Re: Verifiable Credential Refresh 2021 from Manu Sporny on 2022-01-04 (public-credentials@w3.org from January 2022)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Tue, 4 Jan 2022 10:07:27 -0500
To: public-credentials@w3.org
Message-ID: <28e29845-e358-c7eb-8175-c10378898d74@digitalbazaar.com>

On 1/3/22 4:03 PM, Adrian Gropper wrote:
> I hope DHS policy acknowledges the importance of separation of possession
> from consent and does not take away a subject's right to decide whether
> control of a VC can be exercised independently of possession. Even if DHS
> disagrees, it's still imperative that their reasoning and the conversation
> about this be carried out in a thorough and public fashion in order to
> build public confidence in digital credentials at scale.

Adrian, I'm going to provide some input that is to be interpreted as "general
thoughts" and not as necessarily applying to the PRC use case.

Anil has already explained that, in it's modern form, paper-based delegation
exists today, has existed for many decades, and will continue to exist even
when digital credentials become an option.

To add to that, you can do programmatic delegation with all of the APIs that
are being developed in CCG using ZCAPs (or GNAP, or OAuth). A Holder can
delegate access to key material (WebKMS), they can delegate access to Issuer
infrastructure that they control (VC-API), they can delegate access to
Verifier infrastructure that they control (VC-API), and they can delegate
access to Holder infrastructure that they control (VC-API). The question of
how one does programmatic delegation is orthogonal and layered, as it should be.

However, to get to a global standard for programmatic delegation, we need to
put the next layer in place, which is the Data Integrity work in the W3C
Verifiable Credentials 2.0 Working Group. :

https://pr-preview.s3.amazonaws.com/w3c/vc-wg-charter/pull/37.html#deliverables

All that to say, we're working towards new global standards for programmatic
delegation (ZCAPs, GNAP), and supporting programmatic delegation through
OAuth2 today. If you want to do paper-based delegation, that will continue to
be possible for the foreseeable future for Issuers that provide paper-based
credentials.

-- manu

-- 
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
News: Digital Bazaar Announces New Case Studies (2021)
https://www.digitalbazaar.com/

Received on Tuesday, 4 January 2022 15:07:43 UTC