Awesome-Mirrors
/
decentralized-id.github.io
mirror of https://github.com/Decentralized-ID/decentralized-id.github.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

cross-link ocap

This commit is contained in:
⧉ infominer 2023-06-03 02:26:11 +05:30
parent 4b8cea123f
commit 72cdcaf33e
1 changed files with 12 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
_data/standards.csv
View File

@ -44,10 +44,10 @@ Verifiable Credentials,Affinidi,,,,,,,,,Compare and Contrast — IRMA vs Verifia
Verifiable Credentials,IDCommons,,,Grace Rachmany,,,,,IIW,Could an NFT be a VC?,"Case discussed: A group of villages in Africa using a cryptocurrency platform for alternative currencies. Different organizations issue the coins under different circumstances. When you accept a currency, you want to know who is the issuer. The Red Cross might be more or less trusted than the local leader or agricultural cooperative as the issuer of a currency that is supposedly equivalent to a shilling.<br><br>What types of tech could be used for this?<br><br>- Multiple currencies on the blockchains<br>- Certifications in the form of some kind of NFT issued by the issuer.<br>- Limited supply tokens or NFTs that are “expired” when you use them<br>- Open Credential Publisher framework was suggested<br>- VCs are generally authorizations associated with a person, so maybe a person could have the VC and show their credit rating in some way while they are making a transaction<br>- Similarly maybe the VC belongs to the organization that is issuing the coin, proving its reputation over time.",,https://iiw.idcommons.net/20I/_Could_an_NFT_be_a_VC%3F,,Session Notes,,,Comparisons,,,,,,,,2021-05-06,,,,,,,,,,,,,
Verifiable Credentials,Personal,,,Timothy Ruff,,,,,,How does VC Functional Stack compare to #ToIP Stack?,"1. ToIP Layers 2 & 3 compare to Functional Layer 2<br>2. ToIP Layer 4 compares to Functional Layers 3 & 4 (horizontal layer for VC Management, vertical layer for Applications)<br>3. Functional stack doesn't require #blockchain<br>4. Functional Stack doesn't detail steps for trust or verification; ToIP Stack doesn't separate management or storage<br>5. Functional Stack clarifies functions, roles, and potential business models; ToIP stack clarifies trust & security They are complementary, not contradictory.",,https://twitter.com/rufftimo/status/1301314001251438593,https://i.imgur.com/8zakrMQ.png,Thread,,,Comparisons,,,,,,,,2020-09-03,,,,,,,,,,,,,
Verifiable Credentials,CCG Mailing List,,,Michael Herman,CCG,,,,,What are VCs similar to?,"The chip in your e-passport is the analogy Ive been most successful with<br>An issuer gives it to you.<br>You carry it around and show to whom you choose<br>The verifier can check its integrity without contacting the issuer<br>“A VC is like the chip in your passport - bit for any document type”<br>So far the best analogy Ive found.  Policy makers say “ah, I see”",,https://lists.w3.org/Archives/Public/public-credentials/2021Aug/0338.html,,Discussion,,,Comparisons,,,,,,,Credentials Community Group,2021-08-23,,,,,,,,,,,,,
Verifiable Credentials,fossandcrafts,,,,,,,,,Hygiene for a computing pandemic,"This episode of FOSS and Crafts features Christopher Lemmer Webber discussing the object capability security approach. Its a generalization not specific to VCs, continuing from the conversation on the CCG mailinglist, [Hygiene for a computing pandemic: separation of VCs and ocaps/zcaps](https://lists.w3.org/Archives/Public/public-credentials/2020Dec/0028.html), we shared last month.<br>",The podcast *show-notes include an epic list of references* supporting the discussion.,https://fossandcrafts.org/episodes/20-hygiene-for-a-computing-pandemic.html,,Post,,,Comparisons,,,,,,,,2021-01-03,,,,,,,,,,,,,
"Verifiable Credentials, Object Capabilities",fossandcrafts,,,,,,,,,Hygiene for a computing pandemic,"This episode of FOSS and Crafts features Christopher Lemmer Webber discussing the object capability security approach. Its a generalization not specific to VCs, continuing from the conversation on the CCG mailinglist, [Hygiene for a computing pandemic: separation of VCs and ocaps/zcaps](https://lists.w3.org/Archives/Public/public-credentials/2020Dec/0028.html), we shared last month.<br>",The podcast *show-notes include an epic list of references* supporting the discussion.,https://fossandcrafts.org/episodes/20-hygiene-for-a-computing-pandemic.html,,Post,,,"Comparisons, Main",,,,,,Object Capabilities,,2021-01-03,,,,,,,,,,,,,
Verifiable Credentials,Personal,,https://lists.w3.org/Archives/Public/public-credentials/2021Jun/0244.html,"Kyle Den Hartog, Manu Sporny",,,,,,Re: The dangers of using VCs as permission tokens (was: PROPOSALs for VC HTTP API call on 2021-06-22),"Agreed, when it comes to the number of checks that occur it's much greater<br>because of the delegation. With that in mind, looking at the semantics only<br>of the system VCs in my opinion weren't optimally designed for permission<br>tokens. This difference between the two requires that an implementation<br>that wants to support both claims tokens and permissions tokens has to<br>grapple with the different mental model that arise when trying to stuff<br>these things together. This introduces additional complexity. Additionally<br>it leads to weird statements that are being made where it's difficult to<br>tell if the VC is behaving like a claims token or a permissions token.<br><br>Yes, exactly this. Exactly what Kyle states above is the reason why it's so complicated (and thus dangerous) to use VCs as permissions tokens.<br><br>This is one of the primary reasons that we separated out the Authorization Capabilities work from the Verifiable Credentials work. Things get really complicated when you start mixing authz/authn/claims/permissions into a Verifiable Credential. Just because you can do it doesn't mean you should",,https://kyledenhartog.com/example-authz-with-VCs/,,Post,,,Comparisons,,,,,,,,2021-06-24,,,,,,,,,,,,,
Verifiable Credentials,Personal,,,Kyle Den Hartog,,,,,,Comparing VCs to ZCAP-LD,Why make the investment then to put the time and effort into ZCAPs when weve already got VCs? Simply put because security is hard and trying to push square pegs into round holes often times leads to bugs which are elevated to mission critical authentication/authorization bypass vulnerabilities. By designing around a fit for purpose data model with a well defined problem being solved it allows for us to be much more precise about where we believe extensibility is important versus where normative statements should be made to simplify the processing of the data models. By extension this leads to a simpler security model and likely a much more robust design with fewer vulnerabilities.,,https://kyledenhartog.com/comparing-VCs-with-zcaps/,,Post,,,Comparisons,,,,,,,,2021-09-25,,,,,,,,,,,,,
Verifiable Credentials,CCG Mailing List,,,Dave Longley,CCG,,,,,Re: VCs - zCaps / OCap a Discussion,"TL; DR: My current view is that the main confusion here may be over the difference between VCs and LD Proofs, not VCs and ZCAPs. VCs are not a generalized container for attaching a cryptographic proof to a document. That's what LD proofs (or JOSE style proofs) are for. VCs *use* LD proofs (or JOSE style proofs) to attach an assertion proof to a document that specifically models statements made by an issuer about some subject, which is therefore inherently about the identity of that subject",,https://lists.w3.org/Archives/Public/public-credentials/2020Dec/0027.html,,Discussion,,,Comparisons,,,,,,,Credentials Community Group,2020-12-05,,,,,,,,,,,,,
