Digital identity frameworks and their choices reflect different worldviews

At a talk for KuppingerCole’s European Identity and Cloud Conference (EIC), Markus Sabadello, CEO of Danube Tech, looks at the underlying worldviews and values that are built into digital identity standards.

“There are many standards now, if we’re talking about digital wallets and EUDI and verifiable credentials, there are a lot of technical choices.” Sabadello says those choices can be compared with social values to get a broader sense of how different parts of the world view digital ID.

“So one thing we need when we build a wallet is a way of exchanging verifiable credentials, right? We have an issuer. We have a holder, a verifier, and then the community, different organizations. There are different ways of doing that. There are different technical standards.”

Do you build with an established protocol, or a less well known protocol?

“For example, a lot of people would say, let’s use OpenID for VC because it’s very mature, it’s very successful, it’s well understood. It’s easy to integrate with what we have already. Whereas other people will say, let’s use DIDComm, because it’s a more general purpose protocol. And you can argue about the technical pros and cons for a long time.”

At last year’s EIC, Sabadello – who co-edited the Decentralized Identifiers specification at W3C – used the framing of Victor Hugo’s Les Miserables in his talk on the dueling narratives of decentralized identities.

This time, he again takes from the French revolution and its cry for “liberté, égalité, fraternité,” comparing asymmetrical and symmetrical protocols, different credential models and options for decentralized identity in broad social terms.

“In DIDComm you have a concept of ongoing relationships. It’s not just request and response pattern, but it’s a way of establishing peer to peer connections between participants. So the value that I see in one of them is that of being brothers and sisters and being connected on an equal basis, rather than a client server philosophy that you have in the other protocol.”

Of credential formats, he says “we need a data model for expressing what’s in the verifiable credential. And again, in the community and in different organizations, there are a number of different technologies for building that, right? There’s the ISO standard, there is the W3C verifiable credential data model. Again, you could argue for a long time.”

He points to JSON-LD as a model that reflects the same esprit as DIDComm. “What that means is that the meaning of the data in the credentials can come from different places – the semantics, the definitions. What does it mean to have a name? What does it mean to be a member of a family or to work for a company? What does it mean to have a certain religion? These kinds of claims; the definitions of the terms of the attributes.” For Sabadello, more freedom to define the semantics of what goes into the credential enables the spirit of liberty.

“If we’re standardizing the form of a USB charger or the measures of a screw, then we make technical choices for interoperability. But sometimes choices do matter, right? And sometimes choices in technical standards are not only technical and about technical features, but sometimes they have these implications, like symmetry, decentralization, egalitarian relationships, open world data model and so on.”

Extending his metaphor to the worlds of global fast food and social media, Sabadello recalls a friend noting that “using more decentralized, more self sovereign identity technology is a bit like cooking healthy food and eating healthy. Whereas using Facebook is like going to McDonald’s.”

His overarching message is, don’t opt for simplicity at the expense of core values, and remember that technology is not neutral. “I’m a great fan of the EUDI wallet and the different implementations,” he says. “I would only ask that we keep in mind that it is a bit more than just kids and drivers licenses. Digital identity has always been about asking a bit the question of, how does real human identity work in the digital world? And we need to keep this in mind when we select the standards, not only look at the technical pros and cons, but also the values behind that.”

Article Topics

Danube Tech  |  decentralized ID  |  digital ID  |  EIC 2025  |  standards  |  verifiable credentials