Re: DID-Auth from Melvin Carvalho on 2018-02-07 (public-credentials@w3.org from February 2018)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Wed, 7 Feb 2018 15:04:21 +0100
To: Markus Sabadello <markus@danubetech.com>
Cc: W3C Credentials Community Group <public-credentials@w3.org>
Message-ID: <CAKaEYhJnGunnXSVMi1EKHQsCtbKxNg43_D26VV+abG-YP+ekfg@mail.gmail.com>

On 7 February 2018 at 10:33, Markus Sabadello <markus@danubetech.com> wrote:

> I think it was mostly Kyle Den Hartog (who attended RWoT#5) with some
> input from others who used that Google doc for brainstorming on DID-Auth,
> and yes we've had some discussions on this during the DIF calls.
>
> Thanks for your feedback and adding some pointers, +1 to re-using what's
> already there.
>
> Personally, think the term DID-Auth has been used quite a bit but is
> currently not really well-defined.
> It could be understood as an umbrella term for "proving control over a
> DID", and perhaps also more broadly as "proving something else such as
> possession of a credential".
>
> This high-level concept of DID-Auth can manifest itself in various ways:
>
> - *Proof of control over a DID on a transport layer* -> DID-TLS, CurveCP,
> CurveZMQ
>


DID-TLS sounds very interesting -- can I read more about it?


> - *Proof of control over a DID on the HTTP layer* -> HTTP-Signatures
>
> - *Proof of control over a DID and proof of possession of a credential
> inside a browser* -> Credential Handler API
>
> - *Proof of control over a DID via more complex flows involving browsers,
> redirects, mobile apps, etc., potentially transport-agnostic* -> Some
> kind of challenge/response pattern using LD-Signatures, see DID-Auth
> diagrams from RWoT#4
>
> For the BCGov project, I feel like a mix of these will be required,
> looking forward to further discussions during the calls and at RWoT.
>
> Markus
> On 02/06/2018 05:03 PM, Manu Sporny wrote:
>
> On 02/06/2018 08:20 AM, Markus Sabadello wrote:
>
> I would love this group's input on how to approach this in a way that
> is re-usable and complementary with other community efforts.
>
> Hmm, just found this in the link you sent, Markus:
> https://docs.google.com/document/d/1Lt0uMvSuv094Bb-5XvVKNqNFEDrlWm3acy1O5-vVZu4/edit#
>
> Feels like DIF is duplicating work that is also being done in this CG.
> We should talk about making sure we're not duplicating effort when we
> discuss this in the CG.
>
> -- manu
>
>
>
>

Received on Wednesday, 7 February 2018 14:05:01 UTC