"Verifiable Credentials, Object Capabilities",Personal,,,Kyle Den Hartog,,,,,,Comparing VCs to ZCAP-LD,Why make the investment then to put the time and effort into ZCAPs when weve already got VCs? Simply put because security is hard and trying to push square pegs into round holes often times leads to bugs which are elevated to mission critical authentication/authorization bypass vulnerabilities. By designing around a fit for purpose data model with a well defined problem being solved it allows for us to be much more precise about where we believe extensibility is important versus where normative statements should be made to simplify the processing of the data models. By extension this leads to a simpler security model and likely a much more robust design with fewer vulnerabilities.,,https://kyledenhartog.com/comparing-VCs-with-zcaps/,,Post,,,"Comparisons, Main",,,,,,Object Capabilities,,2021-09-25,,,,,,,,,,,,,
"Verifiable Credentials, Object Capabilities",CCG Mailing List,,,Dave Longley,CCG,,,,,Re: VCs - zCaps / OCap a Discussion,"TL; DR: My current view is that the main confusion here may be over the difference between VCs and LD Proofs, not VCs and ZCAPs. VCs are not a generalized container for attaching a cryptographic proof to a document. That's what LD proofs (or JOSE style proofs) are for. VCs *use* LD proofs (or JOSE style proofs) to attach an assertion proof to a document that specifically models statements made by an issuer about some subject, which is therefore inherently about the identity of that subject",,https://lists.w3.org/Archives/Public/public-credentials/2020Dec/0027.html,,Discussion,,,"Comparisons, Main",,,,,,Object Capabilities,Credentials Community Group,2020-12-05,,,,,,,,,,,,,
Verifiable Credentials,W3C,Verifiable Credentials Working Group,https://www.w3.org/2020/01/vc-wg-charter.html,,,,,,,Verifiable Credentials Working Group,The mission of the Verifiable Credentials (formerly known as Verifiable Claims) Working Group (VCWG) is to make expressing and exchanging credentials that have been verified by a third party easier and more secure on the Web.<br><br>The Chairs of the Working Group are Kristina Yasuda and Brent Zundel. The W3C Staff Contact for the Working Group is Ivan Herman.,,https://www.w3.org/2017/vc/WG/,,Working Group,,,Working Group,,,,,,,,2017-04-14,https://github.com/w3c/verifiable-claims,,,https://lists.w3.org/Archives/Public/public-vc-wg/,,,,,,https://lists.w3.org/Archives/Public/public-vc-wg/,,,
Verifiable Credentials,VCWG,,,Manu Sporny,,,,,,Verifiable Credentials Data Model v1.1 is an official W3C standard!,"It's official, the Verifiable Credentials Data Model v1.1 is a W3C standard!<br><br> Verifiable Credentials Data Model v1.1<br> https://www.w3.org/TR/2022/REC-vc-data-model-20220303/<br><br>This was largely a maintenance release of the specification. The list of (minor) revisions since the v1.0 release can be found here:https://www.w3.org/TR/2022/REC-vc-data-model-20220303/#revision-history",,https://lists.w3.org/Archives/Public/public-credentials/2022Mar/0005.html,,Specificationification,,,Working Group,,,,,,,Credentials Community Group,2022-03-03,,,,,,,,,,,,,
Verifiable Credentials,VCWG,,,,,,,,,Verifiable Credentials Data Model v1.1,"Credentials are a part of our daily lives; driver's licenses are used to assert that we are capable of operating a motor vehicle, university degrees can be used to assert our level of education, and government-issued passports enable us to travel between countries. This specification provides a mechanism to express these sorts of credentials on the Web in a way that is cryptographically secure, privacy respecting, and machine-verifiable.","Driver's licenses are used to claim that we are capable of operating a motor vehicle, university degrees can be used to claim our education status, and government-issued passports enable holders to travel between countries. This specification provides a standard way to express these sorts of claims on the Web in a way that is cryptographically secure, privacy respecting, and automatically verifiable.",https://www.w3.org/TR/2022/REC-vc-data-model-20220303/,https://www.w3.org/TR/2022/REC-vc-data-model-20220303/diagrams/ecosystem.svg,Specificationification,RECOMMEND,,Working Group,,,,,,,Verifiable Credentials Working Group,2022-03-03,,,,,,,,,,,,,
@ -491,9 +491,9 @@ Linked Data,WebofTrustInfo,,,"Manu Sporny, Harlan Wood, Noah Thorp, Wayne Vaughn
Linked Data,WebofTrustInfo,,,"Ganesh Annan, Kim Hamilton Duffy",,,,,rwot7-toronto,Resource Integrity Proofs,"Cryptographic linking provides discoverability, integrity, and scheme agility<br>Contributors: Manu Sporny, Dave Longley, David Lehn, and Bohdan Andriyiv<br>Currently, the Web provides a simple yet powerful mechanism for the dissemination of information via links. Unfortunately, there is no generalized mechanism that enables verifying that a fetched resource has been delivered without unexpected manipulation. Would it be possible to create an extensible and multipurpose cryptographic link that provides discoverability, integrity, and scheme agility?<br>Cryptographic linking solutions today have yet to provide a generalized mechanism for creating tamper-evident links. The Subresource Integrity standard limits this guarantee to script and link resources loaded on Web pages via the use of HTML attributes. IPFS provides a verification mechanism that is constrained to hash-based, content-addressable links, with no ability to complete content negotiation. RFC6920 proposes another mechanism that cannot be applied to existing links: it recommends the use of named information hashes and a resolution method that creates a content addressable URL [1]. Resource Integrity Proofs incorporates ideas from these standards and solutions to provide a new data format for cryptographic links that is fit for the open world.",,https://github.com/WebOfTrustInfo/rwot7-toronto/blob/master/final-documents/resource-integrity-proofs.md,,Paper,,,Main,,,,,,,,2018-12-12,,,,,,,,,,,,,
Linked Data,WebofTrustInfo,,,,,,,,rwot6-santabarbera,Recent happenings with Linked Data Capabilities,"Veres One's architecture has been adjusted to take full advantage of Linked Data Capabilities as its primary mechanism for granting authority to perform operations on the ledger as well as on DID Documents. permission to update key materials can be conditionally handed out to an entity (or entities) and later revoked if deemed appropriate using Linked Data Capabilities' design.<br>As for ledger updates, Accelerators also make use of Linked Data Capabilities. To prevent spamming the ledger, the costs of an update must somehow be accounted for. The traditional way to do this on a blockchain is to use proof of work, and this is also an option in Veres One, but for those use cases where expending time and energy on proof of work is less desirable users can use an ""accelerator"".<br>An accelerator is an entity that has been granted a capability to perform updates on the ledger more quickly. Accelerators may likewise take advantage of Linked Data Capabilities' support for delegation, with or without caveats.",,https://github.com/WebOfTrustInfo/rwot6-santabarbara/blob/master/topics-and-advance-readings/ld-ocap-recent-happenings.md,,Paper,,,Main,,,,,,,,2018-03-02,,,,,,,,,,,,,
Linked Data,WebofTrustInfo,,,,,,,,rwot4-paris,LD Signature Format Alignment,"The goal of the ""LD Signature Format Alignment"" Working Group at Rebooting the Web of Trust IV was to investigate the feasibility and impact of the proposed 2017 RSA Signature Suite spec, which brings JSON-LD signatures into alignment with the JOSE JSON Web Signature (JWS) standards.The 2017 RSA Signature Suite is based on RFC 7797, the JSON Web Signature (JWS) Unencoded Payload Option specifcation. This approach avoids past concerns about JWT raised in the LD signature adopters, including:•Increased space consumption associated withbase-64 encoding.•Difculty of nesting or chaining signatures, leading to data duplication.•Use of a format that is not a JSON object, preventing ability to rely exclusively on a JSON document-based storage engine (whilepreserving the signature)",,https://nbviewer.jupyter.org/github/WebOfTrustInfo/rwot4-paris/blob/master/final-documents/ld-signatures.pdf,,Paper,,,Main,,,,,,,,2017-08-18,,,,,,,,,,,,,
