- From: Daniel Hardman <daniel.hardman@evernym.com>
- Date: Tue, 18 Feb 2020 11:52:30 -0700
- To: Joe Andrieu <joe@legreq.com>
- Cc: Credentials Community Group <public-credentials@w3.org>
- Message-ID: <CAFBYrUp_2JNwu7d_jqu5drvj-vRUrgg+c7M=kHGzTZMs0dVYRg@mail.gmail.com>
FWIW, I would like to offer the following alternative perspective to the ideas in Joe's slides. 1. Credentials can be made delegatable, and they can be attenuated. This collapses the most interesting differences between credentials and capabilities, making a special new data format for capabilities unnecessary. Capabilities can be done with VCs (any type that's W3C-data-model-compliant). 2. The problem of extending privileges (delegation and attenuation) is actually a special case of the more general problem of data provenance. Delegation just requires that we show the provenance of privileges (did these privileges derive from someone who had them to give away?). But solving the data provenance problem has additional far-reaching benefits (a small employer can prove the provenance of data that they collected from an employee, that originated in a passport -- and the assurance associated with the employment credential, for those attributes, can be as strong as it was for data directly from the passport itself, instead of being governed by whatever trust someone might be inclined to give to the small and unfamiliar employer). This is discussed at length in Aries RFC 0104: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0104-chained-credentials/README.md On Tue, Feb 18, 2020 at 11:06 AM Joe Andrieu <joe@legreq.com> wrote: > Here's a link to the powerpoint for today's tech talk. > > > https://github.com/w3c-ccg/meetings/blob/gh-pages/2020-02-18/credentials_and_capabilities.pptx?raw=true > > -j > > -- > Joe Andrieu, PMP > joe@legreq.com > LEGENDARY REQUIREMENTS > +1(805)705-8651 > Do what matters. > http://legreq.com <http://www.legendaryrequirements.com> > > >
Received on Tuesday, 18 February 2020 18:52:55 UTC