- From: Carlos Bruguera <cbruguera@gmail.com>
- Date: Tue, 27 Mar 2018 10:23:49 +0700
- To: public-credentials@w3.org
- Message-ID: <CAJrRL-EKTFAoU_55hUdm0JV1gzAj1SVOn6Pchx-J_TwFsKMAOg@mail.gmail.com>
Hello everyone, I've been following the recent discussions on DID, and more specifically DID-Auth. I haven't been able to join the calls since I'm in a bit of an inconvenient timezone right now. I was just wondering to what degree is current discussion on this matter taking into account Verifiable Credentials as part of the DID-Auth flow. If my understanding is correct, I've only seen DID-Auth to cover the "proof" process of DID ownership (or private key-ownership of an associated public key pertaining to a DID). However, I can easily envision cases where the authenticating party is requiring a certain set of (verified) attributes linked (or owned) to the identity owner that corresponds to the DID being authenticated. An example is simple "sign-up" on a website, where *name*, *email*, *nationality*, and/or other personal attributes are to be provided. If such sign-up process is being performed via DID-Auth, it makes sense to re-use any claims that already attest for the validity of such attributes, and these claims might be or might be not publicly accessible. Any thoughts or drafted ideas/diagrams on this regard? Does this make any sense or maybe I'm missing something on the currently proposed DID-Auth flow? In case DID-Auth gets to include the request and verification of credentials as well, I think it should take into account public as well as private credentials. Thanks beforehand. Regards, Carlos
Received on Tuesday, 27 March 2018 07:29:44 UTC