"Web Identity" -> "Web Credentials" from Manu Sporny on 2014-03-05 (public-webpayments@w3.org from March 2014)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Tue, 04 Mar 2014 20:57:53 -0500
To: Web Payments <public-webpayments@w3.org>
Message-ID: <531684A1.8000406@digitalbazaar.com>

We're trying to clarify the terminology for the badly named "Web
Identity" spec. While this may seem like bikeshedding, clarifying the
terminology helps identify what the spec is and isn't about. The newest
iteration of the specification abstract looks like this:

"""
An identity is a Linked Data description of a particular entity such as
a person or organization. A credential is a qualification, achievement,
quality, or information about an identity's background such as a name,
government ID, home address, or university degree. This specification
describes mechanisms for reading credentials from and writing
credentials to a Linked Data identity while ensuring that the
information is only accessible to authorized applications.
"""

The terminology has changed from "assertion" -> "credential", and from
"endorsement" -> "claim. So, identities may contain one or more
credentials. Credentials may contain one or more claims about a
particular identity.

As an example, an identity "https://example.com/i/jane" contains a
digitally signed credential supplied by the US Government claiming that
the name "Jane Doe" and the government-issued ID "123-45-6789" is
associated with the identity:

{
  "@context": "https://w3id.org/identity/v1",
  "id": "https://example.com/i/jane",
  "type": "Identity",
  "name": "Jane Doe",
  "governmentId": "123-45-6789",
  "credential": [{
    "id": "http://ssa.us.gov/credentials/3732",
    "type": "PassportCredential",
    "claim": {
      "id": "https://example.com/i/jane",
      "name": "Jane Doe",
      "governmentId": "123-45-6789"
    },
    "expires": "2018-01-01",
    "signature": {
       "type": "GraphSignature2012",
       "signer": "https://ssa.us.gov/keys/27",
       "signature": "3780eyfh3q0fhhfi...8ahsidfhf29rhaish"
    }
  }, ... ]
}

This new formulation hints at the real purpose of the specification. It
isn't about identity as much as it is about asserting an identity's
credentials. In that vein, the specification should probably be renamed
from "Web Identity" to "Web Credentials".

Thoughts?

-- manu

-- 
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: The Worlds First Web Payments Workshop
http://www.w3.org/2013/10/payments/

Received on Wednesday, 5 March 2014 01:58:25 UTC