- From: Markus Sabadello <markus@danubetech.com>
- Date: Tue, 19 Jun 2018 22:22:54 +0200
- To: W3C Credentials CG <public-credentials@w3.org>
- Message-ID: <ca1a1360-1658-8efe-c0d7-0af87c183467@danubetech.com>
Hello Credentials Group, At RWoT#6 we started to work on a paper on "DID Auth", i.e. a protocol to "prove control over a DID": https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-spring2018/blob/master/draft-documents/did_auth_draft.md Also known as "Super Sign On", as Moses calls it :) This paper doesn't define such a protocol, but it tries to capture the "collected community wisdom" on various ways how DID Auth _could_ be done. It lists potential challenge/response formats and transports, as well as some possible architectures how all the pieces can fit together. In the last few weeks I've worked with Dmitri Zagidulin and other authors and contributors to fill in the last major missing pieces, which are currently open PRs: - Biometrics in DID Auth <https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-spring2018/pull/89> - Relation to WebAuthn <https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-spring2018/pull/90> - Relation to OIDC <https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-spring2018/pull/91> There are still some minor edits and fixes we need to do, but the latest version (with all PRs merged) can now be viewed here (temporarily in my own fork): https://github.com/peacekeeper/rebooting-the-web-of-trust-spring2018/blob/master/draft-documents/did_auth_draft.md Please let us know if you have feedback or think something important is missing or wrong (but again, this is not a spec). Special thanks to BCGov for supporting this work! Markus
Received on Tuesday, 19 June 2018 20:23:28 UTC