Re: OpenAttestation (was Re: looking for a specific use-case) from Bill Claxton on 2020-12-21 (public-credentials@w3.org from December 2020)

From: Bill Claxton <williamc@itr8.com>
Date: Tue, 22 Dec 2020 00:20:52 +0800
To: Steve Capell <steve.capell@gmail.com>
Cc: Arshad Noor <arshad.noor@strongkey.com>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Message-ID: <720c4992-c513-1dde-45b3-dbfba6ae3589@itr8.com>
Steve,

Thanks for reading the paper we wrote.

The article was written before OpenCerts 2.0 was released, and many 
things were missing, like the DNS check. Arshad was asking why the 
OpenAttestation came about.  I was trying to add some context and 
pointing out that many other governments might do the same thing.

Regards, Bill Claxton (williamc@itr8.com <mailto:williamc@itr8.com>)
Facebook, Skype, MSN, Yahoo, Twitter, Flickr or Gmail: wmclaxton
Voice, Text or Whatsapp: +65-9012-4327

On 12/21/2020 11:19 PM, Steve Capell wrote:
> Interesting article bill
>
> May well be correct for the use case you describe of Singapore’s 
> education system.  But I think it needs to be updated to reflect 
> current state for our cross border use:
> - you talk about a central register of approved issuers, but there is 
> no managed register of issuer identities.  The issuer ID is linked to 
> their DNS.  abf.gov.au for example, which obviously needed no approval 
> from Singapore
> - you say that the certificate is stored in free text, but actually it 
> is symmetrically encrypted using a one time password
>
> One interesting question is how the subject (not the issuer) is 
> identified.  Not a DID. Actually just a public domain identifier like 
> a business registration number. I guess this is one of the core 
> differences between open attestation and VCs.  I think this goes to 
> the use case for tyres things in international trade. Unlike a VC 
> style bearer token where the presenter is almost always the subject, 
> these are rather more transactional credentials (eg a certificate of 
> origin about a consignment of goods from an exporter) where the 
> presenter is often (usually) not the subject.  Eg a certificate of 
> origin pathway is issuer (chamber) -> subject (exporter) -> freight 
> forwarder -> importer -> customs broker -> verifier (importing customs 
> agent).  I don’t know (but willing to learn) how you’d practically 
> make this work if each party in the chain needed to verify DIDs
>
> Cheers
>
>
> Steven Capell
> Mob: 0410 437854
>
>> On 21 Dec 2020, at 11:26 pm, Bill Claxton <williamc@itr8.com> wrote:
>>
>>  Arshad,
>>
>> OpenAttestation was an underlying component of OpenCerts. You may 
>> find this paper 
>> <https://github.com/WebOfTrustInfo/rwot9-prague/blob/master/topics-and-advance-readings/Decentralising%20OpenCerts%20v2.md> 
>> that I co-wrote provides some history and establishes the rationale 
>> for creating it, and why we felt that many governments would do the 
>> same thing.  A lot of the recommendations in that paper have since 
>> been implemented and, as Steve said, there are plans to better align 
>> with the VC data model and use of DIDs.
>>
>> The main page for OpenCerts <http://opencerts.io/> uses an .io top 
>> level domain. Not sure about the choice of .com over .org for 
>> OpenAttestations.
>>
>> Regards, Bill Claxton (williamc@itr8.com <mailto:williamc@itr8.com>)
>> Facebook, Skype, MSN, Yahoo, Twitter, Flickr or Gmail: wmclaxton
>> Voice, Text or Whatsapp: +65-9012-4327
>>
>> On 12/21/2020 9:45 AM, Arshad Noor wrote:
>>> I'm not sure I understand Steve.
>>>
>>> The home page says "OpenAttestation is an open-sourced framework to 
>>> notarise documents using the blockchain." But, I don't see any 
>>> white-paper anywhere on:
>>>
>>> - The business problem it solves; or
>>> - Why existing schemes/technology do not solve the problem that 
>>> necessitates the use of a new framework.
>>>
>>> Does such a white-paper exist?
>>>
>>> Thanks.
>>>
>>> Arshad
>>>
>>> P.S. Curious that an "open" framework would choose to publish its 
>>> content on a commercial .com domain rather than the traditional top 
>>> level domain for open-source projects: .org.
>>>
>>>
>>> On 12/19/20 1:59 PM, Steve Capell wrote:
>>>> https://www.openattestation.com/ <https://www.openattestation.com/>
>>>>
>>>> Used by
>>>>
>>>> https://www.tradetrust.io/ <https://www.tradetrust.io/> (A 
>>>> Singapore government site)
>>>>
>>>> And by
>>>>
>>>> https://igl.trade.np.cp1.abf.gov.au/ 
>>>> <https://igl.trade.np.cp1.abf.gov.au/> (Au government - beta trial 
>>>> only)
>>>>
>>>> Part of a UN collaboration described here 
>>>> https://uncefact.unece.org/pages/viewpage.action?mobileBypass=true&spaceKey=uncefactpublic&title=Cross+border+Inter-ledger+exchange+for+Preferential+CoO+using+Blockchain 
>>>> <https://uncefact.unece.org/pages/viewpage.action?mobileBypass=true&spaceKey=uncefactpublic&title=Cross+border+Inter-ledger+exchange+for+Preferential+CoO+using+Blockchain> 
>>>>
>>>>
>>>>
>>>>
>>>> Steven Capell
>>>> Mob: 0410 437854
>>>>
>>>>> On 19 Dec 2020, at 11:51 pm, Arshad Noor 
>>>>> <arshad.noor@strongkey.com> wrote:
>>>>>
>>>>> What is this protocol, Steve? A search does not identify the 
>>>>> protocol uniquely: 
>>>>> https://duckduckgo.com/?t=ffab&q=singapore+open+attestation+protocol&ia=web
>>>>>
>>>>> Thanks.
>>>>>
>>>>> Arshad Noor
>>>>> StrongKey
>>>>>
>>>>> On 12/19/20 4:25 AM, Steve Capell wrote:
>>>>>> In our international trade domain I can’t think of a use case 
>>>>>> where we don’t need notarised and revocable credentials - things 
>>>>>> that don’t get much of a mention in the w3c specs.  It’s why we 
>>>>>> use the Singapore open attestation protocol
>>>>>> Steven Capell
>>>
>>
Received on Monday, 21 December 2020 16:21:16 UTC