W3C home > Mailing lists > Public > public-credentials@w3.org > May 2018

Re: Call for Focal DID Use Cases

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Tue, 29 May 2018 10:35:58 -0400
To: Credentials Community Group <public-credentials@w3.org>
Message-ID: <87400d1e-4ed3-7801-1599-d0e8f7e61d58@digitalbazaar.com>
Here's a Focal DID Use Case from Digital Bazaar that is inspired by US
Department of Homeland Security and United Parcel Service's testimony[1]
on supply chain security to US Congress this past month.

Name
----

Decentralized Corporate Identifiers


Background
----------

There are many types of identifiers that corporations use today
including tax identification numbers (e.g. 238-42-3893), Legal Entity
Identifiers (e.g. 5493000IBP32UQZ0KL24), Data Universal Numbering System
identifiers (aka. DUNS Number) (e.g. 150483782), and many more that
communicate the unique identity of an organization. None of these
numbers enable an organization to self-issue an identifier or to use the
number to cryptographically authenticate or digitally sign agreements. A
great number of business to business and business to customer
transactions could be executed more quickly and with greater assurance
of the validity of the transaction if a mechanism to self-issue
cryptographic identifiers were created.

Description
-----------

A North American government would like to ensure that the supply chain
that feeds electronic products into the country is secure. As a result,
a new method of submitting digital documentation to Customs is enabled
that requires that all documentation is provided as machine-readable
digitally signed data. Digitally signed documentation is collected at
each stage of the manufacturing, packaging, and shipping process. This
documentation is then submitted to Customs upon the products entry into
the country where all digital signatures are verified on the
documentation. Some aspects of the signed documentation, such as
firmware hashes and checksums, are then used by Customs and downstream
customers to verify that the products have not been tampered with after
leaving the manufacturing facility.

Decentralized Identifiers are chosen in order to ensure 1) low
management overhead for the government, 2) self-management of
identifiers and cryptographic key material, and 3) a competitive
marketplace.

Sticky Wicket
-------------

The requirement of downstream customers to use the same documentation
and digital signature mechanisms that were provided to Customs is the
sticky wicket in this scenario. Governments often create ad-hoc
solutions for their import solutions, which make securing the global
supply chain difficult as each government has their own method of
securing the supply chain and identifying corporations that downstream
customers need to integrate with. If you are a global company, that
means integrating with many supply chain systems (each with different
capabilities). As such, any securing of the supply chain with downstream
customers must then depend on the country-specific corporate
identification and PKI solution, which leads to ad-hoc solutions that
drive up the cost of doing business across borders.

A supply chain identifier solution that is simple, self-administered,
built on global standards, is flexible in the cryptographic mechanisms
used to authenticate, and can be used by governments and downstream
customers with little to no modification to the regional government or
corporate systems does not exist today.

Distinction
-----------

Many Decentralized Identifier use cases focus on Self-Sovereign Identity
and individuals. This use case focuses on organizations and their
departments as entities that would also benefit from Decentralized
Identifiers.

-- manu

[1]https://lists.w3.org/Archives/Public/public-credentials/2018May/0015.html

-- 
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Veres One Decentralized Identifier Blockchain Launches
https://tinyurl.com/veres-one-launches
Received on Tuesday, 29 May 2018 14:36:34 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:47 UTC