Linked Data,CCG,,,,,,,,,Authorization Capabilities for Linked Data v0.3,"Authorization Capabilities for Linked Data (ZCAP-LD for short) provides a secure way for linked data systems to grant and express authority utilizing the object capability model. Capabilities are represented as linked data objects which are signed with Linked Data Proofs. ZCAP-LD supports delegating authority to other entities on the network by chaining together capability documents. ""Caveats"" may be attached to capability documents which may be used to restrict the scope of their use, for example to restrict the actions which may be used or providing a mechanism by which the capability may be later revoked.",,https://w3c-ccg.github.io/zcap-spec/,,Specification,,,Main,,,,,,,Credentials Community Group,2023-01-22,https://github.com/w3c-ccg/zcap-spec,,,,,,,,,,,,
"Linked Data, Object Capabilities",CCG,,,,,,,,,Authorization Capabilities for Linked Data v0.3,"Authorization Capabilities for Linked Data (ZCAP-LD for short) provides a secure way for linked data systems to grant and express authority utilizing the object capability model. Capabilities are represented as linked data objects which are signed with Linked Data Proofs. ZCAP-LD supports delegating authority to other entities on the network by chaining together capability documents. ""Caveats"" may be attached to capability documents which may be used to restrict the scope of their use, for example to restrict the actions which may be used or providing a mechanism by which the capability may be later revoked.",,https://w3c-ccg.github.io/zcap-spec/,,Specification,,,"Main, Literature",,,,,,,Credentials Community Group,2023-01-22,https://github.com/w3c-ccg/zcap-spec,,,,,,,,,,,,
Linked Data,WebofTrustInfo,,,,,,,,,Java implementation of Linked Data Signatures,This is an implementation of the following cryptographic suites for Linked Data Proofs:<br>Ed25519Signature2018<br>Ed25519Signature2020<br>EcdsaSecp256k1Signature2019<br>RsaSignature2018<br>JsonWebSignature2020<br>JcsEd25519Signature2020<br>JcsEcdsaSecp256k1Signature2019,,https://github.com/WebOfTrustInfo/ld-signatures-java,,Code,,,Implementation,,,,,,,,2023-05-13,,,,,,,,,,,,,
Linked Data,WebofTrustInfo,,,,,,,,,JSON-LD Signatures with JSON Web Signatures,"Authorization Capabilities for Linked Data (ZCAP-LD for short) provides a secure way for linked data systems to grant and express authority utilizing the object capability model. Capabilities are represented as linked data objects which are signed with Linked Data Proofs. ZCAP-LD supports delegating authority to other entities on the network by chaining together capability documents. ""Caveats"" may be attached to capability documents which may be used to restrict the scope of their use, for example to restrict the actions which may be used or providing a mechanism by which the capability may be later revoked.",,https://github.com/WebOfTrustInfo/ld-signatures-python,,Code,,,Implementation,,,,,,,,2017-04-25,,,,,,,,,,,,,
Linked Data,WebofTrustInfo,,,,,,,,,JSON-LD Signatures with JSON Web Signatures,"Authorization Capabilities for Linked Data (ZCAP-LD for short) provides a secure way for linked data systems to grant and express authority utilizing the object capability model. Capabilities are represented as linked data objects which are signed with Linked Data Proofs. ZCAP-LD supports delegating authority to other entities on the network by chaining together capability documents. ""Caveats"" may be attached to capability documents which may be used to restrict the scope of their use, for example to restrict the actions which may be used or providing a mechanism by which the capability may be later revoked.",,https://github.com/WebOfTrustInfo/ld-signatures-python,,Code,,,Implementation,,,,,,Object Capabilities,,2017-04-25,,,,,,,,,,,,,
Linked Data,CCG,,,,,,,,,Linked Data Keys Registry,This repository contains the Linked Data Cryptographic Suite Registry which is a list of all known Linked Data cryptographic suites and their current level of maturity.,,https://github.com/w3c-ccg/ld-cryptosuite-registry,,registry,,,Implementation,,,,,,,Credentials Community Group,2020-12-29,,,,,,,,,,,,,
Linked Data,DigitalBazaar,,,,,,,,,Linked Data Capabilities reference implementation,JavaScript reference implementation for Authorization Capabilities.,,https://github.com/digitalbazaar/ocapld.js,,Code,,,Implementation,,,,,,,,2023-01-14,,,,,,,,,,,,,
Linked Data,W3C,,,,,,,,,RDF AND JSON-LD UseCases,This wiki page strive to address one of many question about use of RDF vs JSON-LD to store linked data. This page attempts to provide a general introduction of both the technologies and provide suitability analysis of various kind of applications to use either technology.,,https://www.w3.org/2013/dwbp/wiki/RDF_AND_JSON-LD_UseCases,https://www.w3.org/2013/dwbp/wiki/images/thumb/1/17/RDFSerialization-formats.png/800px-RDFSerialization-formats.png,page,,,RDF,,,,,,,,2014-09-15,,,,,,,,,,,,,
@ -520,7 +520,6 @@ GS1,GS1,,,,,,,,,GSMP GLN Modernisation MSWG,"This work group will update the GLN
Object Capabilities,Personal,,,Dan Connolly,,,,,,Awesome Object Capabilities and Capability-based Security,Capability-based security enables the concise composition of powerful [patterns](https://github.com/dckc/awesome-ocap/wiki) of cooperation without vulnerability. [What Are Capabilities?](http://habitatchronicles.com/2017/05/what-are-capabilities/) explains in detail.,,https://github.com/dckc/awesome-ocap,,list,,,Main,,,,,,,,2023-03-03,,,,,,,,,,,,,
Object Capabilities,Wikipedia,,,,,,,,,Object Capability Model,"Computer scientist E. Dean Tribble stated that in smart contracts, identity-based access control did not support well dynamically changing permissions, compared to the object-capability model. He analogized the ocap model with giving a valet the key to one's car, without handing over the right to car ownership.<br><br>The structural properties of object capability systems favor modularity in code design and ensure reliable encapsulation in code implementation.<br><br>These structural properties facilitate the analysis of some security properties of an object-capability program or operating system. Some of these in particular, information flow properties can be analyzed at the level of object references and connectivity, independent of any knowledge or analysis of the code that determines the behavior of the objects. As a consequence, these security properties can be established and maintained in the presence of new objects that contain unknown and possibly malicious code.",,https://en.wikipedia.org/wiki/Object-capability_model,,entry,,,Main,,,,,,,,2023-04-12,,,,,,,,,,,,,
Object Capabilities,eRights,,,Mark S. Miller,,,,,,Object Capabilities,"The capability model is, in a sense, the object model taken to its logical extreme. Where object programmers seek modularity -- a decrease in the dependencies between separately thought-out units -- capability programmers seek security, recognizing that required trust is a form of dependency. Object programmers wish to guard against bugs: a bug in module A should not propagate to module B. Capability programmers wish to guard against malice. However, if B is designed to be invulnerable to A's malice, it is likely also invulnerable to A's bugs.",E: Cryptographic Capabilities for Distributed Smart Contracting,http://erights.org/elib/capability/ode/ode-capabilities.html,http://erights.org/elib/capability/ode/images/money.png,page,,,Main,,,,,,,,1998-10-03,,,,,,,,,,,,,
