(Replying to PARENT post)

Shameless plug (but I hope that's okay, again): IRMA Authentication is an open-source app [1] and protocol that offers privacy-friendly attribute based authentication and signing using Camenisch and Lysyanskaya's Idemix [2].

It's currently heavily focused towards The Netherlands, where citizens can obtain attributes such as name, home address and age. These attributes can then be selectively disclosed directly to a service provider, without the identity provider being able to see the transaction [3]. Multiple disclosures are also unlinkable as long as the attributes themselves are not identifying.

The fact that the identity provider is not at all involved with the transaction is an enormous privacy win compared to OpenID Connect, especially in the case of centralizing providers such as Apple โ€“ and less so in for example the domain of education single sign-on.

It's not currently using the verifiable claims data model, but it would very much fit it. It also doesn't use a 'blockchain', simply because it's not necessary to do so, and makes it all a lot less complicated.

[1] https://github.com/privacybydesign

[2] https://privacybydesign.foundation/publications/

[3] https://privacybydesign.foundation/meeting-slides/slides-8-3...

๐Ÿ‘คConfiks๐Ÿ•‘6y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

> Shameless plug (but I hope that's okay, again)

I find lots of cool shit on hn because people decide to share their side projects that I wouldn't otherwise have seen.

It only becomes a problem when people don't disclose they have a bias or connection to a product when they should.

๐Ÿ‘คpreommr๐Ÿ•‘6y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

This sounds very similar to Mozilla's BrowserID. Is there any document contrasting the two?
๐Ÿ‘คicebraining๐Ÿ•‘6y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

Mobile ecosystem issues aside, IRMA looks excellent. Could IRMA's decentralization and selective disclosure features somehow be combined with OpenID? For example, could the IRMA application serve as a standalone OpenID provider, perhaps using OpenID Connect Federation to establish trust? [0]

[0] https://openid.net/specs/openid-connect-federation-1_0.html

๐Ÿ‘คlwyr๐Ÿ•‘6y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

Is IRMA still phone-only? IRMA can't meet its stated design goals if owning a smartphone is required.
๐Ÿ‘คFreak_NL๐Ÿ•‘6y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

Is there an HN post about this?
๐Ÿ‘คfloatingatoll๐Ÿ•‘6y๐Ÿ”ผ0๐Ÿ—จ๏ธ0