W3C home > Mailing lists > Public > public-webpayments@w3.org > June 2014

Re: Proof of Concept: Identity Credentials Login

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Tue, 10 Jun 2014 12:34:23 -0400
Message-ID: <5397338F.2050908@digitalbazaar.com>
To: public-webpayments@w3.org
On 06/10/2014 09:52 AM, Tim Holborn wrote:
> And i absolutely agree that it needs to be RWW compatible (rww.io /
> data.fm are json-ld compliant).

Just to be clear, there's nothing that make the proposed solution
incompatible with WebID+TLS, OpenID Connect, or Mozilla Persona. The
Identity Credentials spec can support all three, no problem. The only
the current proposal doesn't already support those other mechanisms is
that the designers of the technologies feel like the other solutions are
not scalable from a technology, privacy, or usability standpoint.

> How it deal with the URI For an x509v3 cert (subjectAltName) is
> another function of what’s already outlined https://credential.club/
> - however applied to a machine (resulting in one TLS Cert per Machine
> Account for desktop devices; perhaps only one on mobile devices… or
> perhaps one for each persona/agent? i’d prefer one per machine…)

The choice is yours, which is how it should be. You can do one identity
per machine, have many different virtual identities, have one, etc. Your

> Similarly; the ability to create an AUTH link - which relates back to
> a post authored earlier today…

You can do that as well, it's just a simple "powerOfAttorney" Linked
Data relationship.

> Along those lines; another form of ‘credential’ might be taking a pic
>  with a phone of a QR Code shown on a desktop interface, then
> tracking the two device ID’s, etc.  eg: using something like;
> http://davidshimjs.github.io/qrcodejs/ or - is that not a
> credential?

That is a credential and is supported today if one would want to
integrate that in (note, validating each credential is up to the market
vertical that adopts the particular type of credential).

> This way; i’m not just me; but i’m me, as defined by my license, my
> passport - and last time i checked a company doesn’t have a passport
> or a drivers license ;)


-- manu

Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Meritora - Web payments commercial launch
Received on Tuesday, 10 June 2014 16:33:01 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:31 UTC