Object Capabilities,CCG,,,,,,,,,Authorization Capabilities for Linked Data v0.3,"An object capability framework for linked data systems CCG<br>Authorization Capabilities for Linked Data (ZCAP-LD for short) provides a secure way for linked data systems to grant and express authority utilizing the object capability model. Capabilities are represented as linked data objects which are signed with Linked Data Proofs. ZCAP-LD supports delegating authority to other entities on the network by chaining together capability documents. ""Caveats"" may be attached to capability documents which may be used to restrict the scope of their use, for example to restrict the actions which may be used or providing a mechanism by which the capability may be later revoked.",,https://github.com/w3c-ccg/zcap-spec,,Specification,,,Literature,,,,,,,Credentials Community Group,2023-01-23,,,,,,,,,,,,,
Object Capabilities,IDCommons,,,,,,,,IIW,DIDAuth + Obj. Cap. - IIW,"What is DIDAuth and how is it compatible with Object Capabilities?<br>We started by defining and describing object capabilities:<br>- A Capability is a Transferable Unforgeable Permission. It can be implemented with unguessable URLS or signed objects.<br>- A Java Program object reference is a capability, it allows for actions on the subject (the object instance).<br>- A stronger implementation of object capabilities involves a digital certificate issued by a public key, for a resource with a set of supported methods:<br>`Issuer: AlicePubKey`<br>`Resource: did:dad:0x123`<br>`Actions: Read,Write`<br>`Signature: 0x456`",,https://iiw.idcommons.net/DIDAuth_%2B_Obj._Cap.,https://iiw.idcommons.net/images/c/cb/TH1G.jpg,Session Notes,,,Literature,,,,,,,,2018-10-31,,,,,,,,,,,,,
Object Capabilities,WebofTrustInfo,,,Bill Tulloh,,,,,rwot8-barcelona,Applying the Principle of Least Authority to User Interaction,"Object capabilities (ocaps) are increasingly recognized as an important tool for achieving the goals of self-sovereign identity. Many of the principles of self-sovereign identity, such as minimization and protection, can best be achieved through the disciplined pursuit of the principle of least authority that ocaps enable. This paper examines how POLA can be extended to better protect users when exercising their self-sovereign identity.",,https://github.com/WebOfTrustInfo/rwot8-barcelona/blob/master/topics-and-advance-readings/Applying_POLA_to_User_Interaction.md,,Paper,,,Literature,,,,,,,,2019-02-25,,,,,,,,,,,,,
Object Capabilities,WebofTrustInfo,,,James Foley,,,,,rwot7-toronto,Introductory Capability DHT,The Object Capability software design paradigm is a powerful philosophy for the programming of decentralized applications particularly in the realms of security and rights management.,,https://github.com/WebOfTrustInfo/rwot8-barcelona/blob/master/topics-and-advance-readings/introductory-capability-dht-concept.md,,Paper,,,Literature,,,,,,,,2019-02-08,,,,,,,,,,,,,
@ -560,16 +559,16 @@ DIDComm,gold and double blue,,,Siddhi,,,,,,Blockchain and Self-Sovereign Identit
DIDComm,Personal,,https://didcomm.org/shorten-url/1.0/,Timo Glastra,,,,,,Just got my first DIDComm protocol published on the https://didcomm.org website.,"A protocol to request a shortened URL for a given URL. For example, an agent requesting a shortened out of band invitation url from a mediator.",,https://twitter.com/TimoGlastra/status/1572976791136137216,,tweet,,,Implementation,,,,,,,,2022-08-22,,,,,,,,,,,,,
DIDComm,DIF,,,,,,,,,DIDComm: ECDH-1PU Implementation,"In short, ECDH-1PU is a key derivation process that allows for sender authenticity and enables a “[Perfect Forward Secrecy](https://www.wired.com/2016/11/what-is-perfect-forward-secrecy/#:~:text=Perfect%20forward%20secrecy%20means%20that,of%20the%20user%27s%20sensitive%20data.)” mechanism, in addition to significant performance gains over JWS message nested in a JWE envelope, as used by existign ECDH-ES aproaches.","ECDH-1PU is a key derivation process that offers sender authenticity, as well as significant performance gains over existing ECDH-ES aproaches.",https://blog.identity.foundation/ecdh-1pu-implementation/,,Post,,,Implementation,,,,,,,,2021-09-21,,,,,,,,,,,,,
DIDComm,Jolocom,,,,,,,,,Community matters: Jolocoms latest contributions to DIF,"We at Jolocom strongly believe that DIDComm is a crucial infrastructure element for the broader and future-proof SSI stack, and [current work on DIDComm v2 includes Jolocoms implementation of the specification](http://github.com/jolocom/didcomm-rs) with authcrypt (authenticated encrypted) and most of the low level of the protocol.",...Interested parties can already start building high-level verifiable credential-based services and workflows on the Rust KERI implementation.,https://jolocom.io/blog/jolocoms-contributions-to-dif/,https://jolocom.io/wp-content/uploads/2020/05/Jolocom-Logbook-DIF-contribution-cover-02-alt.jpg,Post,,,Implementation,,,,,,,,2021-01-19,,,,,,,,,,,,,
mDL,INATBA,,,,,,,,,“Decentralised Identity: Whats at Stake?”,"Looking at the above comparison, It is clear that both approaches strive to maintain user control of their personal data, selective disclosure/data minimization, and cryptographic methods to prove the integrity of identity claims. The differences are: first in their reliance (mDL) or independence (SSI) from issuer involvement in verification interactions, and second in their cryptographic approach, where the mDL relies on externally provided cryptographic tools while SSI builds on holder controlled private keys",← earlier paper,https://inatba.org/wp-content/uploads/2020/11/2020-11-INATBA-Decentralised-Identity-001.pdf,https://inatba.org/wp-content/uploads/2023/05/Background_561821321-scaled-copie.jpg,Post,,,Intro,,,,,,,,2021-11,,,,,,,,,,,,,
mDL,SpruceID,,,,,,,,,An Identity Wallet Bill of Rights - Starting With the Mobile Driver License,"Spruces continued mission is to let users control their data across the web, whether its web2, web3, or beyond. This also applies to credentials issued by existing entities, such as the Mobile Driver License (mDL) issued by motor vehicle authorities across the world.","Spruces continued mission is to let users control their data across the web, whether its web2, web3, or beyond. This also applies to credentials issued by existing entities, such as the Mobile Driver License (mDL) issued by motor vehicle authorities across the world.",https://blog.spruceid.com/an-identity-wallet-bill-of-rights/,https://blog.spruceid.com/content/images/2022/09/mDL.png,Post,,,Intro,,,,,,,,2022-09-12,,,,,,,,,,,,,
mDL,INATBA,,,,,,,,,Mobile Drivers Licence (mDL) VS. Self-Sovereign Identity (SSI),"The ISO mDL specification (ISO-compliant Driving License or IDL)  is purpose driven, as its name implies, but is said to be specifically intended to:<br>* enable verifiers not affiliated with or associated with the issuing authority to gain access to and authenticate the information<br>* allow the holder of the driving license to decide what information to release to a verifier<br>* include the ability to update information frequently, and to authenticate information at a high level of confidence.",,https://inatba.org/identity/mobile-drivers-licence-mdl-self-sovereign-identity-ssi-comparison/,https://inatba.org/wp-content/uploads/2023/05/Background_561821321-scaled-copie.jpg,Post,,,Main,,,,,,,,2020-11,,,,,,,,,,,,,
mDL,CCG Mailing List,,,Manu Sporny,"Spruce, MATTR, Digital Bazaar, CCG",,,,,Verifiable Driver's Licenses and ISO-18013-5 (mDL),"As some of you might be aware, ISO-18013-5 (mDL -- Mobile Driver's License) was published as a global ISO standard in September 2021. A number of us in the W3C CCG and W3C VCWG attempted to ensure that W3C Verifiable Credentials were supported by the mDL work, but that effort is not reflected in the finalized ISO mDL standard (and due to the way ISO operates, we are not at liberty to share any details). There have been increasing concerns related to the divergence of mDL with W3C Verifiable Credentials and to the market dynamics at play around mDL.",,https://lists.w3.org/Archives/Public/public-credentials/2021Nov/0105.html,,Discussion,,,Main,,,,,,,,2021-11-29,,,,,,,,,,,,,
