Re: Credentials Containers

On 21 January 2015 at 01:00, ☮ elf Pavlik ☮ <perpetual-tripper@wwelves.org>
wrote:

> Howdy,
>
> I just took another look at Identity Credentials 1.0 spec
> http://opencreds.org/specs/source/identity-credentials/
>
> I feel certain resistance thinking about all operations happening
> directly on my identity document. At the same time wondering if some
> conversations already happened about storing credentials in some kind of
> separate containers? Possibly something similar to Hydra Collection[1]
> or LDP Container[2]
>
> On fist thought it would allow storing different credentials on
> different services. Also having different levels of security for each of
> them.
>
> {
>   "@context": "https://w3id.org/identity/v1",
>   "id": "https://example.com/identities/bob",
>   "type": ["Identity", "Person"],
>   "credentialContainer" : [
>     {
>       "id": "https://backpack.opentechschool.org/bob414",
>       "type": "OpenBadgeBackpack"
>     },
>     {
>       "id": "https://supersecure.example.net/bob123",
>       "type": "CredentialContainer"
>     }
>   ]
> }
>
> I must admit right away not understanding how Access Control supposed to
> work with identity document. JSON-LD Frame, JSON Patch, JSON Pointer all
> currently don't belong to my daily toolbox. So question above comes bit
> more out of my gut feeling than solid analysis.
>

For access control, what some of us do is have a list of URLs that can read
to a document, and a list that can write.  This can be linked in a header
rel="acl" which could also be some JSON LD.


>
> Cheers!
>
> [1] https://www.w3.org/community/hydra/wiki/Collection_Design
> [2] http://www.w3.org/TR/ldp/#ldpc
>
>