- From: Greg Bernstein <gregb@grotto-networking.com>
- Date: Sat, 16 Sep 2023 11:50:19 -0700
- To: public-vc-wg@w3.org
- Message-ID: <a7578bad-cb20-1c2f-54df-0a463776637a@grotto-networking.com>
Hi Sebastian and all here are some references and recent progress on
selective disclosure, BBS, and VC/VPs (JSON-LD/RDF).
1.
BBS Presentation to CCG section on Unlinkability/Anonymity
<https://grotto-networking.com/Presentations/BBSforVCs/BBSforVCsBasics.html#/anonymity-and-unlinkability>.
Hands on BBS demo <https://www.grotto-networking.com/BBSDemo/>.
2.
The ECDSA draft <https://w3c.github.io/vc-di-ecdsa/> contains
functions to enable selective disclosure (SD) on JSON-LD documents.
Some example code using a subset of these to generate the selective
disclosure test vectors of PR #38
<https://github.com/w3c/vc-di-ecdsa/pull/38> is open source and
available at ECDSA-SD-TestVectors
<https://github.com/Wind4Greg/ECDSA-SD-TestVectors>
3.
The SD “primitives” mentioned above can be used with BBS selective
disclosure. See the |BBS| directory in ECDSA-SD-TestVectors
<https://github.com/Wind4Greg/ECDSA-SD-TestVectors> for code showing
how this could be done.
4.
Unlinkability/Anonymity and artifacts associated with the processing
of a VC into a form suitable for BBS. Some good discussions and
refinements to further enable these desirable properties can be seen
here <https://github.com/w3c/vc-di-bbs/issues/84>
To achieve unlinkability/anonymity requires a full top to bottom
assessment from credential/application requirement down to cryptographic
implementation. Although I ran BBS on my example JSON-LD input for
selective disclosure, unlinkability could never be achieved since the
application of the fictitious credential was windsurf racing which
requires the registration of a very visible and unique sail number!
Hence one of the most helpful inputs for me and other folks working on
the details is application requirements and example credential mockups.
Note that a few VCWG folks, including myself, regularly attend BBS
standards meetings so the cryptographic knowledge is being shared.
Please share application examples!
Cheers
Greg B.
On 9/15/2023 9:21 AM, Sebastian Crane wrote:
> Dear Brent,
>
> Thank you for finding time during the TPAC meeting to discuss the GSMA
> liaison request. Since I was on the queue to speak when the meeting
> closed, I shall instead write my thoughts below.
>
> The GSMA's offer for collaboration in our BBS-based data integrity
> specification is a significant vote of confidence in the ability of
> Verifiable Credentials to provide the desired privacy enhancements for
> the EU's Digital Identity programme. The resources that will become
> available to the VCWG from this collaboration are to be considerable.
>
> I believe it would be appropriate for the VCWG to collaboratively form a
> response for you to send, as this will give us the opportunity to
> present the diversity of expertise that we possess as a group, and as a
> result will best communicate to the GSMA which of our participants are
> able to inform them in specific areas of interest. Considering the
> saturation of our available meeting time, I suggest a CryptPad or GitHub
> document could be used for this purpose in order to conclude such
> drafting efficiently.
>
> Additionally, as a European myself and a keen advocate of the
> Self-Sovereign Identity efforts, I would like to volunteer myself as an
> individual who will be able to help guide their collaboration in a way
> which is effective between the stakeholders (in this case, primarily the
> W3C, IETF, GSMA, European Commission and of course the citizens and
> residents of Europe who stand to benefit from this work). I would be
> grateful if you could include my offer directly in your correspondence
> with the GSMA's contacts.
>
> Best wishes,
>
> Sebastian
>
Attachments
- application/pgp-keys attachment: OpenPGP public key
Received on Saturday, 16 September 2023 18:50:33 UTC