Re: Multi-sig credentials? from Leonard Rosenthol on 2020-07-13 (public-credentials@w3.org from July 2020)

From: Leonard Rosenthol <lrosenth@adobe.com>
Date: Mon, 13 Jul 2020 17:00:01 +0000
To: "dzagidulin@gmail.com" <dzagidulin@gmail.com>, Keerthi Thomas <thomas.keerthi@gmail.com>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Message-ID: <1480B13E-E063-4B3A-A7AF-694B7117AFF2@adobe.com>

One other piece that the current approach of PDF signatures achieves for you, that VC’s current model doesn’t address, is the ability for those individual parties to sign *different things* and have the signatures directly connected to the relevant portions.   This is important in parallel signature workflows such as two partners/spouses signing a property purchase agreement or a lease where neither is necessary signing the other person’s signature.  This differs from the case where you have a notary (or equivalent) that is signing “over” previous signatures.

In that context, not only do we have the issues raised by Dmitri and the VC data model and Daniel about DID’s, but you also may have to address issues with the canonicalization of the data format being signed (eg. JSON/JSON-LD).

Leonard

From: Dmitri Zagidulin <dzagidulin@gmail.com>
Reply-To: "dzagidulin@gmail.com" <dzagidulin@gmail.com>
Date: Monday, July 13, 2020 at 11:45 AM
To: Keerthi Thomas <thomas.keerthi@gmail.com>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Subject: Re: Multi-sig credentials?
Resent-From: <public-credentials@w3.org>
Resent-Date: Monday, July 13, 2020 at 11:43 AM

Hi Keerthi,

As Daniel mentioned, this is an important question, and has come up several times. Here are my thoughts on it, on the vc-data-model issue - https://github.com/w3c/vc-data-model/issues/741#issuecomment-626977331<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fw3c%2Fvc-data-model%2Fissues%2F741%23issuecomment-626977331&data=02%7C01%7Clrosenth%40adobe.com%7Ce6bdbd7800ce4da7148408d82743c867%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637302519374373818&sdata=cBWoPEpzjaTtIuEPSNDrZxmAJB%2FuXQn04zU4wGK0%2FJo%3D&reserved=0>

On Mon, Jul 13, 2020 at 11:01 AM Keerthi Thomas <thomas.keerthi@gmail.com<mailto:thomas.keerthi@gmail.com>> wrote:
Hello everyone,

I thought this community might be able to provide some direction. I am still on the learning curve, apologies if I missed some earlier work done by yourselves.

I am currently working on a problem which I think may have already been solved, I would appreciate it if you can kindly point me in the right direction.

I understand and I have previously built POCs using Hyperledger Indy/Aries that allows for verifiable credentials to be issued by a single party (issuer). The question is, how do we issue verifiable credentials issued by multiple-parties?

Contracts and other legal documents are sometimes signed between multiple (more than two) parties. In a paper based approach, it is relatively straightforward, signatures are obtained serially.  A similar approach is adopted in electronic signing where copies of PDF are signed serially, internally, the system generates a 'certificate of completion' which captures metadata for legal purposes.

In the real-estate use-case I am currently working on similar 'certificate of completion' to hold multiple cryptographic signatures of contracting parties over an digital artifact i.e. 'smart legal contract' (for simplicity, consider the artifact as a file containing some text and source code before they are deployed on a DLT or VM). I was thinking the SSI + VC model could be appropriate for this 'certificate of agreement or completion' but I am happy to hear your thoughts and suggestions.

Many thanks in advance.

Best wishes,
Keerthi Thomas

Received on Monday, 13 July 2020 17:00:21 UTC