Re: Proof of Possession -How? from Manu Sporny on 2016-05-04 (public-credentials@w3.org from May 2016)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Tue, 3 May 2016 23:02:58 -0400
To: public-credentials@w3.org
Message-ID: <57296662.4020207@digitalbazaar.com>
On 04/29/2016 04:58 AM, Anders Rundgren wrote:
> I may be stupid but I can't find any method (like a private key) for
>  binding a person to a credential in the documents I have skimmed.

The mechanism used is via a combination of Linked Data Signatures and
the WebDHT. Here's a use case:

You get a credential from me claiming that I'm a US Citizen (the claim
is asserted by the US Government). So, how do you verify this for
yourself. Here's the process:

1. Verify that the US Government signature is valid.
2. Verify that I'm in possession of the key associated with identifier
   that the the US Government asserts is a US Citizen.

Let's do step #1 first:

Verify that the US Government siganture is valid.

To do this, we use the Linked Data Signatures spec:

https://web-payments.org/specs/source/ld-signatures/

The bits that we still need to add to the spec basically state the
following:

1. Get the US Governments key URL, for example:
   https://travel.state.gov/keys/473

2. Look up the URL and get the machine readable data, which will
   point to the owner of that key, for example:
   https://travel.state.gov/ids/us-dept-of-state

3. Ensure that the owner points back to the key (the bi-directional link
   proves that the owner claims the key and vice-versa).

4. Verify the digital siganture using this algorithm:
https://web-payments.org/specs/source/ld-signatures/#signature-verification-algorithm

Now let's do step #2:

If the signature is valid, then you know that the US Government claims
came from the US Government. The US Government claims that my identifier
is, for example, did:90096afc-c232-4b96-b48c-dcdba19b7ead.

The message you received from me was wrapped. The inner most content was
the US Government credential. The outer content was an assertion by me
that I was releasing the information to you. That assertion looks like this:

https://gist.github.com/msporny/f1e904f4e24ef7c8fec3b7646406c4ad

So, to verify that the signature came from me (the outermost signature),
you look up the DID document associated with me:

https://authorization.io/dids/did:90096afc-c232-4b96-b48c-dcdba19b7ead

You get the public key information from there for this key:

did:90096afc-c232-4b96-b48c-dcdba19b7ead/keys/1

and you verify the signature using the same algorithm as in step #1, but
with different key material.

Doing these steps proves:

1. That the US Government says did:90096afc-c232-4b96-b48c-dcdba19b7ead
   is a US citizen (via the digital signature).
2. That I am did:90096afc-c232-4b96-b48c-dcdba19b7ead because I
   digitally signed something to you when I handed my credential over
   to you.

That's how you do proof of possession in the Credentials ecosystem.

-- manu

-- 
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
JSON-LD Best Practice: Context Caching
https://manu.sporny.org/2016/json-ld-context-caching/
Received on Wednesday, 4 May 2016 03:03:31 UTC