Re: What’s after DIDs? from Henry Story on 2019-08-01 (public-credentials@w3.org from August 2019)

From: Henry Story <henry.story@gmail.com>
Date: Thu, 1 Aug 2019 10:43:48 +0200
To: Dave Longley <dlongley@digitalbazaar.com>
Cc: Credentials Community Group <public-credentials@w3.org>, Manu Sporny <msporny@digitalbazaar.com>
Message-Id: <1EA9C0F1-F957-41EE-9EEA-19B497A3E20D@gmail.com>
> On 30 Jul 2019, at 18:03, Dave Longley <dlongley@digitalbazaar.com> wrote:
> 
> 
> On 7/30/19 8:23 AM, Henry Story wrote:
>>> On 30 Jul 2019, at 13:16, Henry Story <henry.story@gmail.com <mailto:henry.story@gmail.com> <mailto:henry.story@gmail.com <mailto:henry.story@gmail.com>>> wrote:
>>> 
>>> Would it be possible to make a minor extension to HttpSignature
>>> so that one can use https WebIDs [0] just as a way to get a simple
>>> thing going? That could be completely compatible with DIDs, but
>>> would allow one to get going in cases where one does not need
>>> all of the extra goodies that DIDs give one.
>>> 
>>> I did some work on that to implement a server side HTTP-Signatures
>>> and before that I worked on how one could use JS Crypto to create
>>> keys in the browser. 
>> Actually I think one could get the two to get quite close by adding a
>> notion of a KeyId ie perhaps an URI for a key that could be linked to
>> a WebID. One could then have
>> - https:// KeyIds. These could be located in the WebID Profile,
>> in a different document on the same server, or perhaps even on
>> a different server.
>> - or dids.
>> A WebID could point to the KeyID or DID (or perhaps these are
>> the same?), and authentication using Https Signature could then
>> pass both in the header. The DID for authentication, the WebID for
>> social network type identifier, and the link from the WebID  to the
>> Did/KeyId in the Profile Document would be the proof.
> 
> My understanding is that HTTP signatures already supports something like
> WebID-style authentication. Just use a URI for the `keyId` parameter.
> 
> We already use HTTP signatures in conjunction with LD proofs and DIDs.
> To my knowledge, it wouldn't work any differently if the `keyId` pointed
> at a key that resolved to a document that referenced a WebID as its
> `controller`. You'd then dereference that WebID to ensure its profile
> document had an appropriate back link to the key. (This is generally how
> LD proofs work, so it is agnostic to DIDs or WebIDs).

Yes, it would probably just need a short spec to make clear how that is meant
to work. 

I am currently out of funds to be able to put time into it, but would definitely
love to do it when I get time.

Henry Story

PS. If anyone has some money to do push that further here is my CV
https://bblfish.net/cv.pdf

> 
> 
>> Henry
>>> 
>>> Henry
>>> 
>>> [0] https://www.w3.org/2005/Incubator/webid/spec/identity/ <https://www.w3.org/2005/Incubator/webid/spec/identity/>
>>> [1] https://github.com/read-write-web/akka-http-signature <https://github.com/read-write-web/akka-http-signature>
>>> [2] https://github.com/read-write-web/solid-client <https://github.com/read-write-web/solid-client>
>>> 
>>>> On 30 Jul 2019, at 04:22, Manu Sporny <msporny@digitalbazaar.com <mailto:msporny@digitalbazaar.com>> wrote:
>>>> 
>>>> On 7/29/19 1:35 PM, Joe Andrieu wrote:
>>>>> TL;DR What’s after DIDs?
>>>> 
>>>> From a technical standards perspective, these are currently pain points
>>>> for Digital Bazaar and our customers that seem like we might be able to
>>>> collaborate on with other developers / companies in this group:
>>>> 
>>>> * True multi-DID interop
>>>> * True multi-wallet/issuer/verifier interop
>>>> * Collaboration on the Credential Handler API
>>>> * Linked Data Proofs/Signatures (W3C WGs for these)
>>>> * Secure Data Hubs (or, how do we make storage privacy-aware
>>>>  and self-sovereign)
>>>> * Verifiable Credentials 1.1 (we're not done yet)
>>>> * Verifiable Credentials Extensions
>>>> * VC/DID/LDP Registries
>>>> 
>>>> There are non-technical things we should do as well:
>>>> 
>>>> * Non-Violent Communication (and other approaches) to mend some of the
>>>>  damage across the identity community
>>>> * Field Work - More Use Cases from real people/customers
>>>> * Bite sized material to communicate our work to the general public
>>>> 
>>>> -- manu
>>>> 
>>>> -- 
>>>> Manu Sporny (skype: msporny, twitter: manusporny)
>>>> Founder/CEO - Digital Bazaar, Inc.
>>>> blog: Veres One Decentralized Identifier Blockchain Launches
>>>> https://tinyurl.com/veres-one-launches
>>>> 
>>> 
> 
> 
> -- 
> Dave Longley
> CTO
> Digital Bazaar, Inc.
> http://digitalbazaar.com <http://digitalbazaar.com/>
Received on Thursday, 1 August 2019 08:44:14 UTC