RE: Cross border identity use case - which did methods?

Nick: I don’t know about scalability of PEP. There is a web-site<https://pep.cs.ru.nl/>, that says it has been used in the health-care sector. The software is publicly available<https://gitlab.pep.cs.ru.nl/pep-public/user-docs/-/wikis/home>. They have contact points in case you have further questions.

From: Nick Meyne <nick@resonate.coop>
Sent: woensdag 9 maart 2022 12:41
To: Joosten, H.J.M. (Rieks) <rieks.joosten@tno.nl>
Cc: steve.capell <steve.capell@gmail.com>; joe <joe@legreq.com>; public-credentials <public-credentials@w3.org>
Subject: RE: Cross border identity use case - which did methods?


Steve,

Thanks for the thread!

Is it possible to separate out the requirement for reliable identification and authentication of actors ('nodes') from the sharing of the data about the supply/service chain itself  ('links')?

As you say, VC's and underlying trust anchors might otherwise become 'overloaded' with chains of transactional data.

If I have understood it correctly, if we followed Rieks' suggestion we might have an 'ecosystem' resource of more value, especially if it were structured to be accessible in a more navigable form, with an ontology of some kind.  Example: https://www.valueflo.ws/



Rieks,

Thanks for the slides!  Do you have any information about the scalability of such an approach...  at say, supply chain or retail ecosystem volumes?

Joe,

"In general, firms don't want competitors to see the movement of  goods through the firm's channels"

There are some ecosystems (e.g. co-operatively governed ones) where this isn't necessarily required... in fact the opposite is sometimes encouraged.  However, I guess fine-grained privacy controls are of course necessary if the ecosystem is to be comprehensive.

Nick



---- On Wed, 09 Mar 2022 07:24:55 +0000 rieks.joosten@tno.nl<mailto:rieks.joosten@tno.nl> wrote ----
Perhaps the ideas behind Polymorphic Encryption and Pseudonymisation<https://www.semanticscholar.org/paper/Polymorphic-Encryption-and-Pseudonymisation-for-Verheul-Jacobs/a5ecb2f8a3b57bbfe310edabc01f435238a5c929> may be relevant here. They have some summarizing slides<https://redasci.org/wp-content/uploads/2017/02/pep-informal.pdf>.
Rieks

From: Steve Capell <steve.capell@gmail.com<mailto:steve.capell@gmail.com>>
Sent: woensdag 9 maart 2022 08:11
To: Joe Andrieu <joe@legreq.com<mailto:joe@legreq.com>>
Cc: Credentials Community Group <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: Re: Cross border identity use case - which did methods?

“If you need correlatable identifiers for particular points in the transaction, put that in a VC (with a unique nonce), put a hash of the VC on chain, and send the VC separately.”



Could you unpack that a bit?



It’s the exporter (did) that needs to prove their identity using a VC issued by a trusted authority (eg a trust anchor such a government) that confirms the DID == public identity. Then the exporter DID issues a trae document such as an invoice



If the exporter DID is ephemeral then the authority issued VC is equally ephemeral because you need a new one for every ephemeral DID.  I’m not sure that the trust anchor will be keen to support that volume of VCs.



Or am I missing something in your flow ?

Steven Capell
Mob: 0410 437854

On 9 Mar 2022, at 1:26 pm, Joe Andrieu <joe@legreq.com<mailto:joe@legreq.com>> wrote:
. If you need correlatable identifiers for particular points in the transaction, put that in a VC (with a unique nonce), put a hash of the VC on chain, and send the VC separately.

This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. TNO accepts no liability for the content of this e-mail, for the manner in which you use it and for damage of any kind resulting from the risks inherent to the electronic transmission of messages.