W3C home > Mailing lists > Public > public-credentials@w3.org > December 2020

RE: Reminder and Agenda for Confidential Storage Spec Call - Dec 3, 2020

From: John, Anil <anil.john@hq.dhs.gov>
Date: Thu, 3 Dec 2020 21:24:58 +0000
To: Credentials Community Group <public-credentials@w3.org>
Message-ID: <BLAPR09MB72849FBB2A7FB3CE0979D1D3C5F20@BLAPR09MB7284.namprd09.prod.outlook.com>
>I'm not sure where the Trusted Trade Server name came from, I wasn't involved then.

It came from two proof-of-concepts (1) NAFTA/CAFTA POC and (2) Intellectual Property Rights multi-party blockchain technology proof-of-concept that DHS S&T and DHS CBP worked on back in the day which needed an architectural model that separated shared data from data that was business sensitive given the need for DHS/CBP to work with multiple, sometimes competing, entities in the Trade domain.

The deployment architecture that resulted was validated in the POCs with trade organizations who brought their own Blockchain tech and who needed to share data with DHS/CBP deploying their Blockchain/DLT paired with an associated “Trade Server” in which the business sensitive data was kept under the control of the data owner, while allowing dynamic on-demand access by DHS/CBP.

NAFTA/CAFTA POC report @ https://www.cbp.gov/sites/default/files/assets/documents/2019-Oct/Final-NAFTA-CAFTA-Report.pdf

IPR POC report @ https://www.cbp.gov/sites/default/files/assets/documents/2020-Mar/IPR%20POC%20Report%20-%20Final%20V2.pdf


The architectural model was interesting and generically useful enough that, Digital Bazaar who was the vendor that we worked with on the POCs, with our full support decided to contribute that architecture model to the community to be standardized via the “Encrypted Data Vault” spec/moniker.

Best Regards,

Anil

Anil John
Technical Director, Silicon Valley Innovation Program
Science and Technology Directorate
US Department of Homeland Security
Washington, DC, USA

Email Response Time – 24 Hours

[https://www.dhs.gov/science-and-technology/svip]

From: Dmitri Zagidulin <dzagidulin@gmail.com>
Sent: Thursday, December 3, 2020 3:30 PM
To: John, Anil <anil.john@hq.dhs.gov>
Cc: Credentials Community Group <public-credentials@w3.org>
Subject: Re: Reminder and Agenda for Confidential Storage Spec Call - Dec 3, 2020

CAUTION: This email originated from outside of DHS. DO NOT click links or open attachments unless you recognize and/or trust the sender. Contact your component SOC with questions or concerns.

So, to be slightly more detailed/pedantic, the evolution was more like:

"Trusted Trade Server" >> the SVIP program / proof of concept that used that name generated interest and momentum in this. (I'm not sure where the Trusted Trade Server name came from, I wasn't involved then.)

Then there was the Encrypted Data Vault draft spec (informed by the experience with the Trusted Trade Server tech). Last year, it was proposed to the W3C CCG as a work item. This stirred a lot of discussion and questions, starting with things like "how do EDVs relate to project X over here...".
It was clear that multiple groups working on similar tech were interested in the concept of encrypted / secure storage, including DIF's Identity Hub project (also some interest from Hyperledger Aries, Solid Project, etc).

So right around that same time, the Encrypted Data Vaults paper<https://urldefense.us/v2/url?u=https-3A__github.com_WebOfTrustInfo_rwot9-2Dprague_blob_master_draft-2Ddocuments_encrypted-2Ddata-2Dvaults.md&d=DwMFaQ&c=2plI3hXH8ww3j2g8pV19QHIf4SmK_I-Eol_p9P0CttE&r=FUgYmx6LTIaPqn7QR6TBfzml-fqCTpab-djgqlCFtgU&m=2mpFeK4htT_5HqaV0qLqGOFFiIbjEIjnodt6VHIKGx8&s=7ewjo5amgQshBdeHF2QBNd2e4AhcFh7SX5XCk3ZgZ_s&e=> came out (at the Rebooting the Web of Trust 9 conference in Prague), which attempted to clarify what Encrypted Data Vaults were, and how they related to other projects in this space (including Identity Hub).

Further discussion made it clear that a lot of this work is related, and complementary (for example, Identity Hub could use Encrypted Data Vaults as a low-level storage spec). And after a lot of titanic effort and negotiation, several communities came to form the Secure Data Storage WG at DIF (as a joint item with the W3C CCG). (There was a bit of time pressure to come up with the name for the group and the spec, and 'Secure Data Storage' was the best we could come up with at the time.)

The important detail here is - "Secure Data Storage" was an umbrella term (for the spec and the working group) which included in it the Encrypted Data Vault spec and the Identity Hub spec.

Fast forward to now. As the working group went on (and mentioned this work to other communities), a consistent piece of feedback that we encountered was... the fact that "secure" storage was too generic of a term. All companies and storage provider (from the most random web hosting company to Dropbox to Google Drive etc) rightly consider their storage, well.. secure. It was turning out that the 'Secure Data Storage' name was not working.

Hence the project to rename it. (Very reluctantly rename it, mind you.) And 'Confidential Storage' is the name that got the most consensus.

And again, it doesn't replace Encrypted Data Vaults or Identity Hubs. It's just the general umbrella term for those specs and related tech.

Does that make more sense?

On Thu, Dec 3, 2020 at 12:51 PM John, Anil <anil.john@hq.dhs.gov<mailto:anil.john@hq.dhs.gov>> wrote:
Just so I can trace the evolution of the naming here …

Trusted Trade Server  >> Encrypted Data Vault >> Secure Data Storage >> to …. “Confidential Storage”? :-)

Best Regards,

Anil

Anil John
Technical Director, Silicon Valley Innovation Program
Science and Technology Directorate
US Department of Homeland Security
Washington, DC, USA

Email Response Time – 24 Hours

[https://www.dhs.gov/science-and-technology/svip]


image004.png
(image/png attachment: image004.png)

Received on Thursday, 3 December 2020 21:28:28 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 3 December 2020 21:28:30 UTC