Re: [w3ctag/design-reviews] Delegation-oriented FedCM (Issue #1039) from Martin Thomson on 2025-02-11 (public-webapps-github@w3.org from February 2025)

From: Martin Thomson <notifications@github.com>
Date: Mon, 10 Feb 2025 17:01:11 -0800
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/1039/2649589071@github.com>

Hi Sam, 

Thanks for bringing this to us, we just have some initial thoughts here.  We'll likely take some more time thinking about the problem, because it's big and complicated.

We've taken a look at this and it is not clear to us that it addresses the use cases we believe to be relevant in this space. There are a lot of potential use cases, some where the proposed design sketch might be suitable, but others where there is potential for miscommunication or harm. The explainer doesn't really highlight specific use cases in terms of [end user value](https://tag.w3.org/explainers/#explain-the-end-users-need).

As we understand it, the goal of this proposal is to enable general purpose identity-related assertions. This may or may not include some sort of selective disclosure system. It appears to make no choices about technology. The examples use a salted-hash selective disclosure scheme ([SD-JWT+KB](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-selective-disclosure-jwt-15) specifically), but the text mentions a range of possible mechanisms, with varying properties. It is possible that different use cases demand different technology choices, which makes a generic approach difficult to reason about.

As noted above, the explainer does not clearly describe the end user value, which is where we encourage you to focus your efforts. Ideally, this work would start from an analysis of the problems that users might face, focusing on those problems for which a solution in this area might help. That probably needs to address how existing identity-related solutions (or major proposals, including other FedCM, but also the new digital credentials work) fall short.

Given the sensitive nature of the subject, we'd also encourage you to spend some time looking at some of the ways in which mechanisms might be abused and what might be done to mitigate any risks. That can draw on the properties of schemes that are already documented in the existing literature; it doesn't need to be new research.

Either way, we encourage you to continue exploration in this area. There seem to be a set of important use cases in this general area where better interfaces would give people greater autonomy. The application of the 3-party model for identity could improve user experience in some of those cases, but we'd like a clearer articulation of those use cases before commenting further.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/1039#issuecomment-2649589071
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/1039/2649589071@github.com>

Received on Tuesday, 11 February 2025 01:01:15 UTC