W3C home > Mailing lists > Public > public-credentials@w3.org > December 2020

Re: looking for a specific use-case

From: Adrian Gropper <agropper@healthurl.com>
Date: Wed, 16 Dec 2020 07:34:46 -0500
Message-ID: <CANYRo8hCGzPddOx2YeMtQxknMg0FX=tdixwf3nEuTgnNYFS=AQ@mail.gmail.com>
To: "Joosten, H.J.M. (Rieks)" <rieks.joosten@tno.nl>
Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Yes, that makes perfect sense. This is the reason for de-duplicated
identities and notaries in the real world.

I wrote some of this up as the Zener Diode in
https://github.com/w3c/did-use-cases/issues/102#issuecomment-703943437

I've also heard an aspect of this described as 'sharing of liability' to
certificate authorities where the CA is paid to isolate the issuer and/or
the verifier from some liability.

Whether you call it a notary or a CA the common thing is that:
- they are bonded or certified as fiduciaries of the jurisdiction
(typically the gov, but could be private)
- they verify a de-duplicated identity for the subject
- they keep a log that can be accessed at some significant cost if needed

I worry that our SSI use cases tend to be simplistic and artificial by not
including audit, authorization, revocation, and mediating service providers
as primary concerns. As an engineer I appreciate the desire of engineers to
"layer" things and to model simple issuer, holder, verifier, registry
relationships. As a privacy engineer with deep regulatory experience, I
feel this is overly simplistic and will harm the adoption of our hard work.

Adrian

On Wed, Dec 16, 2020 at 3:48 AM Joosten, H.J.M. (Rieks) <
rieks.joosten@tno.nl> wrote:

> Thanks, Adrian, for your example. Let me summarize to see if I get the
> details:
> You have been appointed a guardianship (over some other person - the
> dependent) by the state, that issued a credential to certify that
> relationship.
> The credential contains data that identifies you, data that identifies the
> dependent.
> It may also contain the (financial) rights/duties that go with this
> relationship, but such rights/duties may also be implicit (e.g. the law
> specifies them).
> We have an SP that knows the dependent, and has some bad experiences with
> him/her.
> -- now comes the part on which I like to focus: --
> Then, the SP receives a request to provide some service, and it needs to
> know for/to whom to provide the service.
> In normal circumstances, a service would be provided for/to the requester,
> causing the SP to authenticate the requester so that it can find the
> requester's account, ,and be done with it.
> In guardianship circumstances, the requester can present a guardianship
> credential that allows the SP to authenticate you (and find your account)
> AND establish that you act as the guardian in a guardianship relationship
> (with some dependent).
>
> I guess the issue I try to identify (before making attempts to solve it)
> is what the SP would need to be in the guardianship credential that would
> allow it to find the account of the dependent if that were to exist. The
> problem here is that the issuer of the guardianship credential may put data
> in the credential to identify the dependent that makes sense to the issuer,
> but it may not necessarily make sense to arbitrary SPs.
>
> Does that make sense?
> Rieks
>
> From: Adrian Gropper <agropper@healthurl.com>
> Sent: dinsdag 15 december 2020 17:27
> To: Joosten, H.J.M. (Rieks) <rieks.joosten@tno.nl>
> Cc: W3C Credentials CG (Public List) <public-credentials@w3.org>
> Subject: Re: looking for a specific use-case
>
> Legal guardian accessing financial info at Schwab (as SP)
>
> On Tue, Dec 15, 2020 at 11:16 AM Joosten, H.J.M. (Rieks) <mailto:
> rieks.joosten@tno.nl> wrote:
> I'm looking for a use-case, which I think requires:
> • that is realistic;
> Common and I have first-hand experience as the guardian
>
> • that involves (at least) two people, as e.g. in a marriage, a
> guardianship or otherwise, and some service provider (SP);
> State-certified guardianship
>
> • where SP has no earlier knowledge of any of these two people (he doesn't
> know who these people are);
> The SP has a prior relationship with a money manager service but a tenuous
> relationship with the subject and no relationship with the (new) guardian.
>
> • where SP can obtain credentials from only one of these persons (the
> other is somehow incapable of presenting credentials);
> The guardian can provide a notarized document if necessary.
>
> • where SP is requested to make a decision (e.g. to provide a service);
> Access credentials to the guardian
>
> • where SP needs to authenticate *both* persons in order to make that
> decision.
> This is unclear. It sounds like you're looking for a new SP account like
> KYC but that does not involve a second party. If there is a prior account
> relationship with the SP then there is implicitly a link back to the
> account data subject.
>
> Adrian
>
> Any suggestions?
> Rieks
>
> This message may contain information that is not intended for you. If you
> are not the addressee or if this message was sent to you by mistake, you
> are requested to inform the sender and delete the message. TNO accepts no
> liability for the content of this e-mail, for the manner in which you use
> it and for damage of any kind resulting from the risks inherent to the
> electronic transmission of messages.
>
Received on Wednesday, 16 December 2020 12:35:11 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 16 December 2020 12:35:12 UTC