Re: Call for Focal DID Use Cases

We have given these questions some thought …


  1.  Since the issuer of a VC is also identified via a DID, how is this GOV DID that signs the Org VCs made know to others?

One idea here is that the government (in our case the provincial govt) would issue / publish a Verifiable Credential to a public place (perhaps like an OrgBook) that contains all the DIDs that is officially owns along with endpoints, common names, etc. The root DID could be something that is associated with say the DNS record of gov.bc.ca so that a bridge from DNS/Web land could be made via a common approach like https://gov.bc.ca/did.txt and it returns the DID of the govt which can then be used to perhaps find the endpoint for the verifiable credential mentioned above. Or maybe the DID Doc for the root DID for that govt contains more endpoints. I am not 100% sure of course.


  1.  Not all organizations are legal entities.  Some are more informal, like a book club?  Who signs these VCs?



From a government and regulatory point of view these organizations are probably not of much interest … we don’t offer any protections or special privileges I don’t think (I’m not an expert on that kind of thing) to these informal entities.

Here is a clip from a draft trust framework document describing the scope of a verifiable organization …

Organization: An organization is "an organized group of people with a particular purpose". The Verified Organization Component is concerned specifically with organizations that are also legal entities. Such organizations have legal standing in the eyes of the law and legal capacity to (1) enter into agreements or contracts, (2) assume obligations, (3) incur and pay debts, (4) sue and be sued in their own right, and (5) to be accountable for illegal activities. Under this definition, organizations include but are not limited to: for-profit businesses (regardless of type or structure), charities, associations, and public sector agencies. Excluded from this definition are informal groups such as social clubs and certain societies (those that are not otherwise legally constituted).


John


From: Chris Boscolo <chris@boscolo.net>
Date: Saturday, June 2, 2018 at 9:48 AM
To: John Jordan <John.Jordan@gov.bc.ca>
Cc: Credentials Community Group <public-credentials@w3.org>, Manu Sporny <msporny@digitalbazaar.com>, Kettunen Antti J <antti.j.kettunen@tieto.com>
Subject: Re: Call for Focal DID Use Cases

Thanks for this contribution, Jordan.

I agree with you that GOV-issued VCs are the right way to prove the existence of a legal entity.

I have a couple of follow-up questions/comments.

1) Since the issuer of a VC is also identified via a DID, how is this GOV DID that signs the Org VCs made know to others?

2) Not all organizations are legal entities.  Some are more informal, like a book club?  Who signs these VCs?

I have some thoughts on these questions but am curious about what others think.

   -chrisb


On Fri, Jun 1, 2018 at 12:37 PM, Jordan, John CITZ:EX <John.Jordan@gov.bc.ca<mailto:John.Jordan@gov.bc.ca>> wrote:
So ...

I think I have a different point of view on corporate identifiers ... I don’t think we need a single identifier like we have been trying to unsuccessfully have in some places for years. I feel like those numbers are a bad side effect of centralized database primary keys.

For sure a legal entity that isn't human (corporations, partnerships, societies, etc) will have DIDs, however I don't think they need one DID to be known by. These types of entities have to be created by some legislatively authorized authority. They only exist as a construct of a law. Therefore, there must be a Verifiable Credential issued to that entity. It is this verifiable credential that is the proof of existence for that legal entity. It may contain some sort of locally unique identifier but that is beside the point I believe. The entity will have presented the authority with a DID to which the verifiable credential would be issued from the point of view of the authority. However, if the legal entity later establishes a digital relationship with a supply chain partner or what not .. they could use a different DID for that relationship and use the verifiable credential they hold to prove they are a registered legal entity (and whatever other proofs they are required to provide) to their new partner.

I think the reason I am quite resistant to a single identifier (if that is what is being contemplated) for an organization is that in the real world stuff happens. Organizations, change, merge, are sold and so forth. Very rarely do they go about the task of informing all the connections they have after this real world event has happened  and when it impacts things like legal name, the identifier they are known by and whatnot. And so, over time the real world events wander off from these single identifiers no matter who controls those identifiers. What is more dynamic and more closely related to the real world happenings are the verifiable credentials. When a corporation is bought by another there must be an interaction with the Corporate Registrar to deal with credentials. This purchasing corporation may, likely will, create new relationships (DIDs) and perhaps have ways to have the verifiable credentials of the purchased company transferred to them with the proper new legal name etc.

Anyway, I think it better to separate the DID (addressing space) from the verifiable credential (business space).

My thoughts.
J



On 2018-06-01, 6:12 AM, "Manu Sporny" <msporny@digitalbazaar.com<mailto:msporny@digitalbazaar.com>> wrote:

    On 05/31/2018 07:15 AM, Kettunen Antti J wrote:
    > Manu, this sounds a really interesting use case. The Corporate
    > identifiers is a huge topic, since it touches on a vast number of
    > additional use cases, like representation rights, founding
    > documents, share ownership, etc.

    Yes, cryptographic corporate identifiers seem to be a very common use of
    Decentralized Identifiers. The process seems to be:

    1. Organization gets a DID.
    2. Government issues a Verifiable Credential for the DID.
    3. DID + VC is used to perform some task.

    > Do you think these use cases should be separate, or should we
    > collaborate on this?

    I think they are separate use cases that depend on the same three steps
    above and I think you should submit your use case as well. We can always
    combine use cases later, but I think the most interesting thing about
    your use case is that the DID is used in a different set of industries
    and for a different set of purposes than the one I mentioned.

    Part of the purpose of these use cases is to demonstrate to the W3C
    Membership (400+ organizations) that this technology has broad
    applications and in order to do that, we need to show its use in a very
    diverse set of market verticals and business processes as possible.

    -- manu

    --
    Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
    Founder/CEO - Digital Bazaar, Inc.
    blog: Veres One Decentralized Identifier Blockchain Launches
    https://tinyurl.com/veres-one-launches

Received on Sunday, 3 June 2018 04:06:22 UTC