Re: did:webvh News: New Rust Implementation, Linux Foundation Proof of Personhood, UNTP, and Government of Canada Standards

This is all great news Stephen!

I was surprised by the digital governance council inclusion having
minimally contributed to the first draft of that specification.

There was a conformity assessment program that almost reached pilot of that
I haven’t heard about in a while. Do you know of anything happening along
those lines?

Thanks,
Brian

On Wed, Apr 1, 2026 at 8:48 AM Stephen Curran <swcurran@cloudcompass.ca>
wrote:

> As a follow up to the did:webvh CCG session I did in February, I wanted to
> share a round-up of recent news and adoption milestones for did:webvh. The
> immediate trigger for this post is a new release of the Rust implementation
> — but there's quite a bit more to share.  For those new to the topic the
> spec is here: https://identity.foundation/didwebvh/ and other information
> can be found here: https://didwebvh.info.
>
> Sorry (not sorry) for the length of this email -- lots happening!
>
> *New Rust Implementation Release*: didwebvh-rs v0.3.0 (DIF)
>
> Affinidi has released v0.4.0 of the full Rust implementation of did:webvh,
> hosted at the Decentralized Identity Foundation:
> https://github.com/decentralized-identity/didwebvh-rs/releases
>
> Major changes in recent releases:
>
>    - External signer support — the code never sees secret key material,
>    enabling clean integration with Key Management Services (KMS) and Hardware
>    Security Modules (HSMs) to meet security policies and regulated environments
>    - Developer convenience functions to assist with witness operations
>    - Improved error messages that are more instructive on failures
>    - Refactored code removing regex requirements; the reqwest HTTP client
>    is now gated behind a feature flag
>    - Expanded tests, including integration tests with a mock server to
>    better emulate network scenarios and failure conditions
>    - Resolver DoS protections
>
> Many of these changes were driven directly by security reviews and audits,
> as well as insights from production deployments.
>
> *Linux Foundation*: Proof of Personhood for Open Source Projects
>
> LF Decentralized Trust has published a progress report describing how
> did:webvh is being used as part of an initiative to provide Proof of
> Personhood for the Linux kernel project and other open source projects. The
> effort — prompted by Linux Foundation CEO Jim Zemlin following the XZ Utils
> supply chain attack — is centered on a decentralized trust graph model
> using DIDs and verifiable relationship credentials. did:webvh is a key part
> of the identity infrastructure being developed.
>
> Full blog post from Drummond Reed (March 5, 2026):
>
> https://www.lfdecentralizedtrust.org/blog/decentralized-trust-infrastructure-at-lf-a-progress-report
>
> *United Nations Transparency Protocol* (UNTP)
>
> The UN Transparency Protocol — which addresses supply chain verifiability
> and anti-greenwashing — has included did:webvh as an acknowledged DID
> method in its work-in-progress specification. The method is described as
> Recommended (Advanced) for institutional and organizational identifiers
> requiring verifiable history, key rotation, and auditability — particularly
> for Digital Identity Anchors, credential issuers, and registry maintainers.
>
> See the DID methods section of the UNTP specification:
> https://untp.unece.org/docs/specification/VerifiableCredentials#did-methods
>
> *Government of Canada*: DGSI/TS 115 includes did:webvh
>
> The Digital Governance Standards Institute (DGSI) — an independent
> division of Canada's Digital Governance Council — has published a revised
> edition of DGSI/TS 115, Technical Specification for Digital Credentials and
> Digital Trust Services. did:webvh (attributed as DIF DID:webvh) is
> explicitly listed in section 8.1.2 alongside W3C DID:web, DID:key, and
> X.509 Certificates as a required supported identifier method. The
> specification was announced on March 12, 2026.
>
> Press release:
>
> https://dgc-cgn.org/digital-governance-standards-institute-publishes-revised-technical-specification-dgsi-ts-115-for-digital-credentials-and-digital-trust-services/
>
> Specification:
> https://dgc-cgn.org/product/dgsi-ts-115/
>
> *Implementation Ecosystem*: DIF and OpenWallet Foundation
>
> Beyond the full Rust implementation, the full did:webvh component stack —
> registrars, resolvers, witnesses, and watchers — has been built out and is
> moving into production use cases across two major open source digital trust
> frameworks:
>
> ACA-Py (OpenWallet Foundation) includes a native did:webvh resolver built
> directly into the core agent. A full-featured ACA-Py plugin and the DID
> did:webvh Server extends the core capability with registrar, witness,
> watcher and AnonCreds verifiable credentials support, enabling multi-tenant
> deployments to create and manage did:webvh DIDs with witness-based
> attestation. This is already in active use in production-grade deployments
> such as BC Gov's Traction platform.
> https://plugins.aca-py.org/latest/webvh/
>
> Credo-TS (OpenWallet Foundation), the TypeScript/JavaScript agent
> framework supports did:webvh resolution, interoperable with the ACA-Py
> implementation. With both a server-side and mobile wallet framework,
> Credo-TS brings did:webvh into a broad range of wallet and agent deployment
> contexts.
>
> The combination of Python (ACA-Py), TypeScript (Credo-TS), and Rust
> (didwebvh-rs) implementations — all interoperating against the same DIF
> specification — represents a healthy, multi-language ecosystem for
> did:webvh.
>
> Exciting to see did:webvh gaining traction across such a wide range of
> contexts — from open source infrastructure security to supply chain
> transparency to government digital credential standards. Happy to answer
> any questions.
>
> --
>
> Stephen Curran
> Principal, Cloud Compass Computing, Inc.
>