mDL,INATBA,,,,,,,,,“Decentralised Identity: Whats at Stake?”,"Looking at the above comparison, It is clear that both approaches strive to maintain user control of their personal data, selective disclosure/data minimization, and cryptographic methods to prove the integrity of identity claims. The differences are: first in their reliance (mDL) or independence (SSI) from issuer involvement in verification interactions, and second in their cryptographic approach, where the mDL relies on externally provided cryptographic tools while SSI builds on holder controlled private keys",← earlier paper,https://inatba.org/wp-content/uploads/2020/11/2020-11-INATBA-Decentralised-Identity-001.pdf,,Post,,,Intro,,,,,,,,2021-11,,,,,,,,,,,,,
mDL,SpruceID,,,,,,,,,An Identity Wallet Bill of Rights - Starting With the Mobile Driver License,"Spruces continued mission is to let users control their data across the web, whether its web2, web3, or beyond. This also applies to credentials issued by existing entities, such as the Mobile Driver License (mDL) issued by motor vehicle authorities across the world.","Spruces continued mission is to let users control their data across the web, whether its web2, web3, or beyond. This also applies to credentials issued by existing entities, such as the Mobile Driver License (mDL) issued by motor vehicle authorities across the world.",https://blog.spruceid.com/an-identity-wallet-bill-of-rights/,,Post,,,Intro,,,,,,,,2022-09-12,,,,,,,,,,,,,
mDL,INATBA,,,,,,,,,Mobile Drivers Licence (mDL) VS. Self-Sovereign Identity (SSI),"The ISO mDL specification (ISO-compliant Driving License or IDL)  is purpose driven, as its name implies, but is said to be specifically intended to:<br>* enable verifiers not affiliated with or associated with the issuing authority to gain access to and authenticate the information<br>* allow the holder of the driving license to decide what information to release to a verifier<br>* include the ability to update information frequently, and to authenticate information at a high level of confidence.",,https://inatba.org/identity/mobile-drivers-licence-mdl-self-sovereign-identity-ssi-comparison/,,Post,,,Main,,,,,,,,2020-11,,,,,,,,,,,,,
mDL,CCG Mailing List,,https://w3c-ccg.github.io/vdl-test-suite/,Manu Sporny,"Spruce, MATTR, Digital Bazaar, CCG",,,,,Verifiable Driver's Licenses and ISO-18013-5 (mDL),"As some of you might be aware, ISO-18013-5 (mDL -- Mobile Driver's License) was published as a global ISO standard in September 2021. A number of us in the W3C CCG and W3C VCWG attempted to ensure that W3C Verifiable Credentials were supported by the mDL work, but that effort is not reflected in the finalized ISO mDL standard (and due to the way ISO operates, we are not at liberty to share any details). There have been increasing concerns related to the divergence of mDL with W3C Verifiable Credentials and to the market dynamics at play around mDL.",,https://lists.w3.org/Archives/Public/public-credentials/2021Nov/0105.html,,Discussion,,,Main,,,,,,,,2021-11-29,,,,,,,,,,,,,
mDL,Procivis,,,,,,,,,ISO/IEC 18013-5 vs Self-Sovereign Identity: A proposal for an mDL Verifiable Credential,"in the context of government identity programs we see it as useful to compare them on the following parameters background, credential data model & trust anchor and transmission protocols.",,https://www.procivis.ch/post/iso-iec-18013-5-vs-self-sovereign-identity-a-proposal-for-an-mdl-verifiable-credential,https://uploads-ssl.webflow.com/5fae427844470c4d4b49d62b/62440e2a85213a51704c8641_Picture%203.png,Post,,,Main,,,,,,,,2022-03-30,,,,,,,,,,,,,
mDL,AAMVA,,,,,,,,,Mobile Driver's License (mDL) Implementation Guidelines 1.2,"The AAMVA Joint Mobile Drivers License (mDL) Working Group (WG) has been active around mobile identification since 2012. As the mDL evolves, the mDL WG continues to identify and address topics on which guidance to Issuing Authorities can be helpful. This document represents the bulk of the current guidance, and points to additional resources as needed",,https://www.aamva.org/getmedia/b801da7b-5584-466c-8aeb-f230cef6dda5/mDL-Implementation-Guidelines-Version-1-2_final.pdf,,Report,,,Main,,,,,,,,2023-01,,,,,,,,,,,,,
mDL,AAMVA,,,,,,,,,Mobile Driver's License Model Legislation,"The Mobile Drivers License (mDL) Model Legislation has been developed to facilitate the uniformity of proposed legislative changes related to implementation of mDL in various jurisdictions. The model legislation is meant to demonstrate how the requirements in the ISO standards and AAMVA Mobile Drivers License Implementation Guidelines could be represented in jurisdiction-specific legislation. Thus, the language contained in the model legislation is designed to offer examples and is not expected to be proposed to legislatures without consideration for controlling legal provisions in your jurisdiction",,https://www.aamva.org/getmedia/cb9fd6c7-29e6-48a4-926b-e16d6400eab5/mDL-Model-Legislation_final.pdf,,Report,,,Main,,,,,,,,2023-01,,,,,,,,,,,,,
mDL,Kantara Initiative,,,,,,,,,Working Group for Privacy Enhancing Mobile Credentials,Clearly the use of a drivers license goes well beyond proving eligibility to drive a vehicle. It has become the de-facto standard for proving that you are who you say you are and are entitled to the product or service requested. An increasing number of states are adopting mobile ID systems to recognise and verify mobile credentials including drivers licenses (mDL).,,https://kantarainitiative.org/introducing-kantaras-working-group-for-privacy-enhancing-mobile-credentials/,https://kantarainitiative.org/wp-content/uploads/2021/11/mitya-ivanov-2HWkORIX3II-unsplash-scaled-1.jpg,Post,,,Guidance,,,,,,,,2021-11-15,,,,,,,,,,,,,
mDL,Kantara Initiative,,,,,,,,,Kantara Releases Report on Identity and Privacy Protection For mobile Drivers Licenses,The report outlines how to implement mDL systems as Privacy Enhancing Technologies. It provides guidance on protecting peoples individual privacy and the digital identifiers of an individual who carries or uses an mDL.,,https://kantarainitiative.org/kantara-releases-report-on-identity-and-privacy-protection-for-mobile-drivers-licenses/,https://kantarainitiative.org/wp-content/uploads/2019/08/favicon_kantara.png,Post,,,Guidance,,,,,,,,2021-08-27,,,,,,,,,,,,,
mDL,Biometric Update,,https://kantarainitiative.org/kantara-lays-out-trust-building-recommendations-for-mdls/,,,,,,,Kantara lays out trust-building recommendations for mDLs,"A global digital ID association has published steps vendors and others need to take in order to build effective mobile driving license services that also put ID holders in control of their identity. The Kantara Initiatives report starts from the premise that trust in mobile driving licenses grows with the degree of control that license holders have over the documents, their privacy and their biometric identifiers.","Trust in mobile driving licenses grows with the degree of control that license holders have over the documents, their privacy and their biometric identifiers.",https://www.biometricupdate.com/202108/kantara-lays-out-trust-building-recommendations-for-mdls,https://d1sr9z1pdl3mb7.cloudfront.net/wp-content/uploads/2020/04/06115457/mDL-mobile-drivers-license.png,Post,,,Guidance,,,,,,,,2021-08-27,,,,,,,,,,,,,
mDL,Kantara Initiative,,,,,,,,,Working Group for Privacy Enhancing Mobile Credentials,Clearly the use of a drivers license goes well beyond proving eligibility to drive a vehicle. It has become the de-facto standard for proving that you are who you say you are and are entitled to the product or service requested. An increasing number of states are adopting mobile ID systems to recognise and verify mobile credentials including drivers licenses (mDL).,,https://kantarainitiative.org/introducing-kantaras-working-group-for-privacy-enhancing-mobile-credentials/,,Post,,,Guidance,,,,,,,,2021-11-15,,,,,,,,,,,,,
