Re: Preliminary Credentials Use Cases (Summary)

Tim, I'm splitting responses into multiple email threads in an attempt
to make the responses more manageable.

On 08/25/2014 02:35 AM, Tim Holborn wrote:
> *SUMMARY* I consider the endeavour set-out by Web Credentials, to be
> an enormous undertaking.  It is both extraordinarily important; and,
> a body of work to be carried out in an environment that has otherwise
> required a plurality solutions for a plurality situations.
> Underlying the body of work must be a baseline set of ’shared
> values’, such as respect of human rights, and a belief in the
> capacity of the endeavour to provide safety for individuals, to our
> best efforts as contributors to a technical solutions, for real-world
> problems.

+1

> I note that “identity credentials” in your ‘proposed web-payments 
> specification stack’ is defined as ‘identity credentials (login and 
> preferences)[13]

Yeah, that's not what was intended. I've updated it to hopefully still
be succinct, but infer that credentials are a part of what we're trying
to do:

https://docs.google.com/drawings/d/17mfHu4EqsnZQ2eFI115qC8FUuLOX-ZSnWpCjo7q1Vlc

> I’ve cc’d WebID - in the hope that participants of WebID join the 
> Credentials Group http://www.w3.org/community/credentials/  in 
> supporting, at a minimum, discourse surrounding the requirements 
> analysis.

I had a chance to sit down and show Stephane Corlosquet and Andrei
Sambra what the Identity Credentials spec can do during SemTech 2014
last week. So, there is an ongoing dialog there. For those that don't
know, Stephane and Andrei edited/authored a number of WebID specs. So I
do expect that discourse will happen. I also worked closely with
Stephane on RDFa 1.1, so I'd take that as a positive sign as well.

> Whilst i appreciate that for the purpose of Web-Payments, JSON-LD is
> required; i do ponder whether other forms of serialisation can also
> be supported - normalising upon the concept of using methodologies
> compatible with  (or supportive of?) ‘linked data’.

Yes, other serializations (like NQuads) can be used. Some
serializations, like TURTLE, are going to be very difficult to get
working (due to the syntax not supporting graph names). For example, you
can't digitally sign a graph very easily in TURTLE.

> therefore: - What is the difference between credential and a receipt
> or document?

A document is a generalized form of credential and receipt. We get more
specific about what we're talking about as we get more specific about
the use. For example, credentials are used to prove that you have/hold
certain abilities. Receipts prove that you have exchanged value for
something.

Fundamentally, they're more-or-less the same thing, which is why we're
proposing that the same basic technology stack of JSON-LD + Digital
Signatures + Secure Messaging are used for both. We have a general
solution to the problem, we should see how far we can push that before
having to invent things that are specific to a particular market
vertical. It's my hope that we can push the market vertical stuff into
vocabularies, ensuring that the protocol/syntax level stuff stays the
same across the Web Payments and Credentials work.

-- manu

-- 
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: The Marathonic Dawn of Web Payments
http://manu.sporny.org/2014/dawn-of-web-payments/

Received on Wednesday, 27 August 2014 00:18:42 UTC