re:claimID is a decentralized self-sovereign identity system built on top of the GNU Name System (GNS) that allows users to manage and share identity attributes without relying on centralized identity providers. The system leverages the zone privacy and key blinding properties of GNS to provide secure attribute sharing and authorization mechanisms.
The core technical implementation uses GNS zones as identity containers, with attributes stored as RECLAIM_ATTRIBUTE records and credentials as RECLAIM_CREDENTIAL records. Identity sharing is facilitated through a ticket-based authorization system where tickets are encoded as GNS names containing references to shared attributes and credential presentations. The system supports both self-asserted attributes and third-party attestations through JSON Web Tokens. For integration with existing applications, re:claimID implements the OpenID Connect 1.0 protocol, allowing websites to use it as an identity provider with standard OAuth2 flows.
Notable implementations include integration with the GNU Project's privacy-focused e-commerce framework DISSENS, which combines re:claimID with the GNU Taler payment system. Unlike blockchain-based identity systems, re:claimID achieves decentralization through distributed hash tables rather than consensus mechanisms, making it more scalable. The system has been implemented in both C (as part of GNUnet) and Go, demonstrating interoperability when built on the same underlying DHT storage. Browser extensions for Firefox and Chrome enable integration with web applications through the OpenID Connect protocol.
If you are featured in the Web of Trust Map and wish to exercise your GDPR rights, including the right to be forgotten, visit the privacy policy page