W3C home > Mailing lists > Public > public-credentials@w3.org > March 2018

Verifiable Credentials on DID-Auth

From: Carlos Bruguera <cbruguera@gmail.com>
Date: Tue, 27 Mar 2018 10:23:49 +0700
Message-ID: <CAJrRL-EKTFAoU_55hUdm0JV1gzAj1SVOn6Pchx-J_TwFsKMAOg@mail.gmail.com>
To: public-credentials@w3.org
Hello everyone, I've been following the recent discussions on DID, and more
specifically DID-Auth. I haven't been able to join the calls since I'm in a
bit of an inconvenient timezone right now.

I was just wondering to what degree is current discussion on this matter
taking into account Verifiable Credentials as part of the DID-Auth flow. If
my understanding is correct, I've only seen DID-Auth to cover the "proof"
process of DID ownership (or private key-ownership of an associated public
key pertaining to a DID). However, I can easily envision cases where the
authenticating party is requiring a certain set of (verified) attributes
linked (or owned) to the identity owner that corresponds to the DID being
authenticated. An example is simple "sign-up" on a website, where *name*,
*email*, *nationality*, and/or other personal attributes are to be
provided. If such sign-up process is being performed via DID-Auth, it makes
sense to re-use any claims that already attest for the validity of such
attributes, and these claims might be or might be not publicly accessible.

Any thoughts or drafted ideas/diagrams on this regard? Does this make any
sense or maybe I'm missing something on the currently proposed DID-Auth
flow? In case DID-Auth gets to include the request and verification of
credentials as well, I think it should take into account public as well as
private credentials.

Thanks beforehand.

Received on Tuesday, 27 March 2018 07:29:44 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:18:25 UTC