Standards

Built on open standards. Aligned with Canadian and international frameworks.

Oliu™ uses W3C Verifiable Credentials, aligns with DIACC's Pan-Canadian Trust Framework and DGSI standards, and operates with security and privacy by design. This page lays out where Oliu™ sits in the standards ecosystem — and what it commits to.

Foundations

The standards Oliu™ is built on

Oliu™'s technical foundation is open, international, and publicly auditable. Every piece of the network — the credential format, the issuer identifier, the verification path, the governance alignment — traces to a standard maintained by a recognized body.

W3C Logo placeholder

W3C Verifiable Credentials

The standard

The international open standard for digital credentials, developed and maintained by the World Wide Web Consortium. The specification defines how a credential is structured, signed, delivered, and verified — so any compliant system can read and trust a credential issued by any other compliant system.

In Oliu™

Oliu™ issues credentials in the W3C Verifiable Credentials Data Model v2.0. Credentials issued through Oliu™ are readable by any compliant wallet, verifiable by any compliant verifier, and remain readable for as long as the standard remains readable — which is likely to be decades.

W3C Verifiable Credentials Data Model
W3C Logo placeholder

W3C Decentralized Identifiers (DIDs)

The standard

A companion standard to Verifiable Credentials, also maintained by W3C. A DID is a digital identifier for an issuer, holder, or verifier — structured so that the identity can be confirmed without relying on a central authority to vouch for it.

In Oliu™

Oliu™ uses the did:web method. Each issuer on the network is identified by a did:web DID resolvable through a standard web address under the issuer's own domain. This means an issuer's identity is verifiable directly from their own public infrastructure, not from a database Oliu™ controls.

W3C Decentralized Identifiers
DIACC Logo placeholder

DIACC Pan-Canadian Trust Framework (PCTF)

The standard

The Canadian framework for digital identity and trust services, developed by the Digital ID and Authentication Council of Canada. The PCTF defines standards and certification for how digital trust infrastructure should operate in Canadian jurisdiction.

In Oliu™

Oliu™ aligns its platform and operating practices with the PCTF, and is DIACC PCTF certified. Oliu™ participates in DIACC's working groups on credential-related components of the framework.

DIACC Pan-Canadian Trust Framework
DGSI Logo placeholder

Digital Governance Standards Institute (DGSI)

The standard

The Canadian standards body for digital trust and governance. DGSI develops and maintains standards that define how digital infrastructure should be governed, audited, and held accountable in Canadian jurisdiction.

In Oliu™

Oliu™ aligns its governance posture and operating practices with DGSI standards as they apply to credential infrastructure. As the network's governance structure matures — specifically, as the Canadian Credential Trust Authority is established — DGSI alignment is part of the framework the Authority will operate within.

Digital Governance Standards Institute
In practice

What standards alignment means in practice

A credential issued through Oliu™ can be verified by any system that speaks the W3C standard. The issuer's identity can be confirmed through a public DID document, not a proprietary registry. Oliu™'s implementation decisions are constrained by published specifications, not by what's commercially convenient.

When these standards evolve, Oliu™ evolves with them. When new versions of the W3C Verifiable Credentials Data Model are published, Oliu™ updates its platform to remain aligned. When DIACC or DGSI issue new guidance, Oliu™ reviews and adopts the relevant changes. Alignment isn't a one-time claim; it's an ongoing operational commitment.

Oliu™ participates in the standards conversations that affect credential infrastructure, rather than building proprietary alternatives outside them. The standards are the ceiling and the floor — the network has no ambition to exceed the standards with incompatible features, and no ambition to undercut the standards with shortcuts.

Security

Security

The security model rests on four architectural choices, each of which is directly tied to the standards Oliu™ is built on.

Cryptographic signing

Every credential is signed at the moment of issuance with a cryptographic key that only the issuing organization controls. The signature is mathematically linked to the credential's content and the issuer's identity. Altering the credential — even by one character — breaks the signature and fails verification. Forgery, in practice, requires compromising the issuer's signing key; it cannot be done from the outside.

Issuer key management

Oliu™ holds issuers to documented standards for key management. Keys can be managed by Oliu™ on the issuer's behalf, or managed by the issuer directly — depending on the issuer's security posture and preference. Compromised keys can be rotated; credentials issued under compromised keys can be revoked.

Open registry

Verification works against an open registry that Oliu™ operates. The registry is auditable. A verifier can confirm a credential's authenticity without contacting the issuer, without logging in, and without storing any record of the check.

Hosted in Canada

The Oliu™ platform is built and hosted 100% in Canada. Data residency, jurisdictional alignment, and operational presence all have a single, simple answer.

Privacy

Privacy

The privacy model is structural. It is not a policy layered on top of a centralized system; it is a consequence of how the system is built.

No centralized personal data

Oliu™ does not store personal credential data centrally. Credentials live on the holder's device, in their wallet. The registry holds only cryptographic references — enough to support verification, not the content of the credential itself.

Holder control

The holder decides when to share a credential, with whom, and for how long. Presentation is always an action the holder takes; verifiers cannot pull credentials from a wallet. The exchange only happens when the holder initiates it.

Selective disclosure

Where the W3C standard supports it, holders can share only the parts of a credential a verifier needs. A qualification can be confirmed without revealing the holder's address, date of birth, or other details the verifier doesn't need to see.

Verifiers see only what's necessary

A verifier confirming a credential sees the credential's content, not the holder's other credentials, not their history, and not their identity beyond what the credential itself contains.

Interoperability

Interoperability

Oliu™'s commitment to interoperability is structural. The network is open by construction, not by promise.

Across systems

Credentials issued through Oliu™ can be read by any W3C-compliant system. Holders can use any W3C-compliant wallet; the Oliu™ Wallet is the recommended Canadian default, but not a requirement. Issuers can exit the network without stranding their credential holders.

Across provinces

Oliu™ is a national network. A credential issued by an Alberta regulator is verifiable by an Ontario employer. A credential issued by a federal body is verifiable anywhere in Canada. No bilateral agreements, no manual lookups, no jurisdiction-specific verification paths.

Across sectors

A wallet that holds construction safety tickets can also hold first-aid certifications, professional licences, and training credentials. The standard is the same; the credential type doesn't matter. The network architecture doesn't privilege any sector over any other.

Commitments

What Oliu™ commits to

These are public commitments, worded to be meaningful and keepable. Participants, regulators, and evaluators can hold Oliu™ to what it says here.

  1. Commitment 01

    Oliu™ commits to maintaining W3C Verifiable Credentials alignment as the standard evolves.

  2. Commitment 02

    Oliu™ commits to publishing its standards posture, security model, and any material changes to either openly.

  3. Commitment 03

    Oliu™ commits to participating in Canadian and international standards bodies whose work affects credential infrastructure.

  4. Commitment 04

    Oliu™ commits to never adopting a proprietary credential format.

Next

Where to go next

Trust & Governance

How Oliu™ is structured to be trusted as infrastructure over time.

How the Network Works

The system-level view of how credentials flow through Oliu™.

Technical documentation

Full API reference, data model specifications, authentication details.

Available through Oliu™'s integration onboarding; dedicated documentation destination in development.