "Open Space un-Conference" format that encourages natural conversations, networking, and collaborative learning. Notable sessions included Sam Curren's exploration of how DIDComm could augment OpenID4VC, hinting at a collaborative future for our website protocols.

In summary, IIW 2021's latest developments revolved around advancing secure, interoperable, and user-empowering digital identity protocols with practical implementations like OpenID Connect LoA claims, fostering community-driven governance, and integrating decentralized cryptographic frameworks to build a resilient, user-first identity ecosystem.

• Amid the discussions at the Internet Identity Workshop (IIW) 2021, the importance of incorporating enhanced cybersecurity measures for user-centric digital identity was emphasized, with a focus on data-and-cloud-computing technology ensuring the secure storage and sharing of verifiable credentials.
• As the IIW 2021 fostered collaboration around decentralized identity infrastructure, it highlighted the need for continued advancements in technology, such as data-and-cloud-computing and cybersecurity, to ensure the interoperability, transparency, and robust governance required for a resilient and user-first identity ecosystem.

Read also: