Overview of First Three #RWOT11 Papers from Christopher Allen on 2022-12-23 (public-credentials@w3.org from December 2022)

From: Christopher Allen <ChristopherA@lifewithalacrity.com>
Date: Thu, 22 Dec 2022 19:17:23 -0800
To: Credentials Community Group <public-credentials@w3.org>
Message-ID: <CACrqygBQB7+1jTvnQ9p-XRR9rxi2791QEw8r_p1k5npVm4dsZQ@mail.gmail.com>

Our 11th Rebooting Web of Trust collaborative workshop recently finished in
The Hague. Our goal is always to gather together experts in their fields
and facilitate their creation of white papers that will help to advance the
goals of decentralized identity on the internet.

We've had three papers finalized from #RWOT11, and I wanted to summarize
them for folks here who might be interested:

VERIFIABLE ISSUERS & VERIFIERS
https://github.com/WebOfTrustInfo/rwot11-the-hague/blob/master/final-documents/verifiable-issuers-and-verifiers.pdf

by Manu Sporny, Oskar van Deventer, Isaac Henderson Johnson Jeyakumar,
Shigeya Suzuki, Konstantin Tsabolov, Line Kofoed, and Rieks Joosten

This paper attacks the old problem of "trusted registries". How do you know
who to trust as the issuers of credentials? It answers that by discussing
the creation of lists of both Verifiable Issuers and Verifiable Verifiers.
It's that latter issue that may be the most innovative, because a
Verifiable Verifier list can tell us what credentials someone should be
able to request. A police officer demands *all* of your credentials? The
Verifiable Verifiers List can automatically say no!

LINKING CREDENTIALS WITH DATA EXCHANGE AGREEMENTS THROUGH SECURED INCLUSIVE
INTERFACES
https://github.com/WebOfTrustInfo/rwot11-the-hague/blob/master/final-documents/data-exchange-agreements-with-oca.pdf

by Lal Chandran, Lotta Lundin, Fredrik Lindén, Philippe Page, Paul Knowles,
Víctor Martínez Jurado, and Andrew Slack

A review of the classic patient/prescription use case, but with a new look
at problems such as accessibility and cross-border jurisdictions. It also
outlines how the DEXA and OCA protocols can contribute to scalable solutions

TAKING OUT THE CRUD: FIVE FABULOUS DID ATTACKS
https://github.com/WebOfTrustInfo/rwot11-the-hague/blob/master/final-documents/taking-out-the-crud-five-fabulous-did-attacks.pdf

by Shannon Appelcline, Kate Sills, Carsten Stöcker, and Cihan Saglam

A discussion of the opaqueness of DID designs and a look at five specific
and interesting DID attacks based in the CRUD life cycle: The DID Creation
Switcheroo; The Poop-Emoji DID Doc; Don't Talk about Fight Club (unless you
want to compare DIDs); Harmer in the Dwell Latency Attack; and The
Dishonorable DID Deletion. (The last has already led to an update for
did:ethr).

There will be more papers coming out over the next months.

We plan our next collaborative workshop for Fall 2023, however we have not
finalized a location.

Sign up for the RWOT mailing list to gather with your peers, receive
announcements of papers, participate in our monthly online open office hours,
or get details about future workshops:

https://www.weboftrust.info/subscribe/


— Christopher Allen

Received on Friday, 23 December 2022 03:17:48 UTC