HTTP-Signatures - was: Roadmap: Verifiable Trust Standards from Henry Story on 2021-03-08 (public-credentials@w3.org from March 2021)

From: Henry Story <henry.story@gmail.com>
Date: Mon, 8 Mar 2021 16:45:39 +0100
To: Manu Sporny <msporny@digitalbazaar.com>
Cc: W3C Credentials CG <public-credentials@w3.org>
Message-Id: <B10400D6-43E2-4021-BE24-036E6A18D663@gmail.com>

Hi Manu,

 Thanks for the very helpful overview of the work done
by the Credentials CG in [1]. That and the book "Self Sovereign Identity"
is helping me get a much better overview of where things are
standing at present.

   I noticed in your slides a row for HTTP Signatures.
Where is the work on the authentication part of draft-cavage-*
now going on?

I ask because it fits in very nicely with the Solid project use case
as it is allows for very efficient per-resource authentication.

I describe the Solid use case and how we could use draft-cavage-*,
Credentials, Wallets and DIDs to tie in efficiently with an extended
attribute based Web Access Control here

https://github.com/solid/authentication-panel/blob/main/proposals/HttpSignature.md

I implemented something similar based on your spec 4-5 years or so ago, and want
to implement something like what is described in the above document again in a
few weeks  as part of the EU funded project https://nlnet.nl/project/SolidControl/

But as far as possible I’d like to tie into the right communities, to avoid
duplicating work, or straying necessarily from work already done, so far as
our use case allows it.

So for example I just noticed that the old spec had Signature Authentication method
in the header but I used ”HttpSig”. Where can I go to work out what the right thing
to do is?

Henry Story
https://co-operating.systems/

[1] https://us02web.zoom.us/rec/play/_cYGaKjN5roIVQAML4apmS30THJm8_XC0HYPwmVKjWuBoFOiqGtBgBApiBf3wJW1aT-yoUrC6ECfeoQF.T7KMoGqxJU81XinM

> On 28 Feb 2021, at 02:02, Manu Sporny <msporny@digitalbazaar.com> wrote:
> 
> Hi all,
> 
> Our roadmap[1] was looking a little dated, so I took the opportunity to try
> and update it. The attached diagram is every specification that this group
> is/has been responsible for or had a hand in shepherding in some way. Each
> item has a handwavy progress bar associated with it.
> 
> I'm sure I missed something -- what'd I miss?
> 
> -- manu
> 
> [1] https://w3c-ccg.github.io/roadmap/diagram.html
> 
> PS: The raw data used to generate the image is attached if others that are
> better at data visualization want to take a crack at it.
> 
> --
> Manu Sporny - https://www.linkedin.com/in/manusporny/
> Founder/CEO - Digital Bazaar, Inc.
> blog: Veres One Decentralized Identifier Blockchain Launches
> https://tinyurl.com/veres-one-launches
> <VerifiableTrustStandards.png><VerifiableTrustStandards.xlsx>

Received on Monday, 8 March 2021 15:45:58 UTC