Skip to main content

2025-11-27 1856 AEDT

Nov 27, 2025

UN CEFACT GTR Project - AUS / EU

Invited John Phillips Jo Spencer Steve Capell Alina Nica Gales Harmen van der Kooij Said Akdim

Attachments UN CEFACT GTR Project - AUS / EU

Meeting records Transcript Recording

Summary

John Phillips welcomed the participants, outlining the UN/CEFACT Global Trust Registry Project's focus on document three (digital identity anchor) and document four (legal and operational framework for the GRID) with contributions from Alina and Sankashan. Harmen van der Kooij introduced the Fides Community and KvK teams, including Said Akdim and Victor van der Hulst, and demonstrated the Credenco organizational wallet and Fides Blue Pages (an open source DID based identity resolver), showcasing how the KvK sandbox issues an LPID credential (digital identity anchor credential) to the organizational wallet of a company called Dutch Craft Furnishing. John Phillips and Alex Tweeddale raised technical and legal questions about terminology, privacy, legal bindingness (addressed by Harmen van der Kooij mentioning Q Seals), credential hosting, trust lists, and how the decentralized Fides system handles trust and prevents fake entities.

Details

Notes Length: Standard

  • Project Context and Agenda John Phillips welcomed participants to the UN/CEFACT Global Trust Registry Project meeting, noting that the meeting is being recorded to generate a transcript and minutes. The project's primary goal is to provide open-source, royalty-free content for global benefit, and participants were reminded of the conduct and IPR rules [00:00:00]. The agenda included introductions, a quick recap, updates on actions, and a deep dive into the work by Fides and KBK in the Netherlands [00:01:03].

  • Project Updates and Document Structure John Phillips provided updates on the project structure, explaining that they are focusing on document number three, which covers the digital identity anchor body of work, while Alina is focused on document number four regarding the legal governance and operational framework for the Global Registry Information Directory (GRID). Sankashan is contributing to technology and architecture, and documents are actively being moved to the UNIC GitLab space, which serves as the formal content repository [00:01:59].

  • Introductions of Fides and KBK Team Harmen van der Kooij introduced the presentation team, starting with Said Akdim, a Project Manager at the Chamber of Commerce Innovation Lab (KvK), who is experimenting with digital identity and business wallets, including the "company passport" project focusing on semantic interoperability [00:04:24]. Victor van der Hulst, a co-founder of the Fides community and Fides Labs, also introduced themself, stating that Fides aims to accelerate digital trust for individuals, organizations, and things, making the global registry important to their work [00:05:46].

  • Fides Community and Digital Identity Examples Harmen van der Kooij described Fides as an open community focusing on adopting credentials for organizations and things, with over 60 supporters from 10+ countries. The community collaborates on tooling such as wallet and credential catalogs, an interoperability profile, an open testbed, and identity resolvers [00:07:52]. Harmen van der Kooij then planned to show examples using the KvK sandbox environment, where credentials like the Legal Person Identifier (LPID) credential (a digital identity anchor in UNP terminology) are issued and downloaded into a business wallet [00:09:04].

  • Demonstration of Organizational Wallet and Public Profiles Harmen van der Kooij demonstrated how an entrepreneur, "Class," can download their LPI credential for their company, Dutch Craft Furnishing, from the KvK sandbox environment into an organizational wallet [00:11:29]. Once in the wallet, the company can choose to publish some credentials in a public profile, which is a DID document with linked verifiable presentations, acting as a decentralized Google business profile [00:14:02]. Organizational wallets enable issuing, storing, and verifying credentials, and are experimenting with trust lists for configuring trusted issuers [00:15:30].

  • The Fides Blue Pages as an Identity Resolver Harmen van der Kooij showcased the Fides Blue Pages, which functions as an identity resolver, or a very light crawler of DID documents, to find information about companies [00:10:23] [00:16:38]. This solution is decentralized, as data originates from organizational wallets, and is primarily intended for discovery, not as a trust anchor [00:18:12]. The Blue Pages solution is open source and is used in various projects, including those related to dynamic business registries and e-invoicing [00:19:32].

  • DID Resolution and Trust Lists Harmen van der Kooij explained that the Blue Pages discovery mechanism is available via an API, which organizational wallets use for finding and connecting with other parties' DID documents [00:20:56]. The DID acts as the identifier owned by the company, capable of connecting to any other identifier such as a KvK number or GS1 number [00:22:35]. Fides also maintains an initial list of trusted lists, structured similarly to the EU's trust lists (a list of trusted lists pointing to national lists), which is being used for experimentation within the organizational wallets [00:24:05].

