W3C home > Mailing lists > Public > public-credentials@w3.org > March 2021

Re: The SSI protocols challenge [Was]: W3C DID Core 1.0 enters Candidate Recommendation stage

From: George Lund <george.lund@digital.cabinet-office.gov.uk>
Date: Mon, 22 Mar 2021 12:43:35 +0000
Message-ID: <CAAYH0CVPfxp+9nvV0co51OPMrqQ=eTYXin6Rw1CiuhybyWH-Ew@mail.gmail.com>
To: Steve Capell <steve.capell@gmail.com>
Cc: David Chadwick <D.W.Chadwick@kent.ac.uk>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Seeing as DVLA got mentioned, it's maybe not too much of a shoe-horn to
discuss a specific example of how driving license data might be helpful in
a VC identity world...

(Noting that while a driving license is proof of a particular person's
eligibility to drive, it is not properly in its own right a form of ID. And
certainly it isn't a digital identity....)

A DVLA service that can issue a credential that says "I have checked and
bound authenticator X to a driving license previously issued by us to
subject A" is a very useful component in a distributed system, and those
credentials form a useful _part_ of a digital identity. Several such checks
can give us confidence in X being useful as a digital identity, if taken
together they give us enough confidence that the user at the keyboard
really is subject A.

If it turns out that credential was issued wrongly (eg due to fraud) then
we do need to be able to revoke it, and VC's support that. But the
credential can exist independently and it's up to relying parties to follow
a policy on checking for revocation according to their risk profile.

It might very likely have been issued in such a way that people relying on
that credential can only find out that a certain kind of document check has
been performed. Those RPs might not even be able to tell that the user is
legally allowed to drive, if the purpose for generating the credential was
as part of creating a non-anonymous reusable identity rather than for
driving checks.

However I'm not yet 100% clear how much we need the properties of DIDs in
order to achieve this kind of use case (I suspect it is essential, but some
comments in this thread make me wonder). Might be asking for some help
about that :-)


(NB: I'm not speaking for DVLA (or any part of HMG) here, just discussing
some possibilities.)

George




-- 
George Lund
Technical Architect
Digital Identity Programme
Government Digital Service
Received on Monday, 22 March 2021 12:44:04 UTC

This archive was generated by hypermail 2.4.0 : Monday, 22 March 2021 12:44:04 UTC