Re: Electronic Driving Licenses

Hi Oliver

Yes I think we should try to influence the standard if possible. They
are clearly influenced by other standards otherwise they would not be
looking into OIDC and CBOR. Since we believe VCs are superior and
designed for driving licenses then we should try to sell VCs to them.

Kind regards

David


On 16/04/2019 18:34, Oliver Terbu wrote:
> Yes, I was part of the expert group (ISO/IEC JTC1 WG10) working on the spec. I also created awareness that W3C VCs are a good idea, but it was not adopted.
> 
> Last time I spoke to them, ISO 18013-5 will allow two different approaches:
> - Offline: a smartphone version of the chip card and data is transmitted between a verifier and a holder using BLE, NFC, etc. The data format has to be chip-friendly and uses ISO/IEC 18013-2 and ISO/IEC 18013-3 encoding. I heard they recently looked into CBOR.
> - Online: allows the transmission of a “token” to establish a connection with an online server and obtain the data from the server. The data format is based on JWT. The exchange protocol they were looking into was OpenID Connect. In theory, the “token” could also be a DID, but the exchange format would need to be extended respectively ISO 18013-5 amended.
> 
> Their primary intention is not to introduce an online identity. Their primary focus is peer-to-peer verification, e.g., roadside stop.
> 
> The group also looked into different types of ZKPs. Data minimization was a declared goal of the working group, i.e., atomic claims, and will be part of the spec.
> 
> We could always try to set up a call with them when they are convening (usually every two months).
> 
> Oliver
> 
> 
>> On 16. Apr 2019, at 19:25, David Chadwick <D.W.Chadwick@kent.ac.uk> wrote:
>>
>> Thanks Mike
>>
>> the other thing I mentioned to the UK DVLA was the notion of atomic VCs.
>> He had not heard of this concept before, but thought it was a good idea
>> if each driving license attribute was inserted in a separate VC so that
>> users could selectively disclose them. (I also shared ZKP VCs with him
>> as a more advanced alternative of this).
>>
>> If we could get the ISO standard to acknowledge this concept as well
>> (assuming it does not already do this), then it would be a big win for
>> privacy.
>>
>> kind regards
>>
>> David
>>
>> On 16/04/2019 18:02, Mike Varley wrote:
>>> I am not an expert on the ISO spec, but an earlier version I saw was a set of claims (like a JSON doc) that could be wrapped in another attestation format - like a VC or JWS or both.
>>> I will try and follow up to see if that is still true.
>>>
>>> MV
>>>
>>> On 2019-04-16, 12:59 PM, "David Chadwick" <D.W.Chadwick@kent.ac.uk> wrote:
>>>
>>>    Hi All
>>>
>>>    I spoke with the UK Driving License Authority today and it appears that
>>>    an ISO standard for electronic driving licenses is nearly completed. It is
>>>
>>>    ISO 18013 part 5
>>>
>>>    It is out for ballot at the moment I believe.
>>>
>>>    Even though I am a member of BSI I cannot get a copy without being a
>>>    member of the working group (which I am not). But I understand that the
>>>    draft standard does not mention W3C Verifiable Credentials nor propose
>>>    to use our technology for electronic driving licenses. This would be a
>>>    huge missed opportunity if governments all around the world (including
>>>    the US, as I understand Virginia has piloted a system already) start to
>>>    issue electronic driving licenses that are not VC compatible.
>>>
>>>    Is anyone in our group a member of an ISO member body and could either
>>>    get a look at the standard, or even better, suggest that W3C VCs are one
>>>    of the mechanisms to be used for publishing electronic driving licenses
>>>    to users
>>>
>>>    Kind regards
>>>
>>>    David
>>>
>>>
>>>
>>
> 
> 

Received on Wednesday, 17 April 2019 08:12:21 UTC