[w3ctag/design-reviews] BBS Cryptosuite v2023 Securing Verifiable Credentials with Selective Disclosure using BBS Signatures (Issue #922) from Greg Bernstein on 2023-12-15 (public-webapps-github@w3.org from December 2023)

From: Greg Bernstein <notifications@github.com>
Date: Fri, 15 Dec 2023 12:33:57 -0800
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/922@github.com>

こんにちは TAG-さん!

I'm requesting a TAG review of BBS Cryptosuite v2023 Securing Verifiable Credentials with Selective Disclosure
using BBS Signatures.

The *BBS Cryptosuite v2023* specification describes a mechanism for
ensuring the authenticity and integrity of Verifiable Credentials and similar
types of constrained  digital documents using cryptography, especially through
the use of digital signatures and related mathematical proofs. It is one of several
cryptosuites within the
[VC Data Integrity](https://www.w3.org/TR/vc-data-integrity) framework.
This specification offers constant size signatures over multiple *messages*,
selective disclosure and unlinkable proofs.

  - Explainer¹ (minimally containing user needs and example code):  https://github.com/w3c/vc-di-bbs/blob/main/EXPLAINER.md
  - Specification URL: https://www.w3.org/TR/vc-di-bbs/
  - Tests: https://github.com/w3c/vc-di-bbs/tree/main/TestVectors
  - User research: responding to user desired for data minimization via selective disclosure and unlinkability.
  - Security and Privacy self-review²: https://github.com/w3c/vc-di-bbs/issues/106
  - GitHub repo (if you prefer feedback filed there): https://github.com/w3c/vc-di-bbs/issues
  - Primary contacts (and their relationship to the specification):
      - Greg Bernstein (@Wind4Greg), Independent consultant, Invited Expert, Editor, BBS implementer
      - Manu Sporny (@msporny), Digital Bazaar, Editor
  - Organization(s)/project(s) driving the specification: Verifiable Credentials
  - Key pieces of existing multi-stakeholder review or discussion of this specification: This is a new cryptosuite for the [VC Data Integrity](https://www.w3.org/TR/vc-data-integrity) framework which provides for the additional privacy features of selective disclosure and unlinkable proofs. It is based on the soon to be standardized [BBS signature scheme](https://datatracker.ietf.org/doc/draft-irtf-cfrg-bbs-signatures/) at the IETF.
  - External status/issue trackers for this specification (publicly visible, e.g. Chrome Status): None.

Further details:

  - [x] I have reviewed the TAG's [Web Platform Design Principles](https://www.w3.org/TR/design-principles/)
  - Relevant time constraints or deadlines: Transition to Candidate Recommendation in January 2024
  - The group where the work on this specification is currently being done: Verifiable Credentials
  - The group where standardization of this work is intended to be done (if current group is a community group or other incubation venue): Verifiable Credentials.
  - Major unresolved issues with or opposition to this specification: None.
  - This work is being funded by: 

You should also know that...

This is a new cryptosuite for the [VC Data Integrity](https://www.w3.org/TR/vc-data-integrity) framework which provides for the additional privacy features of selective disclosure and unlinkable proofs. It is based on the soon to be standardized [BBS signature scheme](https://datatracker.ietf.org/doc/draft-irtf-cfrg-bbs-signatures/) at the IETF.

We'd prefer the TAG provide feedback as (please delete all but the desired option):

  🐛 open issues in our GitHub repo for **each point of feedback**



-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/922
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/922@github.com>

Received on Friday, 15 December 2023 20:34:02 UTC