Re: Work item suggestion: BBS Cryptosuite for Data Integrity

Just fyi - we are also working with the singapore Open Attestaton team as well as with Orie and mike p on a fairly simple hash-tree based selective redaction specification.  I think it’s complementary and not competing with BBS
- primary use case is redaction of commercially sensitive information in long supply chains
- most often just a few fields of many (price, supplier ID) need to be hidden
- key requirement is that anyone in the supply chain can redact before passing on, even if they are not the subject
- another key requirement is compatibility JSON-LD semantics

Current activity is comparing the singapore protocol to SD-JWT before progressing it further as a community contribution

Kind regards

Steven Capell
Mob: 0410 437854

> On 18 Mar 2023, at 1:15 am, John, Anil <anil.john@hq.dhs.gov <mailto:anil.john@hq.dhs.gov>> wrote:
> 
> 
> Selective disclosure capabilities that natively support JSON-LD credential formats for W3C Verifiable Credentials are a must have functionality for our ongoing workstreams:
> From a privacy and non-linkability aspects for our immigration credentials issuance by the U.S. Citizenship and Immigration Services and;
> From a selective business information disclosure for our U.S. Customs and Border Protection cross-border supply chain / trade work
> 
> The fact that the BBS work, incubated at the W3C CCG, is undergoing cryptographic review via the IETF CFRG (https://datatracker.ietf.org/doc/draft-irtf-cfrg-bbs-signatures/ ), which is respected globally for its expertise, and which provides visibility to our technical authority on cryptography, NIST, is something that gives us confidence in the work and its path to formal standardization.
> 
> As such, we support this work for inclusion in the VC Data Integrity cryptosuites given our existing and stated support for VC Data Integrity in our technical implementation profile.
> 
> Support added to the letter.
> 
> Best Regards,
> 
> Anil
> 
> Anil John
> Technical Director, Silicon Valley Innovation Program
> Science and Technology Directorate
> US Department of Homeland Security
> Washington, DC, USA
> 
> Email Response Time – 24 Hours
> 
>  <https://www.dhs.gov/science-and-technology>
> 
> 
> From: Tobias Looker <tobias.looker@mattr.global <mailto:tobias.looker@mattr.global>>
> Sent: Tuesday, March 14, 2023 6:41 PM
> To: public-vc-wg@w3.org <mailto:public-vc-wg@w3.org>
> Subject: Work item suggestion: BBS Cryptosuite for Data Integrity
> 
> CAUTION: This email originated from outside of DHS. DO NOT click links or open attachments unless you recognize and/or trust the sender. Contact your component SOC with questions or concerns.
> 
> Hi all,
> 
> Following the VCWG adoption of the VC Data Integrity, this email is to call for the adoption of the BBS crypto suite for usage in this scheme [1].
> 
> Since its inception as a CCG work item in 2020, significant work has been put in to mature the underlying cryptographic scheme of BBS which is shown through the adoption of it as a work item of the CFRG and recent publication of our second draft version that contains end to end test vectors which have been verified by multiple independent implementations [2].
> 
> Following this we have been working on a revision to the current BbsSignature*2020 suite (formerly know as a Linked Data Proof suite) that will form the basis of this work item that makes use of the latest version of the BBS crypto scheme[2].
> 
> BBS represents an important work item for Data Integrity as it enables properties such as selective disclosure and unlinkability.
> 
> Given the impending new work item freeze / feature freeze in the VCWG at the end of March 2023, roughly two weeks from now, we need to make the call for adoption of this work item soon.
> 
> If you are an organization (or an implementer) that would like to see support for BBS in the VC Data Integrity cryptosuites, then please add your name, title, and organization to the end of this Google Doc:
> 
> https://docs.google.com/document/d/1RCQWjqeHL-o6gddXC3kzPy0chEC0rdWQFp1J_xk2HsI/edit <https://urldefense.us/v3/__https:/docs.google.com/document/d/1RCQWjqeHL-o6gddXC3kzPy0chEC0rdWQFp1J_xk2HsI/edit__;!!BClRuOV5cvtbuNI!T4f5ESrz0TeaHYUAY-eTS85UtwiIewSnU2AskDPDZlkzUFi64OR4zVk5auuRb2uD4Ctc$>
> 
> As has been the case for other recent adoption calls we'll be collecting signatures this week, and then running a call for adoption in the VCWG once we have enough signatures. The moresignatures of support the better, you don't have to be a W3C Member to sign the letter.
> 
> [1] https://w3c-ccg.github.io/ldp-bbs2020/ <https://urldefense.us/v3/__https:/w3c-ccg.github.io/ldp-bbs2020/__;!!BClRuOV5cvtbuNI!T4f5ESrz0TeaHYUAY-eTS85UtwiIewSnU2AskDPDZlkzUFi64OR4zVk5auuRb9nu8qNh$>
> [2]https://www.ietf.org/archive/id/draft-irtf-cfrg-bbs-signatures-02.html <https://urldefense.us/v3/__https:/www.ietf.org/archive/id/draft-irtf-cfrg-bbs-signatures-02.html__;!!BClRuOV5cvtbuNI!T4f5ESrz0TeaHYUAY-eTS85UtwiIewSnU2AskDPDZlkzUFi64OR4zVk5auuRb8pBN2Uv$>
> 
> Thanks,
>  <https://urldefense.us/v3/__https:/mattr.global/__;!!BClRuOV5cvtbuNI!T4f5ESrz0TeaHYUAY-eTS85UtwiIewSnU2AskDPDZlkzUFi64OR4zVk5auuRbxeE6J74$>
> 
> Tobias Looker
> MATTR
> +64 273 780 461
> tobias.looker@mattr.global <mailto:first.last@mattr.global>
>  <https://urldefense.us/v3/__https:/mattr.global/__;!!BClRuOV5cvtbuNI!T4f5ESrz0TeaHYUAY-eTS85UtwiIewSnU2AskDPDZlkzUFi64OR4zVk5auuRbxeE6J74$>
>  <https://urldefense.us/v3/__https:/www.linkedin.com/company/mattrglobal__;!!BClRuOV5cvtbuNI!T4f5ESrz0TeaHYUAY-eTS85UtwiIewSnU2AskDPDZlkzUFi64OR4zVk5auuRbwquTg1L$>
>  <https://urldefense.us/v3/__https:/twitter.com/mattrglobal__;!!BClRuOV5cvtbuNI!T4f5ESrz0TeaHYUAY-eTS85UtwiIewSnU2AskDPDZlkzUFi64OR4zVk5auuRb763jNVe$>
>  <https://urldefense.us/v3/__https:/github.com/mattrglobal__;!!BClRuOV5cvtbuNI!T4f5ESrz0TeaHYUAY-eTS85UtwiIewSnU2AskDPDZlkzUFi64OR4zVk5auuRb1xOjxqp$>
> 
> This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it – please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank you. Please note that this communication does not designate an information system for the purposes of the Electronic Transactions Act 2002.