Re: Binding an iso mDL to VC ecosystem for online verification from Oliver Terbu on 2024-04-29 (public-credentials@w3.org from April 2024)

From: Oliver Terbu <o.terbu@gmail.com>
Date: Mon, 29 Apr 2024 19:50:22 +0200
To: Adrian Gropper <agropper@healthurl.com>
Cc: Andrew Hughes <andrewhughes3000@gmail.com>, Orie Steele <orie@transmute.industries>, Steve Capell <steve.capell@gmail.com>, W3C CG <public-credentials@w3.org>
Message-ID: <CAJdc_Gk7PEN1Za0hBYxSKhf1_Wy_Lgmmy9hPSsRC8qV2u10Nfw@mail.gmail.com>

OIDF is also working on a conformance test suite for OID4VP + ISO mdoc
here:
https://openid.net/certification/conformance-testing-for-openid-for-verifiable-presentations/

Also find here some test vectors: https://github.com/awoie/annex-b-examples
.

On Mon, 29 Apr 2024 at 19:46, Oliver Terbu <o.terbu@gmail.com> wrote:

> See more info here
> https://openid.github.io/OpenID4VP/openid-4-verifiable-presentations-wg-draft.html#name-mobile-documents-or-mdocs-i
> how to do ISO mdoc presentment online using OID4VP as well as how ISO 23220
> and ISO 18013 relate to each other in that context.
>
> Oliver
>
> On Mon, 29 Apr 2024 at 19:15, Adrian Gropper <agropper@healthurl.com>
> wrote:
>
>> The VC ecosystem will have to deal with biometrics in online presentation
>> sooner or later and mDL linkage to VCs is the real world we're in.
>>
>> The "VC ecosystem" has a choice of presentation protocols. Standardizing
>> a less radical departure from current practice by supporting a user-centric
>> request model based on IETF GNAP will drive adoption for VCs and help
>> support adoption of the more exotic protocols being developed outside the
>> ISO walled garden.
>>
>> Adrian
>>
>> On Mon, Apr 29, 2024 at 12:59 PM Andrew Hughes <
>> andrewhughes3000@gmail.com> wrote:
>>
>>> ISO SC 17 / WG 10 is in the final stages of creating ISO 18013-7 with is
>>> mDL presentation "remotely/over the internet".
>>> The current work on the browser API for credential/wallet
>>> selection/presentation was initiated by members of that ISO WG.
>>> ————————
>>> *Andrew Hughes *CISM
>>> m +1 250.888.9474
>>> AndrewHughes3000@gmail.com
>>>
>>>
>>>
>>> On Mon, Apr 29, 2024 at 9:48 AM Orie Steele <orie@transmute.industries>
>>> wrote:
>>>
>>>> I suggest you join one of these calls ( check for the one friendliest
>>>> to your timezone ) :
>>>>
>>>> https://github.com/WICG/digital-identities
>>>>
>>>> See also: https://www.identitycredential.dev/
>>>>
>>>> And the recent comments on:
>>>> https://github.com/w3c/strategy/issues/450#issuecomment-2062897495
>>>>
>>>> There's been discussion of potential browser APIs to enable the
>>>> presentation of a mDoc credential to prove age verification, possible
>>>> integration between OIDC4VP and credential management APIs, etc...
>>>>
>>>> Most of the joining of credential formats I have seen, has been
>>>> proposed at the OIDC4VP layer, where a verifier website might ask for an
>>>> mDoc and a W3C JSON-LD VC, and an OAUTH JWT VC, etc...
>>>>
>>>> Imagine a verifier wanted remote presentation of a credential from a
>>>> mobile wallet to a verifier website using a mobile web browser... or cross
>>>> device to a desktop web browser.
>>>>
>>>> Would it be possible for the verifier to request a specific credential,
>>>> specific claims in a credential, specific credential formats, such as by
>>>> media type?
>>>>
>>>> On one side the problem is mobile OS / browser APIs (holder software),
>>>> on the other side is credential query / presentation exchange formats
>>>> (verifier supported protocols).
>>>>
>>>> It's a difficult problem, with lots of important privacy, security,
>>>> diversity and interoperability challenges.
>>>>
>>>> Regards,
>>>>
>>>> OS
>>>>
>>>>
>>>>
>>>>
>>>> On Mon, Apr 29, 2024 at 11:22 AM Steve Capell <steve.capell@gmail.com>
>>>> wrote:
>>>>
>>>>> Hi all,
>>>>>
>>>>> Just finally getting around to reading the iso mDL spec.  Whether we
>>>>> like it or not it’s definitely a thing that is getting traction and being
>>>>> implemented by licensing authorities
>>>>>
>>>>> So far when reading the spec, verification seems to be all about
>>>>> in-person verification via nfc or other device to reader transfer of an
>>>>> mDL.
>>>>>
>>>>> Question - has anyone in this community thought about how an mDL in a
>>>>> wallet can be use for online verification cases - eg some kind of binding
>>>>> to did / didcom/ etc?ive use cases where I want to join the w3c vc world
>>>>> with the iso mDL world
>>>>>
>>>>> Steven Capell
>>>>> Mob: 0410 437854
>>>>>
>>>>
>>>>
>>>> --
>>>>
>>>>
>>>> ORIE STEELE
>>>> Chief Technology Officer
>>>> www.transmute.industries
>>>>
>>>> <https://transmute.industries>
>>>>
>>>

Received on Monday, 29 April 2024 17:50:37 UTC