-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Define a Verifiable Credential Evidence property for the OpenID Connect Identity Assurance specification #239
Comments
Once we can review the draft of what you are thinking we will review and get some thoughts back in |
Oops! Sorry I thought the google doc was already public read access. Working on it now |
Hey just checking in if a formal work item has been established yet? @David-Chadwick mentioned it on the meeting minutes and wasn't sure if I missed something. |
You have not missed anything. No progress has been made since
then
Kind regards
David
On 08/03/2023 17:45, Nader Helmy wrote:
Hey just checking in if a formal work item has been
established yet? @David-Chadwick mentioned it on the
meeting minutes and wasn't sure if I missed something.
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you were mentioned.Message
ID: ***@***.***>
[
{
***@***.***": "http://schema.org",
***@***.***": "EmailMessage",
"potentialAction": {
***@***.***": "ViewAction",
"target": "#239 (comment)",
"url": "#239 (comment)",
"name": "View Issue"
},
"description": "View this Issue on GitHub",
"publisher": {
***@***.***": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]
|
What is the status of this proposal currently @David-Chadwick, is it still active? |
Yes it is still active. The extension has been added to the VC Specifications Directory, but it needs a W3C CCG spec to point to, rather than a private document |
So this is an in progress work item? Or is it a proposed work item that is looking for CCG member support? Just checking the tags are correct. Perhaps we can discuss it at the start of one of our meetings |
I believe it is the latter - a proposed work item that is looking for CCG member support |
New Work Item Proposal
Include Link to Abstract or Draft
The current draft specification is available here
https://docs.google.com/document/d/1htujrb-_1kh8tkV4MXYRmZ44m_D7yFrY09aFJkAz7io/
List Owners
The people who will be responsible for progressing this work item are
David Chadwick, Crossword Cybersecurity david.chadwick@crosswordcybersecurity.com
Mark Haine, Considrd.Consulting mark@considrd.consulting
Work Item Questions
The W3C Verifiable Credentials Data Model defines the Evidence property as
"Evidence can be included by an issuer to provide the verifier with additional supporting information in a verifiable credential. This could be used by the verifier to establish the confidence with which it relies on the claims in the verifiable credential." Each Evidence property is specified by defining its globally unique type (specified as a URI) followed by any specific properties required by this type.
The OIDF "OpenID Connect for Identity Assurance 1.0" draft specification, available here:
https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html
has defined the data model for making statements about the verification status of the claims transferred in OpenID Connect.
This proposal will use the verification statements defined by OpenID for Identity Assurance to apply to the claims made by the verifiable credential issuer about the subject of the verifiable credential. This will require a unique Evidence type to be defined for OpenID4IA, followed by the verification statements.
This is not being done today as no Evidence property types have been defined.
This proposal is taking two standards, namely W3C Verifiable Credentials Data Model and OIDF OpenID Connect for Identity Assurance, and defining how the latter can be used to provide Evidence about the verifiable credential subject's claims that are being asserted by the VC issuer.
Many different experts from a wide range of organisations have been involved in specifying the OpenID Connect for Identity Assurance draft specification. Appendix B (https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html#section-appendix.b) of this document lists over 25 experts.
Similarly many different experts have been involved in specifying the W3C Verifiable Credentials Data Model.
The current work item welcomes any of the above, and indeed anyone from the CCG, to contribute to how these two standards might leverage each other, as is being proposed here.
Both standards have already been widely publicised at conferences such as EIC 2022 and Identiverse (e.g. see https://www.youtube.com/watch?v=ZSGyav5w34U). Furthermore the OIDF has widely publicised its call for action, available here: https://openid.net/2022/08/25/oidc4ida-overview-call-to-action/
The text was updated successfully, but these errors were encountered: