Re: Secure Data Hubs specification released from Manu Sporny on 2019-07-02 (public-credentials@w3.org from July 2019)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Tue, 2 Jul 2019 09:37:02 -0400
To: Carlos Bruguera <cbruguera@gmail.com>
Cc: Credentials Community Group <public-credentials@w3.org>
Message-ID: <3033b536-8877-4ec7-edcd-df5d68ddc3e2@digitalbazaar.com>

On 7/2/19 2:30 AM, Carlos Bruguera wrote:
> Great initiative! My assumption is that this specs attempt to 
> "standardize" all these separate lines of work for secure identity 
> data storage?

The goal of the Secure Data Hub spec is to standardize
encrypted-in-transit-and-at-rest storage of structured data (JSON
documents, Verifiable Credentials, etc.) and binary blob data (pictures,
video, etc.).

DIF Identity Hubs may or may not use Secure Data Hubs as a low-level
storage layer. The hope is that they do, but it is going to take
alignment to make that happen.

> Are DIF Hubs, for example, expected to stay compliant with these 
> specs (or are the specs already being considered to be compatible 
> with the ongoing work on DIF Hubs)?

We need to explore that. We have studied the Identity Hubs specification
in great detail and are proposing Secure Data Hubs as a way of achieving
some, but not all, of the goals of the Identity Hubs work.

> I cite the DIF Hubs specific example because I already perceived it 
> it as an initiative to reach some sort of "common ground" for agent 
> interoperability among different identity platforms (if I my 
> understanding is correct)... On this note, A particular feature of 
> DIF Hubs is that they intend to implement a protocol for data 
> replication among different agents: is this being considered for 
> Secure Data Hubs, or would that be left outside this scope?

Yes, encrypted data replication (and data portability) is considered for
Secure Data Hubs.

Secure Data Hubs are intended to be a component of the overall system
we're creating, not the final solution. Secure Data Hubs are useful
without Decentralized Identifiers and Verifiable Credentials... for
example, as an encrypted repository for word processing documents,
family pictures, etc. So, while they're intended to fit into the
Verifiable Credentials ecosystem, they're useful by themselves (just
like Verifiable Credentials are designed to be used with DIDs, but are
capable of using any identifier, including URNs, traditional URLs, etc.)

Hope that clarifies the intent... did the above answer your questions?

-- manu

-- 
Manu Sporny (skype: msporny, twitter: manusporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Veres One Decentralized Identifier Blockchain Launches
https://tinyurl.com/veres-one-launches

Received on Tuesday, 2 July 2019 13:37:25 UTC