- From: Nikos Fotiou <fotiou@aueb.gr>
- Date: Thu, 1 Apr 2021 19:17:44 +0300
- To: David Chadwick <D.W.Chadwick@kent.ac.uk>
- Cc: public-credentials@w3.org
- Message-Id: <486FB023-8591-44B8-B5AE-DB051F780A9B@aueb.gr>
This is what I understood. But then I read more carefully this https://www.w3.org/TR/vc-data-model/#json-web-token and I am wondering if something like the following makes sense: https://gist.github.com/nikosft/d593202f4d16aaa1f94c06fdd99729c5 Best, Nikos -- Nikos Fotiou - http://pages.cs.aueb.gr/~fotiou Researcher - Mobile Multimedia Laboratory Athens University of Economics and Business https://mm.aueb.gr > On 1 Apr 2021, at 7:07 PM, David Chadwick <D.W.Chadwick@kent.ac.uk> wrote: > > By Oauth "client" key you actually mean the subject's (in VC terminology) public key. Thus the subject ID is the natural place to put this. Using a DID as the subject's ID is either a direct or indirect way of referencing the subject's public key. So all VCs do this. > > Kind regards > > David > > On 01/04/2021 15:38, Nikos Fotiou wrote: >> The exact use case is an OAuth 2.0 Authorization Server that issues JWTs that include the "client" public keys. For a number of reasons we want to replace these JWTs with VCs, but we cannot find a straightforward way to include the "client" key in the VC. >> >> Best, >> Nikos >> -- >> Nikos Fotiou - >> http://pages.cs.aueb.gr/~fotiou >> >> Researcher - Mobile Multimedia Laboratory >> Athens University of Economics and Business >> >> https://mm.aueb.gr >> >> >> >>> On 1 Apr 2021, at 5:34 PM, Adrian Gropper <agropper@healthurl.com> >>> wrote: >>> >>> @Nikos Fotiou You seem to be describing the authorization use-case based on VCs. This is reasonable and has been extensively discussed already but I'm having a hard time remembering which thread. >>> >>> - Adrian >>> >>> On Thu, Apr 1, 2021 at 10:20 AM Nikos Fotiou >>> <fotiou@aueb.gr> >>> wrote: >>> Hi, >>> >>> The VC includes a list of "IoT devices" that a "user" can access. The subject is the "user" and each "user" can be authenticated by a public key. We do not want the VC to be used as a bearer token. >>> >>> Best, >>> Nikos >>> -- >>> Nikos Fotiou - >>> http://pages.cs.aueb.gr/~fotiou >>> >>> Researcher - Mobile Multimedia Laboratory >>> Athens University of Economics and Business >>> >>> https://mm.aueb.gr >>> >>> >>> >>>> On 1 Apr 2021, at 4:57 PM, Manu Sporny <msporny@digitalbazaar.com> >>>> wrote: >>>> >>>> On 4/1/21 7:56 AM, Nikos Fotiou wrote: >>>> >>>>> I find the latter approach "cleaner" but I am not sure if it is correct. >>>>> Any opinion? >>>>> >>>> Could you elaborate more on the use case, Nikos? >>>> >>>> What are you trying to express with the VC? That might help us answer your >>>> question with more specific guidance. >>>> >>>> Note that a DID Document is one example of a data structure that does what >>>> you're trying to do. >>>> >>>> Have you considered the type of relationship between the subject and the >>>> public key? Or is the VC subject the public key? >>>> >>>> -- manu >>>> >>>> -- >>>> Manu Sporny - >>>> https://www.linkedin.com/in/manusporny/ >>>> >>>> Founder/CEO - Digital Bazaar, Inc. >>>> blog: Veres One Decentralized Identifier Blockchain Launches >>>> >>>> https://tinyurl.com/veres-one-launches >>>> >>>> >>>> >>>>
Attachments
- application/pkcs7-signature attachment: smime.p7s
Received on Thursday, 1 April 2021 16:18:02 UTC