Re: VC HTTP Authorization Conversation

SecureKey and Mattr both have conformant implementations that were most 
or all of the way to conformance *before* their SVIP contract was 
awarded or even applied for; like Mike's company, they work at scale and 
have been working in good faith to reconcile the API-to-API 
architectures of today's software landscape with self-determination and 
direct control of data flow by end-consumers.  Spruce, which has never 
been awarded a contract with SVIP or BC Gov, has an open-source 
implementation that conforms to the VC-HTTP-API and passes the test 
suite; I believe Dock.io is also in the latter category, or at least was 
at the first plug-a-thon.  There are probably other companies in the 
same boat, regardless of whether or not they've PR'd test results into 
the public repo for all to see.

Thanks,
__juan

On 6/10/2021 5:54 PM, Mike Prorock wrote:
>
> It's my impression that all of the 8 implementations were built on the 
> basis of DHS as the sole issuer and customer. In some cases, BC Gov 
> was another issuer / customer beyond the control of the subjects.
>
> We are issuing VCs for use and verification by other customers outside 
> the DHS space fyi, primarily in use for record keeping of chemical 
> applications in agricultural settings, as well as to enable our 
> customers to record verifiable field sample and observation data, and 
> provide chain of custody on biological samples.  These use cases 
> predate any of our work with DHS, and in all cases, all transport is 
> done over TLS with OAuth 2.
>
> Michael Prorock
> CTO, Founder
> mesur.io <http://mesur.io>
>
>
>     It's my impression that all of the 8 implementations were built on
>     the basis of DHS as the sole issuer and customer. In some cases,
>     BC Gov was another issuer / customer beyond the control of the
>     subjects.
>