Re: looking for a specific use-case from Alan Karp on 2020-12-15 (public-credentials@w3.org from December 2020)

From: Alan Karp <alanhkarp@gmail.com>
Date: Tue, 15 Dec 2020 09:07:38 -0800
To: "Joosten, H.J.M. (Rieks)" <rieks.joosten@tno.nl>
Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Message-ID: <CANpA1Z2wj93_qN-1m-5w0VqrkLSg+n=ZXq1+Ek5wTmL+GdW0ew@mail.gmail.com>

oosten, H.J.M. (Rieks) <rieks.joosten@tno.nl> wrote:

> I'm looking for a use-case, which I think requires:
>
>    - that is realistic;
>    - that involves (at least) two people, as e.g. in a marriage, a
>    guardianship or otherwise, and some service provider (SP);
>    - where SP has no earlier knowledge of any of these two people (he
>    doesn't know who these people are);
>    - where SP can obtain credentials from only one of these persons (the
>    other is somehow incapable of presenting credentials);
>    - where SP is requested to make a decision (e.g. to provide a service);
>    - where SP needs to authenticate *both* persons in order to make that
>    decision.
>
> That's a good set of requirements, except the last.  Authenticating the
two identities, which I assume is what you meant, is less important for the
SP than knowing what permissions they have.  Using authentication of
identity, role, or attributes to make an access decision often leads to a
confused deputy vulnerability.

--------------
Alan Karp

Received on Tuesday, 15 December 2020 17:08:04 UTC