Re: The Unique Consignment Reference - a Nirvana powered by DID/VC? from Manu Sporny on 2020-08-29 (public-credentials@w3.org from August 2020)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Sat, 29 Aug 2020 12:54:50 -0400
To: public-credentials@w3.org
Message-ID: <cfcc1742-329d-bd6d-b175-dd10866ce2f7@digitalbazaar.com>

On 8/28/20 10:13 PM, steve capell wrote:
>  1. Can DIDs be used to identify things (eg a consignment) as well as
>     entities (eg people or organisations)?

Yes, although using a DID for a consignment is partly strange... why
does the consignment need to authenticate itself or issue VCs? Now, you
might choose to use DIDs as a unique identifier, or point to something
on a ledger. It's a bit of an abuse of the technology, but could be done
in some circumstances (smart consignment, smart custody, smart
contracts, etc.)

>  2. Would the actual data about the consignment be contained in a VC or
>     in a DID related document ?  It's worth noting here that the bill is
>     a commercial in confidence (ie non-public) document.

In a VC. DID Documents aren't really designed to carry that sort of
data... DID Documents are mostly about how to initiate a trusted
interaction with the DID Controller (who might also be the subject). VCs
are about expressing things about a particular subject, whether or not
they're identified by a DID, URN, URL, etc.

>  3. In order to blend with the non-DID/VC world it's reasonable to
>     expect that various EDI documents might reference a consignment via
>     it's DID- eg did:{some method}:{some uuid}.  Or would it be better
>     to reference the consignment as a VC via a URI/QR code that is the
>     key to discovery? 

The latter.

> This depends on the answer to 1 & 2.  ie is the
>     bill of lading a VC issued by a party identified by a DID or is the
>     bill of lading itself a DID?

Bill of Lading is a VC... I'd argue pretty strongly against using DID
Documents to express Bills of Lading unless there was a really
compelling reason to do it.

>  4. If the UCR is a DID did:{some method}:{some uuid} - then which of
>     the bewildering array of existing methods would be most appropriate
>     to use where the goal is a to use the DID as a discovery key to
>     access a (possibly encrypted) document.  ie "I have the DID now I
>     want the data in the document this DID references" 

Don't put encrypted stuff on the ledger. Put it off ledger, with it's
own form of authorization to access. This is a use case for DIDs (for
entities in the ecosystem), VCs (for documents that need to be digitally
signed), and Encrypted Data Vaults (for storage/retrieval of said
documents by authorized parties). You could use a blockchain for
discoverability and time stamping, but that's optional as if you trust
the entity signing the VC, you probably trust their time stamp... and
with Bills of Lading, at some point, some one wants to pick up their
cargo and if they don't have all of the electronic paperwork to do so,
they can't... so there is a strong incentive to produce everything...
blockchain or not.

Hope that helps, Steve.

-- manu

-- 
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
blog: Veres One Decentralized Identifier Blockchain Launches
https://tinyurl.com/veres-one-launches

Received on Saturday, 29 August 2020 16:55:04 UTC