- From: Guillaume <gjgd+transmute@protonmail.com>
- Date: Fri, 24 Jan 2020 14:22:07 +0000
- To: Adrian Gropper <agropper@healthurl.com>
- Cc: W3C Credentials Community Group <public-credentials@w3.org>
- Message-ID: <5sRLhU9dJdpZHNVl57eNutiAWSB0ioPRQSMJl2utuAAtSYZijebJGXaGDhP3D0Y9MrIqLUrUYqqOaLT>
Hi Adrian, We've made two drawings in order to illustrate what you're saying. Let me know if those don't represent it accurately Case 1: https://docs.google.com/drawings/d/1ou7N6NHii1AQ-LsNZ3IBZUo8AdOhzjY-nn3bFOJ3hnQ/edit?usp=sharing Case 2: https://docs.google.com/drawings/d/1G2KHEnze5W9teFWS0nL0LU_Etqx8D48NU4fM4ZbDcgA/edit?usp=sharing So is what you're saying that Case 2 would facilitate interop efforts because user agents (Alice and Bob) would only need to know how to talk to the proxy agent (aka EDV agent, aka the service that is in between Alice and Bob in drawing 2), without creating an EDV themselves? ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Friday, January 24, 2020 12:09 AM, Adrian Gropper <agropper@healthurl.com> wrote: > Transmute's recent post about EDV https://medium.com/transmute-techtalk/encrypted-data-vaults-c794055b170e prompts a possible thought experiment. > > Is this a useful way for us to reconcile interoperability among use-cases where the DID subject does or does not control the EDV and the client connecting to the EDV? > > Case 1 > > - > > Alice gets an EDV agent. > > - > > Alice gets an EDV with Service1. > > - > > Alice has a way, via her agent, to share a doc in Service1 with Bob via Bob’s agent. > > - > > Alice uses her agent to move the doc from Service1 to EDV Service2. > > Case 2 > > - > > Alice gets an agent that’s compatible with EDV agents. Alice has no EDV accounts. > > - > > Service1 gets an EDV agent. > > - > > Service1 gets an EDV with Service3. > > - > > Alice has a way, to “register” her agent with Service1’s EDV agent. > > - > > Alce has a way, via her agent, to share a doc in Service3 with Bob via Bob’s agent. > > - > > Bob’s agent gets a capability from Alice’s agent. > > - > > Bob’s agent brings the capability to Service1 EDV agent, gets a capability. > > - > > Bob’s agent gets the document from Service3. > > Differences between Case 2 and 1 > > - > > Alice’s agent has no relationship with the EDV itself. > > - > > Alice’s agent can interoperate with an EDV agent. > > - > > Alice’s agent can register with the EDV agent (using a DID). > > - > > Alice’s agent can issue a capability to Bob’s agent. > > Case 1 and 2 are document-based and have no scoping issues. Other cases would add a scope to Bob’s capability. > > In both case 1 and 2 Bob’s agent (capable of interacting with Alice’s agent) may be different from Bob’s client, which actually connects to the EDV, which is controlled by someone other than Bob. > > -Adrian
Received on Friday, 24 January 2020 15:18:41 UTC