  • Terminology and Privacy Considerations for Legal Entity Identification John Phillips raised a question about the terminology, specifically the separation between Legal Person ID (LPID) and organization ID, to which Harmen van der Kooij acknowledged that Fides is following schemas used in large-scale European pilots, including LPI [00:27:12]. Said Akdim noted that new EU legislation about business wallets might be changing terminology, as LPID was not mentioned in a reading of the new legislation [00:28:01]. John Phillips stressed the importance of separating privacy concerns for individuals from those of publicly registered companies to avoid unnecessary complexity [00:30:09].

  • Legal Bindingness and Implementation Timeline John Phillips inquired about the authoritative and legally binding status of the demonstrated solutions. Harmen van der Kooij stated they are currently piloting the use of Q Seals (legally binding signatures in Europe) connected with the company's DID, which, when used to sign credentials, could make them legally binding, although implementation is still in the innovation phase and expected to take time within the EU business wallet context [00:34:23]. Said Akdim confirmed that the KvK is working within the constraints of the law and the timeline of the eIDAS regulation to issue verifiable credentials, with legal colleagues currently studying the obligations [00:37:28].

  • Technical Questions on Credential Hosting and Discovery Alex Tweeddale asked who would host the credentials (KvK or the legal entity) once issued, which Harmen van der Kooij clarified can be done either by picking up the credential from the Chamber of Commerce website or directly from the wallet, using issue-initiated flows like OpenID for VCI [00:40:01]. John Phillips questioned if fake companies could enter the Blue Pages through self-issued DIDs, and Harmen van der Kooij explained that each catalog is configured to crawl DIDs with specific characteristics and requires credentials to be issued by particular trusted issuers, as determined by a trust list configured in the organizational wallet of the catalog owner [00:42:13].

  • Trust Determination and Decentralized Approach In response to John Phillips's question about whether organizations decide who they trust or if some sources are automatically trusted, Harmen van der Kooij stated that wallets should maintain sovereignty over trust options, allowing organizations or countries to add or extend mandated trust lists [00:45:16]. Harmen van der Kooij emphasized that they have architected for diversity, allowing for the combination of existing PKI trust with more progressive trust relying on Verifiable Credentials [00:47:08].

  • Discussion on Wallets in UNTP Implementation John Phillips observed that the functionality provided by the organizational wallet, particularly the business wallet concept, is relevant to the UNTP initiative, despite the UNTP tendency to distance itself from the term "wallets" [00:47:08]. Harmen van der Kooij agreed, calling it a semantical discussion, and noted that organizational wallets encompass the necessary features (issue, hold, verify) for projects like e-invoicing, where the issuer-holder-verifier pattern may not fully apply [00:48:31].

  • Conclusion and Next Steps John Phillips concluded the presentation, thanking Harmen van der Kooij and Said Akdim for the "fantastic" demo. Alex Tweeddale requested follow-up information on how a DID document points to a link for a Verifiable Presentation, and Harmen van der Kooij agreed to connect one-on-one [00:50:10]. John Phillips reminded participants of the Senegal forum later that day and encouraged Alex Tweeddale and Harmen van der Kooij to connect before Alex Tweeddale's presentation in two weeks [00:51:06].

Suggested next steps

  • John Phillips will change the detail on the slide and put a better link in the chat to watch the Senagal panel session.

  • Harmen van der Kooij will put the open source links in the chat.

  • Alex Tweeddale and Harmen van der Kooij will connect to discuss the DID document pointing to a link to VP with a credential.

Meeting chat

00:06:24 John Phillips: Senegal UN/CEFACT Forum details (with zoom links) here: https://unece.org/sites/default/files/2025-11/Forum%20Programme_26Nov-WithLinks.pdf

00:06:58 John Phillips: Today's presentation is here: https://docs.google.com/presentation/d/1KC4vzGNSwEN8_G2bSdZ70EJ1Ui7mjhIPkMk6JHGEwJo/edit?usp=sharing

00:25:47 John Phillips: I'm putting question in the Q&A space that we have available - not sure if you all can see this. The idea is to ask Herman and Said these question at the end.

00:33:28.751 Alex Tweeddale: In the UK, if its a 1 person company, the law is that it is an exemption from PII. Conversely, in South Africa, all legal entity data is classified as PII. So we need to differentiate depending on the jurisdiction

00:46:02.399 Harmen van der Kooij: https://github.com/FIDEScommunity/fides-bluepages

00:50:39.063 Alex Tweeddale: Do you have a schema or example for how companies add linked VPs into their DIDs