W3C home > Mailing lists > Public > public-credentials@w3.org > September 2017

Re: Verifiable Text-based Claims

From: Adam Sobieski <adamsobieski@hotmail.com>
Date: Fri, 15 Sep 2017 01:52:47 +0000
To: David Chadwick <D.W.Chadwick@kent.ac.uk>, "public-credentials@w3.org" <public-credentials@w3.org>
Message-ID: <DM5PR01MB3275C9AFFCA00D211FDC7A4BC56C0@DM5PR01MB3275.prod.exchangelabs.com>
David,

Updated the sketchpad per your recommendation:
https://w3c-ccg.github.io/verifiable-news/sketchpad.html#revocation-of-statements .


Best regards,
Adam

From: David Chadwick<mailto:D.W.Chadwick@kent.ac.uk>
Sent: ‎Thursday‎, ‎September‎ ‎14‎, ‎2017 ‎6‎:‎33‎ ‎PM
To: public-credentials@w3.org<mailto:public-credentials@w3.org>

Hi Adam

On 14/09/2017 02:50, Adam Sobieski wrote:
> David,
>
> Thank you. At
> https://w3c-ccg.github.io/verifiable-news/sketchpad.html#http-based-revocation ,
> I describe a system where Not found (404, 410) means revoked and Ok
> (200) means not revoked. I see what you’re saying about Not found
> meaning not revoked and Ok with a credential ID meaning revoked as well
> as the feature of retrieving lists of revoked credentials. I think that
> we should have both HTTP-based approaches. I updated the document with
> these ideas.
>

In order to make the revocation more secure we placed a digitally signed
CRL at the revoke URL. In this way a hacker is not able to hack the web
site and get it to return OK with a message, because he does not have
access to the issuer's private key

regards

David
>
> Best regards,
> Adam
>
> *From:* David Chadwick <mailto:D.W.Chadwick@kent.ac.uk>
> *Sent:* ‎Wednesday‎, ‎September‎ ‎13‎, ‎2017 ‎3‎:‎21‎ ‎PM
> *To:* public-credentials@w3.org <mailto:public-credentials@w3.org>
>
> Hi Adam
>
> I notice that you are also including a revocation mechanism in your
> claims. I produced an IETF draft 10 years ago which proposed something
> very similar for X.509 certificates
> ( See https://www.ietf.org/archive/id/draft-chadwick-webdav-00.txt).
> Conceptually they are the same: the credential contains the URL where
> the revocation information can be found. If Not found is returned the
> credential has not been revoked, otherwise Ok is returned along with a
> CRL of length 1 containing the ID of the revoked credential. My ID
> contains other features as well, such as the ability to retrieve all the
> revoked credentials of a particular issuer. You might wish to consider
> this as well
>
> regards
>
> David
>
> On 12/09/2017 22:13, Adam Sobieski wrote:
>> I’m exploring and sketching some ideas with regard to verifiable
>> text-based claims.
>>
>> https://w3c-ccg.github.io/verifiable-news/sketchpad.html

>>
>> Questions, comments and suggestions welcomed.
>>
>>
>> Best regards,
>> Adam Sobieski
>>
>

Received on Friday, 15 September 2017 01:53:11 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:18:13 UTC