Re: Verified Credentials: where are the protocols described for retrieving a VC? from Snorre Lothar von Gohren Edwin on 2019-09-20 (public-credentials@w3.org from September 2019)

From: Snorre Lothar von Gohren Edwin <snorre@diwala.io>
Date: Fri, 20 Sep 2019 11:49:13 +0200
To: "Michael Herman (Parallelspace)" <mwherman@parallelspace.net>
Cc: "daniel.hardman@evernym.com" <daniel.hardman@evernym.com>, "public-credentials@w3.org" <public-credentials@w3.org>
Message-ID: <CAE8zwO0UB1nPpHMJMYLRye0J2y880d_iz1k1GRZ+eHw3gGod+A@mail.gmail.com>

I think the questions you are raising are important, and the reason for why
the interop project efforts are so important.
There were some papers at RWoT 9 that was raising the same concern and
trying to raise the need for some agreement on what to put the efforts
into. And some specifying more clearly how a general API can look towards
the storage part. The were called encrypted data vaults.

But since these questions come up time after time, and everything we are
able to answer with is an example of a query language that I dont know if
everybody is working around. Then we need to put more effort into the case
of interop, and be able to bridge the different efforts.
This is one effort going on:
https://github.com/decentralized-identity/interop-project
And I believe Aries is doing some good work, someone here can fill in more
on that than me.



On Thu, Sep 19, 2019 at 7:44 PM Michael Herman (Parallelspace) <
mwherman@parallelspace.net> wrote:

> Good analysis (as usual 😊) Daniel,
>
>
>
> First, one potential point of confusion is that I’m thinking of a
> Credential in broad terms:
>
>    - A set of Claims (name-value pairs) associated with a Credential ID
>    as well as the ID of the Subject of the Credential
>    - In this sense, I’m not distinguishing between a Credential and a DID
>    Document …neither physically or from a high-level schema perspective, they
>    essentially look the same:
>    a set of Claims (name-value pairs)
>    - A Credential is an actual thing (aka application object) …i.e. an
>    instance of a data structure filled with data values
>
>
>
> Let’s look at your use cases:
>
>    1. the holder receiving the credential for the first time from the
>    issuer
>       - It’s a fair assumption that the Issuer (before transmission) and
>       the Holder (upon receipt) will need to store the Credential somewhere (e.g.
>       local wallet, private database, etc.).
>       What are the keys for retrieving/working with these Credentials?
>       - The Credential will also need to be persisted for transmission
>       and might live in an indexed, intermediate store that is part of the
>       communication protocol.
>       What are the keys for retrieving/working/inspecting with these
>       Credentials?
>
>       2. the holder sharing the credential with a verifier later
>       - Ditto for the Holder and Verifier (interchanging Verifier for
>       Holder and Holder for Issuer)
>
>       3. the holder looking up the credential in their private database,
>    for their own use?
>       - Ditto for the Holder (essentially the same as use case #1 and #2)
>
>
>
> In all 3 use cases, an Agent, or another piece of software, might also
> need to “inspect” a Credential to determine who the Subject is as well as
> the scope/subject matter of the Credential (Credential ID, schema
> identifier, etc.).
>
>
>
> So my evolved questions are:
>
>    1. How are Credentials uniquely “named” or identified?   Subject ID
>    only, Credential ID only, or should it be both?
>
>    2. Are there any evolving (generic) APIs/protocols for retrieving a
>    Credential (set of Claims) from a store (e.g. a wallet, private database,
>    distributed transaction store, relational database, etc. etc.)
>
>
>
>
>
> Best regards,
>
> Michael Herman
>
> Self-Sovereign Blockchain Architect
>
> Hyperonomy Digital Identity Lab
>
> Parallelspace Corporation
>
>
>
> [image: Trusted Digital Web Certificate 0.1]
>
>
>
>
>
>
>
> *From:* Daniel Hardman <daniel.hardman@evernym.com>
> *Sent:* September 18, 2019 9:46 PM
> *To:* Michael Herman (Parallelspace) <mwherman@parallelspace.net>
> *Cc:* public-credentials@w3.org
> *Subject:* Re: Verified Credentials: where are the protocols described
> for retrieving a VC?
>
>
>
> When you say "retrieving" a verified credential, are you talking about the
> holder receiving the credential for the first time from the issuer--or
> about the holder sharing the credential with a verifier later--or about the
> holder looking up the credential in their private database, for their own
> use?
>
>
>
> On Wed, Sep 18, 2019 at 8:21 PM Michael Herman (Parallelspace) <
> mwherman@parallelspace.net> wrote:
>
> Where are the protocols described for retrieving a Verified Credential?
> For example, at the Technology level, is a VC just the same as a
> conventional DID Document?
>
>
>
> Also, do you only need to know the DID for the VC to be able to retrieve
> it? …or do you need to know both the DID for the VC as well as the DID for
> the Subject of the VC?
>
>
>
> Best regards,
>
> Michael Herman
>
> Self-Sovereign Blockchain Architect
>
> Hyperonomy Digital Identity Lab
>
> Parallelspace Corporation
>
>
>
> [image: Trusted Digital Web Certificate 0.1]
>
>
>
>
>
>

-- 


*Snorre Lothar von Gohren Edwin*
Co-Founder & CTO, Diwala
+47 411 611  <+47%20404%2061%20926>94
www.diwala.io

Attachments

image/jpeg attachment: image002.jpg
image/jpeg attachment: image006.jpg
image/jpeg attachment: image009.jpg

Received on Friday, 20 September 2019 09:49:48 UTC