Re: FW: Selective Disclosure for W3C Data Integrity from Greg Bernstein on 2023-06-15 (public-credentials@w3.org from June 2023)

From: Greg Bernstein <gregb@grotto-networking.com>
Date: Thu, 15 Jun 2023 16:58:39 -0700
To: public-credentials@w3.org
Message-ID: <8ff6ad19-39ee-a33d-3db4-7d3794db2634@grotto-networking.com>

Here is a crude JSON-LD example showing the canonicalization algorithm 
that we currently use. Consider an inventory of windsurfing (sailing 
gear) where the date/age of the gear is important (the gear has a hard 
life) in JSON-LD:

|{ "@context": { "@vocab": 
"https://windsurf.grotto-networking.com/selective#" }, "sails": [ { 
"size": 6.1, "year": 2023}, { "size": 7.0, "year": 2020} ], "boards": [ 
{ "name": "CompFoil170", "year": 2022}, { "name": "Tillo Custom", 
"year": 2019} ] } |

If we canonicalize this (see JSON-LD playground) we get

|_:c14n0 <https://windsurf.grotto-networking.com/selective#name> 
"CompFoil170" . _:c14n0 
<https://windsurf.grotto-networking.com/selective#year> 
"2022"^^<http://www.w3.org/2001/XMLSchema#integer> . _:c14n1 
<https://windsurf.grotto-networking.com/selective#name> "Tillo Custom" . 
_:c14n1 <https://windsurf.grotto-networking.com/selective#year> 
"2019"^^<http://www.w3.org/2001/XMLSchema#integer> . _:c14n2 
<https://windsurf.grotto-networking.com/selective#size> 
"7"^^<http://www.w3.org/2001/XMLSchema#integer> . _:c14n2 
<https://windsurf.grotto-networking.com/selective#year> 
"2020"^^<http://www.w3.org/2001/XMLSchema#integer> . _:c14n3 
<https://windsurf.grotto-networking.com/selective#size> 
"6.1E0"^^<http://www.w3.org/2001/XMLSchema#double> . _:c14n3 
<https://windsurf.grotto-networking.com/selective#year> 
"2023"^^<http://www.w3.org/2001/XMLSchema#integer> . _:c14n4 
<https://windsurf.grotto-networking.com/selective#boards> _:c14n0 . 
_:c14n4 <https://windsurf.grotto-networking.com/selective#boards> 
_:c14n1 . _:c14n4 
<https://windsurf.grotto-networking.com/selective#sails> _:c14n2 . 
_:c14n4 <https://windsurf.grotto-networking.com/selective#sails> _:c14n3 . |

We see from the above that each property, and in particular the |year| 
property is tied to a “node id” (those _:c14nX things) and hence cannot 
be swapped amongst the different equipment listed.

What Luca and I have been discussing is ways to control the “atomicity” 
or “bundling” of attributes, i.e., things that must be revealed together 
or not at all.

Cheers Greg B.

> On 6/10/2023 10:51 AM, Dave Longley wrote:
>> On Fri, Jun 9, 2023 at 3:25 PM Markus Sabadello<markus@danubetech.com>  wrote:
>>> Maybe Manu or Dave can clarify, but my understanding is that DB's "Selective Disclosure Data Integrity Cryptosuite" has bindings between all the claims and the credential, and would therefore NOT allow the re-composition of claims from different credentials as described in Luca's car mileage example.
>> Yes, that's right, Markus. Also of relevance is that claims in the VC
>> data model are "subject property value" statements (or "triples") that
>> therefore bind properties and values to particular subjects. The
>> selective disclosure scheme we described signs these statements
>> directly (i.e., it does not break these statements up into their
>> constituent parts), so you cannot erroneously recombine
>> property-values with different subjects.
>>
>

Attachments

application/pgp-keys attachment: OpenPGP public key

Received on Thursday, 15 June 2023 23:58:48 UTC