IDBB Status Meeting 16th July 2024
Attendees:
@PSRAMKUMAR
@smita.selot
Key Points Discussed:
Identity White Paper
Limitations of the typical username/password approach
Include the functional aspect of using Foundational Identity-based SSO vs social media-based SSO (Google, Instagram, Facebook etc)
Elaborate on the concept of the use of Functional ID (PSUT) by other BBs such as Messaging BB
Organization ID
Onboarding and creating Functional IDs for Organizations
Similarity with Functional IDs for humans
How do we build trust among organizations (digital signatures?)?
Organization <> Organization, Organization <> Human, and Human <> Human interactions
Data sharing and Consent mechanisms
Payments
Messaging
Policy Management
Role of the parties (issuer, verifier, holder, etc.)
Attributes to be shared
Mode of attribute sharing (partially masked, masked, unmasked, signed, encrypted, etc.)
Duration of attribute sharing
Revoke attribute sharing
How do we onboard more DPGs in GovStack?
Adaptors - Who will build them? Countries, GovStack, Joget, DPGs?
Functional Compliance vs API Compliance
DPGs that only compliant with GovStack Functional Requirements
DPGs that are compliant with GovStack API Requirements
What will motivate the DPGs to be compliant with GovStack?
Business/ROI incentives -
GovStack indirect influence by showcasing multiple DPG options for each BB to the countries adopting GovStack, currently only 1-2 DPGs are compliant for each BB
Proactive discussions with DPGs to understand their motivation
Already established markets; do not need help from GovStack
Legacy implementation – Hard to adapt to new standards
Action Items:
Add sections in the Identity White Paper as discussed
Research on examples of DPGs in a given BB that are Functionally Compliant but not API compliant
Think about the Policy Management Framework
Functional Identity for Organizations