SSI Orbit Podcast
OpenID4VC: OpenID for Verifiable Credentials (with Torsten Lodderstedt)
By Mathieu Glaude
March 10, 2023

🎧   Listen to this Episode On Spotify

🎧   Listen to this Episode On Apple Podcasts

About Podcast Episode

OpenID4VC (OpenID for Verifiable Credentials) is a protocol for exchanging verifiable credentials in a decentralized identity environment. Its work is being conducted in the OpenID Foundation, in liaison with the Decentralized Identity Foundation (DIF) and with working groups in International Organization for Standardization (ISO).

The goal of OpenID4VC is to provide a simple and interoperable way to exchange credentials between different decentralized identity systems.

OpenID4VC supports three main use cases:

  1. Credential Issuance – OpenID4VC provides a way to issue verifiable credentials in a decentralized way
  2. Credential Presentation – OpenID4VC enables users to present their credentials in a verifiable way, without revealing unnecessary personal information.
  3. Pseudonymous User Authentication – OpenID4VC allows users to authenticate themselves without revealing their real identity.

The focus on these three use cases means that OpenID4VC purposefully isn’t focused on supporting a broader set of trust tasks that other protocols such as DIDComm aim to support.

Some core themes throughout this conversation were interoperability and avoiding locking into a specific implementation. The implementation of new formats for credentials can create obstacles for adoption, so providing a simple and secure credential agnostic protocol can help with interoperability, and therefore adoption.

In designing OpenID4VC, it was made a priority to support different credentials formats, identifiers, cryptography suites and trust management mechanisms. This spreadsheet should give a good idea of the complexity of the landscape of credential profiles and more.

As we’re reaching mid-March 2023, OpenID4VC seems to be gaining significant traction in the decentralized identity community. It has been incorporated into various industry standards, including the ISO/IEC 29184-8 standard for decentralized identity, and its issuance and verification protocols (OpenID4CI and OpenID4VP using SIOPv2) have been made “MUSTS” in the European Union’s Digital Identity Wallet Architecture and Reference Framework.

I was fortunate in this latest podcast to sit down and chat with Torsten Lodderstedt, one of the co-authors of the OpenID4VC specification. I hope you enjoy the discussion and find it as informative as I did.

In this podcast episode with Torsten, him and I discuss,

  • OpenID4VC’s background, and its relationship to oAuth2 and OpenID Connect.
  • How verifiable credential issuances and verifications are done using OpenID4CI and OIDC4VP (+ why Presentation Exchange was chosen as the verification protocol).
  • Decisions behind supporting different credentials formats, identifiers, cryptography suites and trust management mechanisms.
  • How OpenID4VC fits within the ToIP Hourglass Model (from the ToIP Technical Architecture Specification).
  • How OpenID4VC can be used in conjunction with other protocols such as DIDComm to bootstrap workflows.
  • Does OpenID4VC combined with trust frameworks help to solve the NASCAR problem we face today on the internet?
  • SIOP: the protocol to exchange cryptographically verifiable identifiers and authenticate using the key material controlled by the End-User.
  • Using OpenID4CI for ISO 18013-5 (mDL) to move away from wallet-specific credential issuance and towards an interoperable way of exchanging verifiable credentials between different decentralized identity systems.

 

About Guest

Dr.-Ing. Torsten Lodderstedt is founder of Tuconic, a consulting firm specialising in digital identity and API-based software architectures, with more than 15 years experience in developing and running large scale consumer identity services. In his previous positions, he helped organisations in public, banking, railway communication, and telecommunication domains to implement highly-scalable and secure services. Torsten regularly contributes to identity standards, currently focusing on decentralized identity and global identity networks. He is co-author of OpenID for Verifiable Credentials and OAuth 2.1, and co-chairs the GAIN PoC community group.

 

LinkedIn: https://www.linkedin.com/in/dr-torsten-lodderstedt/

Twitter: https://twitter.com/tlodderstedt

 

Related Episodes

Want to Be a Guest?

Come Onto the Show

Stay Connected to Get The Latest Podcast Alerts

Introducing our groundbreaking Trust Registry platform

The ultimate solution for forging resilient trust ecosystems in today's digital landscape.

Trust Registry

Products

 

Orbit Enterprise

Establish your own trusted digital interactions ecosystem with your customers, partners and suppliers

Orbit Edge Wallet

Hold and manage issued verifiable credentials securely and in a privacy-preserving way

Orbit Trust Registry

Empower your organization to establish credibility, verify identities, and foster secure interactions with confidence and ease.

Updates

 

Product Updates

Solutions

Verified Person

Receive a verifiable credential from Northern Block

OpenID4VC

Try our new OpenID4VC demo

Energy and Mines Digital Trust

Organizational Wallet and Credentials

Receive, store and exchange organizational credentials within your ecosystem

 

 

 

Resources

 

SSI Orbit Podcast

Self-sovereign Identity, Decentralization and Digital Trust

Blog

Insights and News from the Forefront of Self-sovereign Identity

Latest Content

 

The United Nations Transparency Protocol (with Steve Capell)

The United Nations Transparency Protocol (with Steve Capell)

🎥 Watch this Episode on YouTube 🎥🎧   Listen to this Episode On Spotify   🎧🎧   Listen to this Episode On Apple Podcasts   🎧 About Podcast Episode Are you confident in the environmental and social claims about your products? In this episode of The SSI Orbit Podcast,...

read more