What is interoperability, what needs to be done to achieve it in the SSI world, and what is the way forward?
Why can SSI end up like the tower of Babel?
There is a lot of activity in the SSI community. Different technological camps are coming together and are working on new common protocols and standards. The goal is to establish interoperability and eliminate security and privacy issues that have been identified in the current solutions. This is an extremely positive development. The community is optimistic and sometimes even euphoric.
BUT, SSI is getting more and more attention on the market. Projects are getting bigger and customers are pushing towards productive systems. That brings the risk that “obsolete” protocols and/or self-developed ad-hoc solutions will be implemented. “SSI” newcomers see an attractive business opportunity and prioritize profit over SSI principles and commonly agreed protocols. This would result in implementations not being interoperable. In the worst case, we end up with implementations that are advertised as SSI but are proprietary and central systems. You could say a kind of “SSI-washing”.
A lot of discussions is about interoperability. But what does it really mean for all the developers like Jolocom? In this logbook entry, I try to structure the term and make it more tangible.
Different levels of interoperability
The German Wikipedia entry for interoperability is a good starting point to explain the different levels (link). Sorry to all non-German speaking readers, but you don’t need to read the Wikipedia entry. The explanation decides between the following levels of interoperability:
- the structural level addresses the exchange of data,
- the syntax level addresses the extraction of the data,
- the semantic level addresses the interpretation of the data and
- the organizational level is dealing with the processes.
Our goal is pretty clear. We want that different actors/modules/implementations can communicate and exchange data. Furthermore, it is important that the data can be extracted so that they can be interpreted on a semantic level.
The differentiation between syntax and semantic level can be tricky. The following example is taken from W3C Verifable Credential Data Model.
"name": "Jayden Doe",
On the syntax level, I only know that the above example is an attribute and it contains a value. But I have no clue what it means. On the semantic level, I know that the attribute presents a name and the name is “Jayden Doe”.
The semantic and the organizational interoperability level are in the influence sphere of the specific use case and are independent for the actual software development process. Because of that we only focus on the structural- and syntax level of interoperability.
How Interoperability can be achieved?
How we can achieve interoperability on the structural- and syntax level? We have several options. Simplified, we have the following options:
- We can use the same software,
- we can build software on unified standards and protocols or
- we develop “Middelware” acting as a translator between different systems.
To pick the right option we have to take a look at the goals and framework conditions of SSI.
What are the goals of SSI and which option can be derived from?
Self Sovereign Identities should be an open public digital infrastructure for all. Therefore, it must be open source and accessible for all. With this requirement a SSI Infrastructure cannot be one software from one supplier. A single software implementation would be a huge barrier, and it would not support innovation and development.
Another important SSI requirement is privacy. A middleware – a translator between systems – would violate privacy goals. If the communication is routed through a middleware for translation, the middleware knows what, when and with whom information is shared, not good.
The only option left is unified standards and protocols. This is the only way to ensure an open ecosystem without violating SSI goals like privacy or face a vendor lock-in.
We all have to work hard on the goal to speak the same language and avoid a Babel-like fate.
Join us at the 33. Internet Identity Workshop from 12-14. of October. We will run a session about interoperability and discuss how we can achieve it.