W3C home > Mailing lists > Public > public-credentials@w3.org > September 2014

Re: UseCases

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Mon, 22 Sep 2014 11:27:46 -0400
Message-ID: <54203FF2.3080303@digitalbazaar.com>
To: Tim Holborn <timothy.holborn@gmail.com>
CC: Credentials Community Group <public-credentials@w3.org>
On 09/14/2014 08:25 PM, Tim Holborn wrote:
> A use-case concepts dump - types of credentials…

Hey Tim, I'm going to try and attempt to categorize your use cases into
more generalized use cases to ease the flow of the conversation for the
telecon tomorrow:

-------------------------------------------------------------------

Design Criteria: Support the following types of education, government,
and healthcare credentials:

+ I have a education degree in field X
+ I am a student, studying in field Y
+ I am a lecturer at university Z
+ I am a citizen
+ My date of birth is, etc.
+ I have a prescription / right to purchase this medication
+ I am an Emergency Health Professional
+ i have a valid First Aid Certificate
+ This is my Vehicle
+ This is my registered trademark
+ I have a yacht-club Membership
+ I am a Webizen
+ I work at Fast Food Chain xyz - Please authorise my discount
+ I work at Telecommunications Company XYZ: Let me in the door to this
secure facility
+ I am a lawyer or Accountant
+ I am a Lawyer or Accountant representing this client

I suggest that we move these over to the Web Payments use cases:

+ I purchased this TV within the last 12 months (i still have a warrantee)
+ I paid this bill on this day
+ My insurance for my yatch is paid

-------------------------------------------------------------------

Use Case: Enable access to patient storage for particular individuals.

+ I authorise this doctor to write to my patient record
+ I reauthorise this doctor to write to my patient record
+ Emergency Health Providers can Access my Patient Records

-------------------------------------------------------------------

Use Case: A sender transmits some data to a receiver. The receiver
transmits a digitally signed certificate of delivery to the sender.

+ I have sent you legal notification digitally
+ I have authored this document which i seek to be delivered as
registered mail to the named recipient
+ I seek a date-stamp (and checksum) on this document send to the
specified recipient.
(and i seek to declare terms to that transmission)

-------------------------------------------------------------------

Use Case: Credentials issuer seeks to share private information (web
resources) with credentials holder.

Why is this use case not covered by SSL? Do you mean that the
Credentials issuer needs to write information to the credential holder's
online storage?

-------------------------------------------------------------------

Use Case: Individual is fined for traffic infringement and seeks access
to Video (and/or audio) evidence recorded by law-enforcement.  A means
is sought to do this privately (as to avoid the material being published
on youtube).

-------------------------------------------------------------------

Use Case: A confidential document is being distributed for the purpose
of disclosure and mutual agreement.

Why can't the distribution happen over SSL? Do you want the document to
be transmitted over SSL and for the contents to be encrypted to the
receiver? Then have the contents digitally signed and re-encrypted to
the sender?

-------------------------------------------------------------------

Use Case: I have a hybrid TV service (Broadcast + Broadband) here is my
identity details, i would like to control who and how this information
is used for targeted advertising & other purposes.

Might want to remove the hybrid TV service bit, don't know why that's
relevant? Maybe because of the advertising angle? You don't want to be
advertised to using your identity information, but you need to use it to
unlock the "over the age of 13" channels?

-------------------------------------------------------------------

Use Case: This intelligent light globe is connected at my home.  I would
like access to the light globe to turn it on/off remotely.

Seems like a secondary case for authorized access to IoT device? Don't
know if we need this one, as others should cover it.

-------------------------------------------------------------------

-- manu

-- 
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: High-Stakes Credentials and Web Login
http://manu.sporny.org/2014/identity-credentials/
Received on Monday, 22 September 2014 15:28:12 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:21 UTC