W3C home > Mailing lists > Public > public-credentials@w3.org > March 2018

Re: Verifiable Credentials on DID-Auth

From: Dave Longley <dlongley@digitalbazaar.com>
Date: Tue, 27 Mar 2018 12:24:07 -0400
To: Carlos Bruguera <cbruguera@gmail.com>, public-credentials@w3.org
Message-ID: <80ae1398-2591-ae40-205d-d0efe81130ef@digitalbazaar.com>
On 03/26/2018 11:23 PM, Carlos Bruguera wrote:
> Hello everyone, I've been following the recent discussions on DID, and 
> more specifically DID-Auth. I haven't been able to join the calls since 
> I'm in a bit of an inconvenient timezone right now.
> 
> I was just wondering to what degree is current discussion on this matter 
> taking into account Verifiable Credentials as part of the DID-Auth flow. 
> If my understanding is correct, I've only seen DID-Auth to cover the 
> "proof" process of DID ownership (or private key-ownership of an 
> associated public key pertaining to a DID). However, I can easily 
> envision cases where the authenticating party is requiring a certain set 
> of (verified) attributes linked (or owned) to the identity owner that 
> corresponds to the DID being authenticated. An example is simple 
> "sign-up" on a website, where /name/, /email/, /nationality/, and/or 
> other personal attributes are to be provided. If such sign-up process is 
> being performed via DID-Auth, it makes sense to re-use any claims that 
> already attest for the validity of such attributes, and these claims 
> might be or might be not publicly accessible.
> 
> Any thoughts or drafted ideas/diagrams on this regard? Does this make 
> any sense or maybe I'm missing something on the currently proposed 
> DID-Auth flow? In case DID-Auth gets to include the request and 
> verification of credentials as well, I think it should take into account 
> public as well as private credentials.

Markus covered this a bit in his response, but I wanted to give you
links to the Credential Handler API which enables both DID-Auth and the
exchange of Verifiable Credentials in the browser:

Github: https://github.com/w3c-ccg/credential-handler-api

Spec: https://w3c-ccg.github.io/credential-handler-api/

Demo: https://credential-repository.demo.digitalbazaar.com/

Video: https://www.youtube.com/watch?v=bm3XBPB4cFY



-- 
Dave Longley
CTO
Digital Bazaar, Inc.
http://digitalbazaar.com
Received on Tuesday, 27 March 2018 16:24:34 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:18:25 UTC