When we talk about introspection in digital identity, we’re not just talking about what happens in OAuth 2.0. Yes, there’s a token introspection spec, but this post is about something broader: the idea that platforms—especially browsers—can inspect and influence the identity data being exchanged. Is that a good thing? Apple and Google disagree on just Continue Reading The post Is Introspection a Bug or a Feature? appeared first on Spherical Cow Consulting.| Spherical Cow Consulting
tl;dr: Traditional identity federation has enabled digital identity with centralized, third-party logins, for decades. Its limitations in security and user control, however, are becoming a problem, especially when there are alternatives being developed. Digital credentials offer a decentralized, user-empowering alternative that enhances privacy and enables offline authentication. We’re looking at a brave new world with Continue Reading The post Digital Credentials vs. Traditional Federation...| Spherical Cow Consulting
Imagine being able to prove you’re old enough to buy a drink without flashing your ID—or proving you have insurance without handing over your policy details. Sounds like magic? It’s just math. Zero-Knowledge Proofs (ZKPs) might be the biggest leap for privacy since encryption, but they also come with serious challenges. Let’s talk about the Continue Reading The post Zero-Knowledge Proofs: Privacy, Innovation, and Equity appeared first on Spherical Cow Consulting.| Spherical Cow Consulting
The EU's Digital Identity Architecture Reference Framework (ARF) offers a starting point for digital wallets. It aims to support user control over personal data while meeting legal and cybersecurity requirements. But to get there from here, you need to know what you don't know: the functional and non-functional requirements, along with interfaces and integration points for digital identity wallets. The post The EU Digital Identity Architecture Reference Framework – How to Get There From Her...| Spherical Cow Consulting
Today, as digital public infrastructure gains popularity, trust is critical, as important information of all types is being stored – and shared – across national data exchange systems and beyond. Verifiable credentials, when well designed, implemented, and governed can ensure these data assets are being accessed and shared in a trusted, secure manner. To learn more about the power of verifiable credentials, read our primer piece here.| Digital Impact Alliance
Is the digital identity wallet metaphor helping or hurting adoption? A look at where the term breaks down and what might work better.| Spherical Cow Consulting
Centralized vs decentralized? The smartest architectures can shift. Learn why flexibility is key to resilient system and identity design.| Spherical Cow Consulting
Going to a conference like Identiverse is a privilege, even if the travel is funded by airline and hotel miles earned by the feverish pace of pre-COVID travel from my […] The post Identiverse 2023: Recap and Highlights appeared first on Eric on Identity.| Eric on Identity
This blog post provides an overview of the verifiable credentials landscape, helping you to understand formats, protocols & the tech used.| Spherical Cow Consulting
JSON, a Simple and Easy Start for Verifiable Credential Issuance JSON is really really simple. It is just name value pairs. There is a tiny IANA registry for JWT claims that defines about 100 JSON terms. This is the one registry of JSON terms that folks who love JSON reference repeatedly and say solves any […]| Identity Woman
