W3C home > Mailing lists > Public > public-credentials@w3.org > June 2017

Re: [MINUTES] W3C Credentials CG Call - 2017-06-13 12pm ET

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Tue, 13 Jun 2017 20:57:33 +0000
Message-ID: <CAM1Sok0fizg11SmHR9DoE4hzGocNMXx=ODsvRrJ23wLR+ouyYQ@mail.gmail.com>
To: David Chadwick <D.W.Chadwick@kent.ac.uk>, public-credentials@w3.org
Does this bring about a series of modality considerations?

On Wed., 14 Jun. 2017, 6:15 am David Chadwick, <D.W.Chadwick@kent.ac.uk>

> The point I was making is that today, employees with security clearances
> have access to documents that should not be revealed to the press or
> foreign nationals, and the vast majority of employees comply.
> Occasionally one employee might release information to Wikileaks or
> similar and there is nothing that technology can do to stop this. So we
> could adopt the same model for VCs. Employees are given VCs and told
> they should not release them to inspectors outside the organisation (and
> the VC could contain a policy statement to this effect), but once they
> are home, the employee could release them if they wanted to.
> This is because the trust model of VCs is fundamentally different to
> that of federated identity management systems - see my doc on VC
> lifecycles for the trust model
> https://drive.google.com/file/d/0B2qPJBxhjfdqYmJGaE5HODFLZ3ROUFAxQ05yOG9uRTBaaDlr/view
> regards
> David
> On 13/06/2017 19:15, msporny@digitalbazaar.com wrote:
> > David Chadwick:  Concept of high security credentials that should
> >   not be released to anyone outside the org. Nothing in the
> >   technology would stop stepping outside restrictions of employer
> >   (kimhd: not sure I captured this statement correctly)
Received on Tuesday, 13 June 2017 20:58:19 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:38 UTC