Re: FW: Selective Disclosure for W3C Data Integrity from Orie Steele on 2023-06-16 (public-credentials@w3.org from June 2023)

From: Orie Steele <orie@transmute.industries>
Date: Thu, 15 Jun 2023 19:35:40 -0500
To: Greg Bernstein <gregb@grotto-networking.com>
Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Message-ID: <CAN8C-_+7F_=of3o+jxKbBwUQcdgr=h0f5LWHOP9wh8U6zOhK-A@mail.gmail.com>
mDoc seems to have accomplished the same functionality without using RDF or
JSON-LD.

There are a lot of trade offs in terms of credential design if the
credential can only be legally expressed in a single serialization.

I think vc-di-sd over hmac application/n-quads is interesting, as is
disclosing streaming JSON pointers, with or without hmac.

But what happens when you don't have JSON-LD or JSON?

Selective disclosure schemes that are tied to a single serialization seem
like a stepping stone to something better.

OS



On Thu, Jun 15, 2023, 6:59 PM Greg Bernstein <gregb@grotto-networking.com>
wrote:

> Here is a crude JSON-LD example showing the canonicalization algorithm
> that we currently use. Consider an inventory of windsurfing (sailing gear)
> where the date/age of the gear is important (the gear has a hard life) in
> JSON-LD:
>
> {
>   "@context": {
>     "@vocab": "https://windsurf.grotto-networking.com/selective#" <https://windsurf.grotto-networking.com/selective#>
>   },
>   "sails": [
>     { "size": 6.1,
>       "year": 2023},
>     { "size": 7.0,
>       "year": 2020}  ],
>   "boards": [
>     { "name": "CompFoil170",
>       "year": 2022},
>     { "name": "Tillo Custom",
>       "year": 2019}  ]}
>
> If we canonicalize this (see JSON-LD playground) we get
>
> _:c14n0 <https://windsurf.grotto-networking.com/selective#name> <https://windsurf.grotto-networking.com/selective#name> "CompFoil170" .
> _:c14n0 <https://windsurf.grotto-networking.com/selective#year> <https://windsurf.grotto-networking.com/selective#year> "2022"^^<http://www.w3.org/2001/XMLSchema#integer> <http://www.w3.org/2001/XMLSchema#integer> .
> _:c14n1 <https://windsurf.grotto-networking.com/selective#name> <https://windsurf.grotto-networking.com/selective#name> "Tillo Custom" .
> _:c14n1 <https://windsurf.grotto-networking.com/selective#year> <https://windsurf.grotto-networking.com/selective#year> "2019"^^<http://www.w3.org/2001/XMLSchema#integer> <http://www.w3.org/2001/XMLSchema#integer> .
> _:c14n2 <https://windsurf.grotto-networking.com/selective#size> <https://windsurf.grotto-networking.com/selective#size> "7"^^<http://www.w3.org/2001/XMLSchema#integer> <http://www.w3.org/2001/XMLSchema#integer> .
> _:c14n2 <https://windsurf.grotto-networking.com/selective#year> <https://windsurf.grotto-networking.com/selective#year> "2020"^^<http://www.w3.org/2001/XMLSchema#integer> <http://www.w3.org/2001/XMLSchema#integer> .
> _:c14n3 <https://windsurf.grotto-networking.com/selective#size> <https://windsurf.grotto-networking.com/selective#size> "6.1E0"^^<http://www.w3.org/2001/XMLSchema#double> <http://www.w3.org/2001/XMLSchema#double> .
> _:c14n3 <https://windsurf.grotto-networking.com/selective#year> <https://windsurf.grotto-networking.com/selective#year> "2023"^^<http://www.w3.org/2001/XMLSchema#integer> <http://www.w3.org/2001/XMLSchema#integer> .
> _:c14n4 <https://windsurf.grotto-networking.com/selective#boards> <https://windsurf.grotto-networking.com/selective#boards> _:c14n0 .
> _:c14n4 <https://windsurf.grotto-networking.com/selective#boards> <https://windsurf.grotto-networking.com/selective#boards> _:c14n1 .
> _:c14n4 <https://windsurf.grotto-networking.com/selective#sails> <https://windsurf.grotto-networking.com/selective#sails> _:c14n2 .
> _:c14n4 <https://windsurf.grotto-networking.com/selective#sails> <https://windsurf.grotto-networking.com/selective#sails> _:c14n3 .
>
> We see from the above that each property, and in particular the year
> property is tied to a “node id” (those _:c14nX things) and hence cannot be
> swapped amongst the different equipment listed.
>
> What Luca and I have been discussing is ways to control the “atomicity” or
> “bundling” of attributes, i.e., things that must be revealed together or
> not at all.
>
> Cheers Greg B.
>
> On 6/10/2023 10:51 AM, Dave Longley wrote:
>
> On Fri, Jun 9, 2023 at 3:25 PM Markus Sabadello <markus@danubetech.com> <markus@danubetech.com> wrote:
>
> Maybe Manu or Dave can clarify, but my understanding is that DB's "Selective Disclosure Data Integrity Cryptosuite" has bindings between all the claims and the credential, and would therefore NOT allow the re-composition of claims from different credentials as described in Luca's car mileage example.
>
> Yes, that's right, Markus. Also of relevance is that claims in the VC
> data model are "subject property value" statements (or "triples") that
> therefore bind properties and values to particular subjects. The
> selective disclosure scheme we described signs these statements
> directly (i.e., it does not break these statements up into their
> constituent parts), so you cannot erroneously recombine
> property-values with different subjects.
>
>
> 
>
> 
>
Received on Friday, 16 June 2023 00:35:58 UTC