mDL,Kantara Initiative,,,,,,,,,Kantara Releases Report on Identity and Privacy Protection For mobile Drivers Licenses,The report outlines how to implement mDL systems as Privacy Enhancing Technologies. It provides guidance on protecting peoples individual privacy and the digital identifiers of an individual who carries or uses an mDL.,,https://kantarainitiative.org/kantara-releases-report-on-identity-and-privacy-protection-for-mobile-drivers-licenses/,,Post,,,Guidance,,,,,,,,2021-08-27,,,,,,,,,,,,,
mDL,Biometric Update,,https://kantarainitiative.org/kantara-lays-out-trust-building-recommendations-for-mdls/,,,,,,,Kantara lays out trust-building recommendations for mDLs,"A global digital ID association has published steps vendors and others need to take in order to build effective mobile driving license services that also put ID holders in control of their identity. The Kantara Initiatives report starts from the premise that trust in mobile driving licenses grows with the degree of control that license holders have over the documents, their privacy and their biometric identifiers.","Trust in mobile driving licenses grows with the degree of control that license holders have over the documents, their privacy and their biometric identifiers.",https://www.biometricupdate.com/202108/kantara-lays-out-trust-building-recommendations-for-mdls,,Post,,,Guidance,,,,,,,,2021-08-27,,,,,,,,,,,,,
mDL,CCG,,,,,,,,,Verifiable Driver's License Interoperability Report 1.0,The purpose of this test suite is to demonstrate a path to interoperability between the ISO-18013-5 Mobile Driver's License data model and the W3C Verifiable Credentials ecosystem. The technologies explored in this test suite are experimental and meant to be complementary to ISO-18013-5 (mDL) and not a replacement of the standard. This document contains the most recent interoperability report between issuers and verifiers for Verifiable Driver's License Credentials using the Verifiable Driver's License Vocabulary. This report is generated on a weekly basis.,,https://w3c-ccg.github.io/vdl-test-suite/,,Report,,,Guidance,,,,,,,,2023-01-08,,,,,,,,,,,,,
mDL,IETF,RFC 8943,,,,,,,,RFC 8943: Concise Binary Object Representation (CBOR) Tags for Date,"In CBOR, one point of extensibility is the definition of CBOR tags. RFC 7049 defines two tags for time: CBOR tag 0 (date/time string as per RFC 3339) and tag 1 (POSIX ""seconds since the epoch""). Since then, additional requirements have become known. This specification defines a CBOR tag for a date text string (as per RFC 3339) for applications needing a textual date representation within the Gregorian calendar without a time. It also defines a CBOR tag for days since the date 1970-01-01 in the Gregorian calendar for applications needing a numeric date representation without a time. This specification is the reference document for IANA registration of the CBOR tags defined.","The Concise Binary Object Representation (CBOR), as specified in RFC 7049, is a data format whose design goals include the possibility of extremely small code size, fairly small message size, and extensibility without the need for version negotiation.",https://www.rfc-editor.org/rfc/rfc8943,,rfc,,,CBOR,,,,,,,,2020-11,,,,,,,,,,,,,
mDL,Personal,,https://www.rfc-editor.org/rfc/rfc8943,Mike Jones,,,,,,Concise Binary Object Representation (CBOR) Tags for Date is now RFC 8943,"The Concise Binary Object Representation (CBOR) Tags for Date specification has now been published as RFC 8943. In particular, the full-date tag requested for use by the ISO Mobile Driver’s License specification in the ISO/IEC JTC 1/SC 17 “Cards and security devices for personal identification” working group has been created by this RFC. The abstract of the RFC is:",Mike Jones shares that CBOR (Concise Binary Object Representation) is officially a specification at IETF. woohoo! and it is a key part of [ISOs mDL standard](https://www.iso.org/committee/45144.html) (date fields must use it).,https://self-issued.info/?p=2136,,Post,,,CBOR,,,,,,,,2020-11-20,,,,,,,,,,,,,

1 main parent name supporting authors related location serving policy event title text description link image type status platform section sector industry market focus projects tech working group date github twitter youtube list feed discord crunchbase linkedin docs devtools app telegram forum
44 Verifiable Credentials IDCommons Grace Rachmany IIW Could an NFT be a VC? Case discussed: A group of villages in Africa using a cryptocurrency platform for alternative currencies. Different organizations issue the coins under different circumstances. When you accept a currency, you want to know who is the issuer. The Red Cross might be more or less trusted than the local leader or agricultural cooperative as the issuer of a currency that is supposedly equivalent to a shilling.<br><br>What types of tech could be used for this?<br><br>- Multiple currencies on the blockchains<br>- Certifications in the form of some kind of NFT issued by the issuer.<br>- Limited supply tokens or NFTs that are “expired” when you use them<br>- Open Credential Publisher framework was suggested<br>- VCs are generally authorizations associated with a person, so maybe a person could have the VC and show their credit rating in some way while they are making a transaction<br>- Similarly maybe the VC belongs to the organization that is issuing the coin, proving its reputation over time. https://iiw.idcommons.net/20I/_Could_an_NFT_be_a_VC%3F Session Notes Comparisons 2021-05-06
45 Verifiable Credentials Personal Timothy Ruff How does VC Functional Stack compare to #ToIP Stack? 1. ToIP Layers 2 & 3 compare to Functional Layer 2<br>2. ToIP Layer 4 compares to Functional Layers 3 & 4 (horizontal layer for VC Management, vertical layer for Applications)<br>3. Functional stack doesn't require #blockchain<br>4. Functional Stack doesn't detail steps for trust or verification; ToIP Stack doesn't separate management or storage<br>5. Functional Stack clarifies functions, roles, and potential business models; ToIP stack clarifies trust & security They are complementary, not contradictory. https://twitter.com/rufftimo/status/1301314001251438593 https://i.imgur.com/8zakrMQ.png Thread Comparisons 2020-09-03
46 Verifiable Credentials CCG Mailing List Michael Herman CCG What are VCs similar to? The chip in your e-passport is the analogy I’ve been most successful with<br>An issuer gives it to you.<br>You carry it around and show to whom you choose<br>The verifier can check its integrity without contacting the issuer<br>“A VC is like the chip in your passport - bit for any document type”<br>So far the best analogy I’ve found.  Policy makers say “ah, I see” https://lists.w3.org/Archives/Public/public-credentials/2021Aug/0338.html Discussion Comparisons Credentials Community Group 2021-08-23
47 Verifiable Credentials Verifiable Credentials, Object Capabilities fossandcrafts Hygiene for a computing pandemic This episode of FOSS and Crafts features Christopher Lemmer Webber discussing the object capability security approach. Its a generalization not specific to VCs, continuing from the conversation on the CCG mailinglist, [Hygiene for a computing pandemic: separation of VCs and ocaps/zcaps](https://lists.w3.org/Archives/Public/public-credentials/2020Dec/0028.html), we shared last month.<br> The podcast *show-notes include an epic list of references* supporting the discussion. https://fossandcrafts.org/episodes/20-hygiene-for-a-computing-pandemic.html Post Comparisons Comparisons, Main Object Capabilities 2021-01-03
