- From: Christopher Allen <ChristopherA@lifewithalacrity.com>
- Date: Tue, 19 Mar 2024 22:20:06 -0700
- To: Kim Hamilton <kimdhamilton@gmail.com>
- Cc: Kaliya Identity Woman <kaliya@identitywoman.net>, Orie Steele <orie@transmute.industries>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
- Message-ID: <CACrqygD1fUmt=enCCEVKWVy5Apu2M7jThgcyqhuYb95oRfGVMg@mail.gmail.com>
On Tue, Mar 19, 2024 at 8:20 PM Kim Hamilton <kimdhamilton@gmail.com> wrote: > That comparison matrix is gold, thanks! Spice isn’t there but that did > come after IIW. > > There’s a lot in there and it seems a bit overwhelming. However I think > most of us are necessarily abstracting away from this level, assuming a > multi-model/format/etc world, to focus on business value, other aspects of > the ecosystem, etc. > > As that happens, I think communities like this can play an important role > in facilitating understanding of impact of these differences on people. > Exciting stuff ahead! > Kim, I also want to make it clear that Gordian Envelope is somewhat at a different layer than the other examples (SD-JWT, SD-CWT, ecdsa-sd, mDoc) in that it is more generalized to be useful for any authenticated data, in particular data at rest, and thus is not solely for credential data. Its focus is more on data minimization, and can be used for health-care data, AI foundation models, business data, other forms of PII, etc. Gordian Envelope can be used for credentials as well, but right now there is no funding to make it aligned with VCDM. Should be possible, but you lose some of the privacy benefits that allows any holder (not just subject-holder, but any holder) more choices for what to selectively disclose, or selectively correlate (another useful property!). One my concerns with selective disclosure in SD-JWT/CWT/ecdsa-sd/mDoc is that only the issuer can choose what fields are selectively disclosable, which IMHO they will only do if it is in their interest, which may not necessary be the interest of the subject, or other holders (for instance, an employer holding a employee subject credentials may have other needs to elide that are different than the issuer and the subject). One particular consequence of this is that there may be very few fields in a credential that are selectively disclosable. Combined with various approaches for "holder binding", things become even more challenging. There are also some questions about when it is appropriate to do BBS to also anti-correlate signatures — there are cases where it might not make sense. No easy solutions! -- Christopher Allen
Received on Wednesday, 20 March 2024 05:20:46 UTC