Establishing trust has always been a core task for ID document providers as well for digital services and their environment. Public Key Infrastructures build the basis for many of these well-established systems. Solutions like blockchains now challenge these PKI based systems and the problems caused
by their centralized nature. A closer look shows that the majority of cases decentralized solutions are used to improve process compliance and auditability by adding log and communication layers but very often still rely on central roots of trust. In the digital identities sphere on the other hand the
decentralized concept of Self Sovereign Identities gained much attention during the last years. We will provide an in depth analysis of the trust relationships in the SSI ecosystem and will answer the following questions:

1. How to ensure reliable user binding of credentials.
2. How to protect sensitive data against unauthorized verifiers.
3. How to avoid data collection, tracking and correlation on the verifier side.

The presented solutions will combine centralized and decentralized components that could help governments to build the foundation for a digital ID ecosystem based on SSI principles that respects the government’s responsibility to provide the citizen’s core ID while having the flexibility to enable the establishment of digital solutions in the governmental and the private sector.