48 Verifiable Credentials Personal https://lists.w3.org/Archives/Public/public-credentials/2021Jun/0244.html Kyle Den Hartog, Manu Sporny Re: The dangers of using VCs as permission tokens (was: PROPOSALs for VC HTTP API call on 2021-06-22) Agreed, when it comes to the number of checks that occur it's much greater<br>because of the delegation. With that in mind, looking at the semantics only<br>of the system VCs in my opinion weren't optimally designed for permission<br>tokens. This difference between the two requires that an implementation<br>that wants to support both claims tokens and permissions tokens has to<br>grapple with the different mental model that arise when trying to stuff<br>these things together. This introduces additional complexity. Additionally<br>it leads to weird statements that are being made where it's difficult to<br>tell if the VC is behaving like a claims token or a permissions token.<br><br>Yes, exactly this. Exactly what Kyle states above is the reason why it's so complicated (and thus dangerous) to use VCs as permissions tokens.<br><br>This is one of the primary reasons that we separated out the Authorization Capabilities work from the Verifiable Credentials work. Things get really complicated when you start mixing authz/authn/claims/permissions into a Verifiable Credential. Just because you can do it doesn't mean you should https://kyledenhartog.com/example-authz-with-VCs/ Post Comparisons 2021-06-24
49 Verifiable Credentials Verifiable Credentials, Object Capabilities Personal Kyle Den Hartog Comparing VCs to ZCAP-LD Why make the investment then to put the time and effort into ZCAPs when we’ve already got VCs? Simply put because security is hard and trying to push square pegs into round holes often times leads to bugs which are elevated to mission critical authentication/authorization bypass vulnerabilities. By designing around a fit for purpose data model with a well defined problem being solved it allows for us to be much more precise about where we believe extensibility is important versus where normative statements should be made to simplify the processing of the data models. By extension this leads to a simpler security model and likely a much more robust design with fewer vulnerabilities. https://kyledenhartog.com/comparing-VCs-with-zcaps/ Post Comparisons Comparisons, Main Object Capabilities 2021-09-25
50 Verifiable Credentials Verifiable Credentials, Object Capabilities CCG Mailing List Dave Longley CCG Re: VCs - zCaps / OCap a Discussion TL; DR: My current view is that the main confusion here may be over the difference between VCs and LD Proofs, not VCs and ZCAPs. VCs are not a generalized container for attaching a cryptographic proof to a document. That's what LD proofs (or JOSE style proofs) are for. VCs *use* LD proofs (or JOSE style proofs) to attach an assertion proof to a document that specifically models statements made by an issuer about some subject, which is therefore inherently about the identity of that subject https://lists.w3.org/Archives/Public/public-credentials/2020Dec/0027.html Discussion Comparisons Comparisons, Main Object Capabilities Credentials Community Group 2020-12-05
51 Verifiable Credentials W3C Verifiable Credentials Working Group https://www.w3.org/2020/01/vc-wg-charter.html Verifiable Credentials Working Group The mission of the Verifiable Credentials (formerly known as Verifiable Claims) Working Group (VCWG) is to make expressing and exchanging credentials that have been verified by a third party easier and more secure on the Web.<br><br>The Chairs of the Working Group are Kristina Yasuda and Brent Zundel. The W3C Staff Contact for the Working Group is Ivan Herman. https://www.w3.org/2017/vc/WG/ Working Group Working Group 2017-04-14 https://github.com/w3c/verifiable-claims https://lists.w3.org/Archives/Public/public-vc-wg/ https://lists.w3.org/Archives/Public/public-vc-wg/
52 Verifiable Credentials VCWG Manu Sporny Verifiable Credentials Data Model v1.1 is an official W3C standard! It's official, the Verifiable Credentials Data Model v1.1 is a W3C standard!<br><br> Verifiable Credentials Data Model v1.1<br> https://www.w3.org/TR/2022/REC-vc-data-model-20220303/<br><br>This was largely a maintenance release of the specification. The list of (minor) revisions since the v1.0 release can be found here:https://www.w3.org/TR/2022/REC-vc-data-model-20220303/#revision-history https://lists.w3.org/Archives/Public/public-credentials/2022Mar/0005.html Specificationification Working Group Credentials Community Group 2022-03-03
53 Verifiable Credentials VCWG Verifiable Credentials Data Model v1.1 Credentials are a part of our daily lives; driver's licenses are used to assert that we are capable of operating a motor vehicle, university degrees can be used to assert our level of education, and government-issued passports enable us to travel between countries. This specification provides a mechanism to express these sorts of credentials on the Web in a way that is cryptographically secure, privacy respecting, and machine-verifiable. Driver's licenses are used to claim that we are capable of operating a motor vehicle, university degrees can be used to claim our education status, and government-issued passports enable holders to travel between countries. This specification provides a standard way to express these sorts of claims on the Web in a way that is cryptographically secure, privacy respecting, and automatically verifiable. https://www.w3.org/TR/2022/REC-vc-data-model-20220303/ https://www.w3.org/TR/2022/REC-vc-data-model-20220303/diagrams/ecosystem.svg Specificationification RECOMMEND Working Group Verifiable Credentials Working Group 2022-03-03
491 Linked Data WebofTrustInfo Ganesh Annan, Kim Hamilton Duffy rwot7-toronto Resource Integrity Proofs Cryptographic linking provides discoverability, integrity, and scheme agility<br>Contributors: Manu Sporny, Dave Longley, David Lehn, and Bohdan Andriyiv<br>Currently, the Web provides a simple yet powerful mechanism for the dissemination of information via links. Unfortunately, there is no generalized mechanism that enables verifying that a fetched resource has been delivered without unexpected manipulation. Would it be possible to create an extensible and multipurpose cryptographic link that provides discoverability, integrity, and scheme agility?<br>Cryptographic linking solutions today have yet to provide a generalized mechanism for creating tamper-evident links. The Subresource Integrity standard limits this guarantee to script and link resources loaded on Web pages via the use of HTML attributes. IPFS provides a verification mechanism that is constrained to hash-based, content-addressable links, with no ability to complete content negotiation. RFC6920 proposes another mechanism that cannot be applied to existing links: it recommends the use of named information hashes and a resolution method that creates a content addressable URL [1]. Resource Integrity Proofs incorporates ideas from these standards and solutions to provide a new data format for cryptographic links that is fit for the open world. https://github.com/WebOfTrustInfo/rwot7-toronto/blob/master/final-documents/resource-integrity-proofs.md Paper Main 2018-12-12
492 Linked Data WebofTrustInfo rwot6-santabarbera Recent happenings with Linked Data Capabilities Veres One's architecture has been adjusted to take full advantage of Linked Data Capabilities as its primary mechanism for granting authority to perform operations on the ledger as well as on DID Documents. permission to update key materials can be conditionally handed out to an entity (or entities) and later revoked if deemed appropriate using Linked Data Capabilities' design.<br>As for ledger updates, Accelerators also make use of Linked Data Capabilities. To prevent spamming the ledger, the costs of an update must somehow be accounted for. The traditional way to do this on a blockchain is to use proof of work, and this is also an option in Veres One, but for those use cases where expending time and energy on proof of work is less desirable users can use an "accelerator".<br>An accelerator is an entity that has been granted a capability to perform updates on the ledger more quickly. Accelerators may likewise take advantage of Linked Data Capabilities' support for delegation, with or without caveats. https://github.com/WebOfTrustInfo/rwot6-santabarbara/blob/master/topics-and-advance-readings/ld-ocap-recent-happenings.md Paper Main 2018-03-02
