Re: Electronic Driving Licenses from David Chadwick on 2019-04-23 (public-vc-wg@w3.org from April 2019)

From: David Chadwick <D.W.Chadwick@kent.ac.uk>
Date: Tue, 23 Apr 2019 18:44:26 +0100
To: Karyl Fowler <karyl@transmute.industries>
Cc: Oliver Terbu <oliver.terbu@consensys.net>, public-vc-wg@w3.org
Message-ID: <34da9436-6436-c140-b0b3-170df1826069@kent.ac.uk>
Hi Karyl

thankyou for sharing this with the group. I note that the report
recommends a pilot project for digital driving licenses. Do you know if
the pilot has started yet, and if so, when the results might become
available

Kind regards

David

On 23/04/2019 17:52, Karyl Fowler wrote:
> I have been following this discussion as I interact with legislators in
> Texas on electronic drivers license bills on the floor here. 
> 
> Attached is a 2016 report Rep. Goodwin's office shared with me detailing
> our state's primary concerns for establishing e-licenses. This is more
> of a policy framing, but some of the tech challenges are consistent
> across states/the U.S. and have been helpful to my company's work in
> this space.
> 
> Best,
> -- 
> 
> *KARYL FOWLER
> *Chief Executive Officer
> www.transmute.industries
> 
> <https://www.transmute.industries/>
> 
> 
> ᐧ
> 
> On Wed, Apr 17, 2019 at 3:12 AM David Chadwick <D.W.Chadwick@kent.ac.uk
> <mailto:D.W.Chadwick@kent.ac.uk>> wrote:
> 
>     Hi Oliver
> 
>     Yes I think we should try to influence the standard if possible. They
>     are clearly influenced by other standards otherwise they would not be
>     looking into OIDC and CBOR. Since we believe VCs are superior and
>     designed for driving licenses then we should try to sell VCs to them.
> 
>     Kind regards
> 
>     David
> 
> 
>     On 16/04/2019 18:34, Oliver Terbu wrote:
>     > Yes, I was part of the expert group (ISO/IEC JTC1 WG10) working on
>     the spec. I also created awareness that W3C VCs are a good idea, but
>     it was not adopted.
>     >
>     > Last time I spoke to them, ISO 18013-5 will allow two different
>     approaches:
>     > - Offline: a smartphone version of the chip card and data is
>     transmitted between a verifier and a holder using BLE, NFC, etc. The
>     data format has to be chip-friendly and uses ISO/IEC 18013-2 and
>     ISO/IEC 18013-3 encoding. I heard they recently looked into CBOR.
>     > - Online: allows the transmission of a “token” to establish a
>     connection with an online server and obtain the data from the
>     server. The data format is based on JWT. The exchange protocol they
>     were looking into was OpenID Connect. In theory, the “token” could
>     also be a DID, but the exchange format would need to be extended
>     respectively ISO 18013-5 amended.
>     >
>     > Their primary intention is not to introduce an online identity.
>     Their primary focus is peer-to-peer verification, e.g., roadside stop.
>     >
>     > The group also looked into different types of ZKPs. Data
>     minimization was a declared goal of the working group, i.e., atomic
>     claims, and will be part of the spec.
>     >
>     > We could always try to set up a call with them when they are
>     convening (usually every two months).
>     >
>     > Oliver
>     >
>     >
>     >> On 16. Apr 2019, at 19:25, David Chadwick
>     <D.W.Chadwick@kent.ac.uk <mailto:D.W.Chadwick@kent.ac.uk>> wrote:
>     >>
>     >> Thanks Mike
>     >>
>     >> the other thing I mentioned to the UK DVLA was the notion of
>     atomic VCs.
>     >> He had not heard of this concept before, but thought it was a
>     good idea
>     >> if each driving license attribute was inserted in a separate VC
>     so that
>     >> users could selectively disclose them. (I also shared ZKP VCs
>     with him
>     >> as a more advanced alternative of this).
>     >>
>     >> If we could get the ISO standard to acknowledge this concept as well
>     >> (assuming it does not already do this), then it would be a big
>     win for
>     >> privacy.
>     >>
>     >> kind regards
>     >>
>     >> David
>     >>
>     >> On 16/04/2019 18:02, Mike Varley wrote:
>     >>> I am not an expert on the ISO spec, but an earlier version I saw
>     was a set of claims (like a JSON doc) that could be wrapped in
>     another attestation format - like a VC or JWS or both.
>     >>> I will try and follow up to see if that is still true.
>     >>>
>     >>> MV
>     >>>
>     >>> On 2019-04-16, 12:59 PM, "David Chadwick"
>     <D.W.Chadwick@kent.ac.uk <mailto:D.W.Chadwick@kent.ac.uk>> wrote:
>     >>>
>     >>>    Hi All
>     >>>
>     >>>    I spoke with the UK Driving License Authority today and it
>     appears that
>     >>>    an ISO standard for electronic driving licenses is nearly
>     completed. It is
>     >>>
>     >>>    ISO 18013 part 5
>     >>>
>     >>>    It is out for ballot at the moment I believe.
>     >>>
>     >>>    Even though I am a member of BSI I cannot get a copy without
>     being a
>     >>>    member of the working group (which I am not). But I
>     understand that the
>     >>>    draft standard does not mention W3C Verifiable Credentials
>     nor propose
>     >>>    to use our technology for electronic driving licenses. This
>     would be a
>     >>>    huge missed opportunity if governments all around the world
>     (including
>     >>>    the US, as I understand Virginia has piloted a system
>     already) start to
>     >>>    issue electronic driving licenses that are not VC compatible.
>     >>>
>     >>>    Is anyone in our group a member of an ISO member body and
>     could either
>     >>>    get a look at the standard, or even better, suggest that W3C
>     VCs are one
>     >>>    of the mechanisms to be used for publishing electronic
>     driving licenses
>     >>>    to users
>     >>>
>     >>>    Kind regards
>     >>>
>     >>>    David
>     >>>
>     >>>
>     >>>
>     >>
>     >
>     >
>
Received on Tuesday, 23 April 2019 17:44:54 UTC