- From: Orie Steele <orie@transmute.industries>
- Date: Mon, 26 Jun 2023 10:13:45 -0500
- To: Manu Sporny <msporny@digitalbazaar.com>
- Cc: W3C Credentials CG <public-credentials@w3.org>, W3C Chairs of VC WG <group-vc-wg-chairs@w3.org>, "public-vc-wg@w3c.org" <public-vc-wg@w3c.org>
- Message-ID: <CAN8C-_L52juTVbawLqtZ_CZSaRAacS3Aj9hOVGXzJBJBy-n7pg@mail.gmail.com>
Would it be possible to collect criticism of the approach at the same time? I've reviewed the initial proposal, and implemented a variant of it with support for RSA, EdDSA, ECDSA and Secp256k1 (the Bitcoin and Ethereum curve) and standard signature and key formats here: https://github.com/transmute-industries/vc-di-sd#examples (does not count as an implementation of the proposed suite, because it corrects flaws that are considered features of the current proposal) https://lists.w3.org/Archives/Public/public-vc-wg/2023Jun/0000.html ... and I feel it has several issues which should be addressed prior to proposing the VCWG pick up the work. I'm happy to provide a long form critique in the same document if that is possible, I feel that the folks reviewing should be able to review arguments on both sides before considering supporting / adopting more work. Regards, OS On Mon, Jun 26, 2023 at 9:51 AM Manu Sporny <msporny@digitalbazaar.com> wrote: > Hi all, > > I need your help demonstrating support for a NIST-compliant selective > disclosure mechanism for Data Integrity in the Verifiable Credentials > Working Group. You might want this technology if you plan to issue a > Verifiable Credential (such as a work permit), but want to empower the > holder to only reveal a subset of that credential (only the document > identifier, full name, and the country where the permit is valid). > > The announcement that such a mechanism has been designed and > implemented is here (along with a presentation of the technology): > > https://lists.w3.org/Archives/Public/public-credentials/2023May/0104.html > > If you are considering adding your name to the list of supporters, > please remember that: > > * It carries more weight if you are adding your organization to the > list AND/OR you are an implementer that plans to implement or > integrate the solution into your technology stack. > > * This is ONE of multiple possible selective disclosure mechanisms for > Data Integrity, and is not intended to be the ONLY one. Others, such > as merkle-tree disclosure mechanisms are also possible to deploy in > parallel to the NIST-compliant mechanism described in this email. > > * This is NOT a replacement for BBS for Data Integrity, which provides > both selective disclosure and unlinkable signatures (but does not use > NIST approved cryptography). BBS can be deployed in parallel to the > NIST-compliant selective disclosure mechanism. > > Please add your name to the list of supporters here: > > > https://docs.google.com/document/d/1DzYfqkgCQfsXEkqLegy2v7Dhtf0sQQYrT2JAGbnaMjE/edit > > When you do, please mention if you are a W3C Member, whether you're an > implementer, and whether or not your (or your customers) would benefit > from this technology feature existing. If we get enough signatures, we > will put the proposal in front of the W3C VCWG for consideration. > > -- manu > > -- > Manu Sporny - https://www.linkedin.com/in/manusporny/ > Founder/CEO - Digital Bazaar, Inc. > https://www.digitalbazaar.com/ > > -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries>
Received on Monday, 26 June 2023 15:14:02 UTC