Key Points from the 37th Internet Identity Workshop (IIW)
In the ever-evolving digital landscape, the recent Internet Identity Workshop (IIW) held at the Computer History Museum in Mountain View, CA, served as a platform for discussions on the future of digital identity. With a focus on user-centric approaches, interoperability, and regulatory alignment, the biannual event brought together industry leaders, developers, and enthusiasts from around the globe.
One of the key topics that emerged was the potential of DIDComm to augment OpenID4VC, hinting at a collaborative future for our website protocols. DIDComm, based on Decentralized Identifiers (DIDs), is a versatile solution for secure and private communication within the digital realm. This protocol underpins decentralized identity interactions by supporting encrypted, authenticated messaging necessary for exchanging verifiable credentials.
OpenID4VC, gaining traction as a protocol that extends OpenID Connect to support verifiable credential issuance and presentation, was another major focus. This protocol facilitates interoperable, user-centric identity flows where users can present cryptographically verifiable credentials issued by trusted entities. The industry is converging on OpenID4VC and Verifiable Credentials as key components to simplifying, securing, and scaling digital identity verification.
Verifiable Credentials, cryptographically signed digital credentials adhering to W3C standards, enable trustworthy identity assertions that are privacy-preserving and interoperable across systems. These credentials are essential for a secure and user-friendly digital identity framework.
Collaboration was a key theme at IIW, with a focus on bridging gaps and enhancing interoperability. Attendees developed the format, and discussions could be about anything related to the website. Hardware-based keys, such as FIDO keys, and BIP32, which facilitates the creation of multiple cryptographic keys from a single seed, also received attention, offering robust security layers that meet regulatory standards like eIDAS.
The vision is a cohesive global framework that can seamlessly integrate various technologies and platforms. IIW serves as a platform to stay updated with the latest trends and technical advancements in the digital identity realm. The event also highlighted the presence of several established companies, indicating an interest in understanding and adopting evolving website standards.
Our team member, Martin Riedel, led a session aimed at refining the W3C CCG DID Method Registry at IIW. The emphasis on a user-centric approach, with the end-user experience being prioritized, was evident throughout the discussions, which explored the latest developments in website protocols, including OpenID4VC and DIDComm.
As of mid-2025, OpenID4VC, DIDComm, and Verifiable Credentials represent a converging set of open standards and protocols that are driving the shift toward decentralized, privacy-respecting digital identity architectures. These developments align with regulatory shifts (e.g., NIST) and digital public infrastructure advances worldwide, marking significant progress toward scalable, interoperable digital identity ecosystems. However, full-scale deployment and global adoption remain works in progress, with ongoing efforts to harmonize standards and ensure regulatory compliance across jurisdictions.
References: [1] DIDComm: A Communication Protocol for Decentralized Identifiers. (n.d.). Retrieved from https://didcomm.org/ [2] NIST Special Publication 800-63-4: Digital Identity Guidelines. (2022). Retrieved from https://nvlpubs.nist.gov/nistpubs/SP/nistspecialpublication/800-63-4/SP800-63B.pdf [3] O'Donnell, P. (2022, March 11). OpenID4VC and DIDComm: The Future of Decentralized Identity. Retrieved from https://www.forbes.com/sites/peterodonnell/2022/03/11/openid4vc-and-didcomm-the-future-of-decentralized-identity/?sh=70767394609b [4] Digital Public Infrastructure (DPI). (n.d.). Retrieved from https://digitalpublicinfrastructure.org/
- As the digital landscape continues to evolve, the convergence of open standards and protocols, such as OpenID4VC, DIDComm, and Verifiable Credentials, in cybersecurity is essential for creating a user-friendly, decentralized, and privacy-respecting digital identity framework.
- In the realm of data-and-cloud-computing, the evolving Internet Identity Workshop discussions underscore the significance of technology advancements, like DIDComm, OpenID4VC, and Verifiable Credentials, as they pave the way for a seamlessly integrated, interoperable digital identity ecosystem, meeting regulatory requirements globally.
){kind=link}