W3C home > Mailing lists > Public > public-credentials@w3.org > March 2022

Re: Can CHAPI survive Big Tech? (was Re: Centralization dangers of applying OpenID Connect to wallets protocols)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Sun, 27 Mar 2022 17:50:02 -0400
To: public-credentials@w3.org
Message-ID: <38e1e842-2dee-b232-3494-4551bc1e0400@digitalbazaar.com>
On 3/27/22 4:33 PM, Snorre Lothar von Gohren Edwin wrote:
> A quick follow up question, chapi cannot work, unless the party doing 
> issuance or verification adds the polyfill it to their webpage?

Yes, that is correct. The same is true for any "Login with..." solution -- you
have to load Javascript to do anything with CHAPI, OIDC, or even DIDCommv2 on
the web today.

> Or go via a proxy web page provided by the solution provider for their
> issuance or verification software?

Hrm, there is no redirect proxying in CHAPI -- it leads to a bad UX.

> Or is it something im missing?

Doesn't sound like you're missing anything, but these links might help...

Video examples of CHAPI features here:

https://github.com/digitalbazaar/credential-handler-polyfill#features

Including CHAPI on a website (your question above) is one line of Javascript:

https://github.com/digitalbazaar/credential-handler-polyfill#install

Getting a Verifiable Credential is a few lines:

https://github.com/digitalbazaar/credential-handler-polyfill#get

Requesting the storage of a VC is a one-liner:

https://github.com/digitalbazaar/credential-handler-polyfill#store

Hope that helps, Snorre.

-- manu

-- 
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
News: Digital Bazaar Announces New Case Studies (2021)
https://www.digitalbazaar.com/
Received on Sunday, 27 March 2022 21:50:17 UTC

This archive was generated by hypermail 2.4.0 : Sunday, 27 March 2022 21:50:18 UTC