DHS Technical Implementation Requirements for Decentralized Identity
This is a work in progress. It will be updated as requirements and availability of standards-based technical choices evolve, and testing and evaluation is conducted to verify the privacy, security, interoperability and scalability of the choices made.
These technical implementation requirements have been chosen to meet the operational needs of U.S. Citizenship and Immigration Services, U.S. Customs and Border Protection and the DHS Privacy Office for implementing digital credentialing capabilities relevant to:
- Citizenship and immigration
- Cross-border travel
- Cross-border trade
The requirements seek to balance the robustness principle with a philosophy of “AND not OR” to ensure that the capabilities that incorporate these requirements can serve the diverse and global customer base of both CBP and USCIS in a secure, privacy respecting manner while enabling global interoperability at the technical level.
Conventions Used
The International Organization for Standardization (ISO) uses specific verbal forms to convey clarity on what is a requirement and what is a recommendation or other type of statement.
The requirements on the following pages adopt and use the following ISO document conventions:
- Requirements - SHALL, SHALL NOT
- Recommendations - SHOULD, SHOULD NOT
- Permission - MAY, MAY NOT
- Possibility and Capability - CAN, CANNOT
Scope of Requirements
The requirements span the use of Personal Credentials for both in-person and online usage scenarios, and the use of Organization Credentials for online supply chain usage scenarios.
The Trust Architecture section provides information on the technical building blocks used by DHS that enable trusted interactions on the web.
The Under Consideration section provides information on areas that are still TBD.
Changelog
Date | Version |
---|---|
March 18, 2024 | 1.0.0 |
August 21, 2024 | 1.1.0 |