Navigating Next-Generation Credentials Together: Community Consultation Open Through March 8

Subscribe for more like this



By Margaret Cullen, Chair, Community Architecture Committee for Trust and Identity

Estimated reading time: 4 minutes

The Community Architecture Committee for Trust and Identity (CACTI) Next-Generation Credentials Working Group (NGCWG) has completed its final report.

The community consultation for this document is open through the end of the day on Friday, March 8. It’s vital that we get your feedback, so please read on.

What do we mean by next-generation credentials?

“Next-generation credentials” is CACTI’s name for emerging technology that empowers credential holders to choose what identity they assert, at what time, with what relying party/verifier, and what types of information they disclose. This type of user-centric identity ecosystem is known variously as “self-sovereign identity,” “verifiable credentials,” and “wallet-based credentials,” etc.

Margaret Cullen posing for a profile picture.
InCommon Community

What work did the NGCWG undertake?

The NCGWG was a short-lived working group tasked with understanding what we as a community mean by “next-generation credentials”and determining the key use cases that will drive their adoption in research and education (R&E). The NGCWG Report represents the first step in a larger CACTI effort to understand the emerging area of next-generation credentials, how they will impact the R&E Trust and Identity (T&I) landscape and how they will enable new T&I capabilities and services for the R&E sector.  We are also seeking to understand how/if next-generation credentials will impact existing InCommon Trust & Identity services, such as the InCommon Federation and eduroam. Finally, we are also seeking to understand the evolving relationship between next-generation credentials and the future state of browser-based privacy and security controls.

What’s next?

Some universities have already begun to deploy wallet-based University IDs. As this practice grows, CACTI will be working, in concert with the rest of the R&E T&I community, to:

  • Ensure that the needs of the R&E sector are considered in the global standards bodies that are defining the technical standards for these next-generation credentials.
  • Work with other R&E technology organizations and R&E solution vendors to design, develop, and promote high-quality, interoperable next-generation credential solutions that meet the needs of the global R&E community.
  • Communicate with the R&E community about available technologies and trade-offs as your institutions begin to plan and execute your next-generation credential roadmaps.

How can you join the conversation about next-generation credentials?

To help us understand how best to work together in this space, we are eager to get your feedback on the use cases and conclusions in the working group’s report. Please provide feedback on the following, and any other items, in the linked community consultation wiki page.

  1. Did we miss any use cases that are important to your R&E institution? 
  2. If your institution is already working towards wallet-based student IDs or other next-generation credentials, which use cases are driving your efforts?  What solutions are you considering or deploying?
  3. Have you considered the need for your next-generation credentials to be compatible (or interchangeable) with the credentials used at other R&E institutions?  
  4. Within your organization, how do you see the use of next-generation credentials impacting or co-existing with your existing T&I services (such as the InCommon Federation or eduroam)?
  5. Do you agree with the next steps outlined in the conclusion section?  Are there additional things that InCommon could be doing to help you understand, evaluate, or adopt this new technology?

You can add your notes and comments to the table in the wiki. We look forward to your response as we navigate this exciting new technology area together!


The Community Architecture Committee for Trust and Identity (CACTI) is a standing architecture strategy group of community members chartered by Internet2’s vice president for Trust and Identity. CACTI members include a broad representation from research and education. Minutes and additional information are available on the CACTI wiki.