Today Im going to blog about something a bit different: the important role identity open standards play in accelerating innovation. If youre an identity geek or an open standards geek, or just interested in understanding where we believe the future of identity is headed, I think youll find it interesting.
At Microsoft, we firmly believe that open identity standards accelerate innovation. Some of you might think this is an oxymoron. Let me explain why it isnt.
By building upon widely implemented industry standards, innovators are free to focus on the innovative aspects of their work, letting existing standards do the heavy lifting for the needs of their projects that standards already address. The potential for use of cryptographic and digital identity standards in decentralized systems illustrates this point.
Microsoft is deeply engaged with a ton of innovative members of the identity community, and were all working together to design and prototype an open standardsbased approach to decentralized public keybased identity systems. Needless to say, we are VERY excited by the potential here.
We love whats happening and the way innovators are coming together to enable new digital identity possibilities. All of us want these possibilities to achieve their promise as quickly as possible. Integrating and maintaining interoperability with existing identity management systemsall based on standardswill be key to accelerating this process.
Standards play a huge role in enabling innovation in decentralized public keybased identity systems. By using widely adopted industry cryptographic and data representation standards as an agreed framework, innovators in this space can achieve laser focus on the unique value that theyre adding. Furthermore, use of standards, where applicable, will facilitate faster adoption as decentralized public keybased systems move from prototypes to production systems.
To make things concrete, we believe that use of the following standards will accelerate innovation when building decentralized identity systems:
Great standards not only solve current use cases but enable solving new ones. The JOSE [RFC 7515-7518] and JWT [RFC 7519] standards and their binary equivalents explicitly enable innovation while still using the standards. How is this possible?
While JWA [RFC 7518] defined how to a set of commonly used cryptographic algorithms with JWS, JWE, and JWK, it also established the IANA JOSE Algorithms registry to enable additional algorithms to be used for new use cases, without having to revise the JOSE standards. For instance, RFC 8037 defined how to use new elliptic curves with JWS, JWE, and JWK. Microsoft is currently working with decentralized systems implementers on registering the secp256k1 algorithm for use with JWS and COSE. And when new cryptographic algorithms are invented, new identifiers can and will be registered for them in the IANA JOSE Algorithms registry.
Microsoft is building a proof of concept for decentralized identities based on these robust industry standards. Wed like to invite others to join us using this approach. Together we can dramatically accelerate innovation and rapid adoption using this approach.
Were excited to see what well achieve together!
Alex Simons (Twitter:@Alex_A_Simons)
Corporate Vice President of Program Management
Microsoft Identity Division