W3C home > Mailing lists > Public > public-credentials@w3.org > May 2018

Re: Call for Focal DID Use Cases

From: Kettunen Antti J <antti.j.kettunen@tieto.com>
Date: Thu, 31 May 2018 11:15:39 +0000
To: Manu Sporny <msporny@digitalbazaar.com>, Credentials Community Group <public-credentials@w3.org>
Message-ID: <FA3D8CCB-1D8C-4DAB-B915-DD47804944C3@tieto.com>
Manu, this sounds a really interesting use case. The Corporate identifiers is a huge topic, since it touches on a vast number of additional use cases, like representation rights, founding documents, share ownership, etc. 

We have just released a PoC project in Finland, where we created a shared founding process (using Corda) to create a Ltd Company denoted by a DID (Indy) and attested by verifiable claims from the registry official and banks. We tested creation of representation rights, API delegated access credentials and DID-based document signing, among other things.

Press release: https://www.tieto.com/news/blockchain-technologies-enable-new-businesses-to-have-a-fully-digital-identity


Do you think these use cases should be separate, or should we collaborate on this?

Antti Kettunen, Blockchain Solutions Consultant
 
Tieto, Blockchain Solutions
email antti.j.kettunen@tieto.com
mobile +358 44 377 8436 <tel://+358%2044%20377%208436/> 
Keilalahdentie 2, FI-02150 Espoo, Finland
tieto.com <http://tieto.com/>

 

´╗┐On 29/05/18 17:39, "Manu Sporny" <msporny@digitalbazaar.com> wrote:

    Here's a Focal DID Use Case from Digital Bazaar that is inspired by US
    Department of Homeland Security and United Parcel Service's testimony[1]
    on supply chain security to US Congress this past month.
    
    Name
    ----
    
    Decentralized Corporate Identifiers
    
    
    Background
    ----------
    
    There are many types of identifiers that corporations use today
    including tax identification numbers (e.g. 238-42-3893), Legal Entity
    Identifiers (e.g. 5493000IBP32UQZ0KL24), Data Universal Numbering System
    identifiers (aka. DUNS Number) (e.g. 150483782), and many more that
    communicate the unique identity of an organization. None of these
    numbers enable an organization to self-issue an identifier or to use the
    number to cryptographically authenticate or digitally sign agreements. A
    great number of business to business and business to customer
    transactions could be executed more quickly and with greater assurance
    of the validity of the transaction if a mechanism to self-issue
    cryptographic identifiers were created.
    
    Description
    -----------
    
    A North American government would like to ensure that the supply chain
    that feeds electronic products into the country is secure. As a result,
    a new method of submitting digital documentation to Customs is enabled
    that requires that all documentation is provided as machine-readable
    digitally signed data. Digitally signed documentation is collected at
    each stage of the manufacturing, packaging, and shipping process. This
    documentation is then submitted to Customs upon the products entry into
    the country where all digital signatures are verified on the
    documentation. Some aspects of the signed documentation, such as
    firmware hashes and checksums, are then used by Customs and downstream
    customers to verify that the products have not been tampered with after
    leaving the manufacturing facility.
    
    Decentralized Identifiers are chosen in order to ensure 1) low
    management overhead for the government, 2) self-management of
    identifiers and cryptographic key material, and 3) a competitive
    marketplace.
    
    Sticky Wicket
    -------------
    
    The requirement of downstream customers to use the same documentation
    and digital signature mechanisms that were provided to Customs is the
    sticky wicket in this scenario. Governments often create ad-hoc
    solutions for their import solutions, which make securing the global
    supply chain difficult as each government has their own method of
    securing the supply chain and identifying corporations that downstream
    customers need to integrate with. If you are a global company, that
    means integrating with many supply chain systems (each with different
    capabilities). As such, any securing of the supply chain with downstream
    customers must then depend on the country-specific corporate
    identification and PKI solution, which leads to ad-hoc solutions that
    drive up the cost of doing business across borders.
    
    A supply chain identifier solution that is simple, self-administered,
    built on global standards, is flexible in the cryptographic mechanisms
    used to authenticate, and can be used by governments and downstream
    customers with little to no modification to the regional government or
    corporate systems does not exist today.
    
    Distinction
    -----------
    
    Many Decentralized Identifier use cases focus on Self-Sovereign Identity
    and individuals. This use case focuses on organizations and their
    departments as entities that would also benefit from Decentralized
    Identifiers.
    
    -- manu
    
    [1]https://lists.w3.org/Archives/Public/public-credentials/2018May/0015.html

    
    -- 
    Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
    Founder/CEO - Digital Bazaar, Inc.
    blog: Veres One Decentralized Identifier Blockchain Launches
    https://tinyurl.com/veres-one-launches

    
    

Received on Thursday, 31 May 2018 11:18:07 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:47 UTC