- From: Snorre Lothar von Gohren Edwin <snorre@diwala.io>
- Date: Mon, 4 Jul 2022 08:28:48 +0200
- To: Harrison <harrison@spokeo.com>
- Cc: Brent Shambaugh <brent.shambaugh@gmail.com>, Credentials Community Group <public-credentials@w3.org>, David Chadwick <d.w.chadwick@truetrust.co.uk>
- Message-ID: <CAE8zwO0T2269UmQcFQ4qDAugbpPFr+FVfyXiz=5WGQ6XCrXayQ@mail.gmail.com>
Is this being thought of as too complicated? I assume that when someone wants to issue a credential to someone, there has to be an identifying step of some sorts. What we plan to try out is that the person who issues, has knowledge about something about the holder they are to issue to, if it is some important things. They can then set a criteria that the holder has to prove before the issuance happens. This might be out of any spec or anything. But the thought is that you read an issuance request, and to be able to accept it you have to prove that you hold a certain VC, "drivers license", and that matches their known value? Does anything have to be chained here? Or just a ping pong of credentials? ᐧ On Sun, Jul 3, 2022 at 11:39 PM Harrison <harrison@spokeo.com> wrote: > Just curious: I can imagine that some Issuers would want to check the > authenticity of the Holder (i.e. making sure that the Holder is who they > say they are) before issuing a credential. Otherwise, anyone can claim > that they are Tom Cruise and get his credentials. What do we do in this > case? > > In this scenario, I can imagine that the Holder has a special, "soulbound" > (i.e. non-transferable), and secure-enclave-like credential that includes > authentication factor information like SMS OTP and/or hashed biometric > tokens, and then the Issuer can check against this special authenticator > credential before deciding whether to issue a credential to the Holder or > not (i.e. credential chaining). This problem has probably come up before, > and does the high-level concept above make sense? Or is there a better > alternative? > > Sincerely, > Harrison > > > > On Sat, Jul 2, 2022 at 12:31 PM Brent Shambaugh <brent.shambaugh@gmail.com> > wrote: > >> Thank you all. I believe this is what I had in mind. It is sort of like >> maintaining state with verifiable credentials. You cannot do this unless >> you've done this. Prerequisites. I'll chew on this like manna from heaven. >> >> >> -Brent Shambaugh >> >> GitHub: https://github.com/bshambaugh >> Website: http://bshambaugh.org/ >> LinkedIN: https://www.linkedin.com/in/brent-shambaugh-9b91259 >> Skype: brent.shambaugh >> Twitter: https://twitter.com/Brent_Shambaugh >> WebID: http://bshambaugh.org/foaf.rdf#me >> >> >> On Thu, Jun 30, 2022 at 3:43 AM David Chadwick < >> d.w.chadwick@truetrust.co.uk> wrote: >> >>> Yes. We have implemented this following the UK Power of Attorney model, >>> where one person (the attorney) can obtain the VC of another person (the >>> donor) who has become incapacitated. The attorney must possess a PoA VC >>> first and present it to the issuer of the donor's account. >>> >>> Kind regards >>> >>> David >>> On 29/06/2022 17:33, Brent Shambaugh wrote: >>> >>> Is there such a thing as credentials that can only be issued if the >>> holder already has a particular credential? >>> >>> -- >>> -Brent Shambaugh >>> >>> GitHub: https://github.com/bshambaugh >>> Website: http://bshambaugh.org/ >>> LinkedIN: https://www.linkedin.com/in/brent-shambaugh-9b91259 >>> Skype: brent.shambaugh >>> Twitter: https://twitter.com/Brent_Shambaugh >>> WebID: http://bshambaugh.org/foaf.rdf#me >>> >>> -- *Snorre Lothar von Gohren Edwin* Co-Founder & CTO, Diwala +47 411 611 94 www.diwala.io <http://www.diwala.io/> *Stay on top of Diwala news on social media! **Facebook <https://www.facebook.com/diwalaorg>** / **LinkedIn <https://www.linkedin.com/company/diwala>** / **Instagram <https://www.instagram.com/diwala_/>** / **Twitter <https://twitter.com/Diwala>*
Received on Monday, 4 July 2022 06:29:13 UTC