493 Linked Data WebofTrustInfo rwot4-paris LD Signature Format Alignment The goal of the "LD Signature Format Alignment" Working Group at Rebooting the Web of Trust IV was to investigate the feasibility and impact of the proposed 2017 RSA Signature Suite spec, which brings JSON-LD signatures into alignment with the JOSE JSON Web Signature (JWS) standards.The 2017 RSA Signature Suite is based on RFC 7797, the JSON Web Signature (JWS) Unencoded Payload Option specifcation. This approach avoids past concerns about JWT raised in the LD signature adopters, including:•Increased space consumption associated withbase-64 encoding.•Difculty of nesting or chaining signatures, leading to data duplication.•Use of a format that is not a JSON object, preventing ability to rely exclusively on a JSON document-based storage engine (whilepreserving the signature) https://nbviewer.jupyter.org/github/WebOfTrustInfo/rwot4-paris/blob/master/final-documents/ld-signatures.pdf Paper Main 2017-08-18
494 Linked Data Linked Data, Object Capabilities CCG Authorization Capabilities for Linked Data v0.3 Authorization Capabilities for Linked Data (ZCAP-LD for short) provides a secure way for linked data systems to grant and express authority utilizing the object capability model. Capabilities are represented as linked data objects which are signed with Linked Data Proofs. ZCAP-LD supports delegating authority to other entities on the network by chaining together capability documents. "Caveats" may be attached to capability documents which may be used to restrict the scope of their use, for example to restrict the actions which may be used or providing a mechanism by which the capability may be later revoked. https://w3c-ccg.github.io/zcap-spec/ Specification Main Main, Literature Credentials Community Group 2023-01-22 https://github.com/w3c-ccg/zcap-spec
495 Linked Data WebofTrustInfo Java implementation of Linked Data Signatures This is an implementation of the following cryptographic suites for Linked Data Proofs:<br>Ed25519Signature2018<br>Ed25519Signature2020<br>EcdsaSecp256k1Signature2019<br>RsaSignature2018<br>JsonWebSignature2020<br>JcsEd25519Signature2020<br>JcsEcdsaSecp256k1Signature2019 https://github.com/WebOfTrustInfo/ld-signatures-java Code Implementation 2023-05-13
496 Linked Data WebofTrustInfo JSON-LD Signatures with JSON Web Signatures Authorization Capabilities for Linked Data (ZCAP-LD for short) provides a secure way for linked data systems to grant and express authority utilizing the object capability model. Capabilities are represented as linked data objects which are signed with Linked Data Proofs. ZCAP-LD supports delegating authority to other entities on the network by chaining together capability documents. "Caveats" may be attached to capability documents which may be used to restrict the scope of their use, for example to restrict the actions which may be used or providing a mechanism by which the capability may be later revoked. https://github.com/WebOfTrustInfo/ld-signatures-python Code Implementation Object Capabilities 2017-04-25
497 Linked Data CCG Linked Data Keys Registry This repository contains the Linked Data Cryptographic Suite Registry which is a list of all known Linked Data cryptographic suites and their current level of maturity. https://github.com/w3c-ccg/ld-cryptosuite-registry registry Implementation Credentials Community Group 2020-12-29
498 Linked Data DigitalBazaar Linked Data Capabilities reference implementation JavaScript reference implementation for Authorization Capabilities. https://github.com/digitalbazaar/ocapld.js Code Implementation 2023-01-14
499 Linked Data W3C RDF AND JSON-LD UseCases This wiki page strive to address one of many question about use of RDF vs JSON-LD to store linked data. This page attempts to provide a general introduction of both the technologies and provide suitability analysis of various kind of applications to use either technology. https://www.w3.org/2013/dwbp/wiki/RDF_AND_JSON-LD_UseCases https://www.w3.org/2013/dwbp/wiki/images/thumb/1/17/RDFSerialization-formats.png/800px-RDFSerialization-formats.png page RDF 2014-09-15
520 Object Capabilities Personal Dan Connolly Awesome Object Capabilities and Capability-based Security Capability-based security enables the concise composition of powerful [patterns](https://github.com/dckc/awesome-ocap/wiki) of cooperation without vulnerability. [What Are Capabilities?](http://habitatchronicles.com/2017/05/what-are-capabilities/) explains in detail. https://github.com/dckc/awesome-ocap list Main 2023-03-03
521 Object Capabilities Wikipedia Object Capability Model Computer scientist E. Dean Tribble stated that in smart contracts, identity-based access control did not support well dynamically changing permissions, compared to the object-capability model. He analogized the ocap model with giving a valet the key to one's car, without handing over the right to car ownership.<br><br>The structural properties of object capability systems favor modularity in code design and ensure reliable encapsulation in code implementation.<br><br>These structural properties facilitate the analysis of some security properties of an object-capability program or operating system. Some of these – in particular, information flow properties – can be analyzed at the level of object references and connectivity, independent of any knowledge or analysis of the code that determines the behavior of the objects. As a consequence, these security properties can be established and maintained in the presence of new objects that contain unknown and possibly malicious code. https://en.wikipedia.org/wiki/Object-capability_model entry Main 2023-04-12
522 Object Capabilities eRights Mark S. Miller Object Capabilities The capability model is, in a sense, the object model taken to its logical extreme. Where object programmers seek modularity -- a decrease in the dependencies between separately thought-out units -- capability programmers seek security, recognizing that required trust is a form of dependency. Object programmers wish to guard against bugs: a bug in module A should not propagate to module B. Capability programmers wish to guard against malice. However, if B is designed to be invulnerable to A's malice, it is likely also invulnerable to A's bugs. E: Cryptographic Capabilities for Distributed Smart Contracting http://erights.org/elib/capability/ode/ode-capabilities.html http://erights.org/elib/capability/ode/images/money.png page Main 1998-10-03
Object Capabilities CCG Authorization Capabilities for Linked Data v0.3 An object capability framework for linked data systems CCG<br>Authorization Capabilities for Linked Data (ZCAP-LD for short) provides a secure way for linked data systems to grant and express authority utilizing the object capability model. Capabilities are represented as linked data objects which are signed with Linked Data Proofs. ZCAP-LD supports delegating authority to other entities on the network by chaining together capability documents. "Caveats" may be attached to capability documents which may be used to restrict the scope of their use, for example to restrict the actions which may be used or providing a mechanism by which the capability may be later revoked. https://github.com/w3c-ccg/zcap-spec Specification Literature Credentials Community Group 2023-01-23
523 Object Capabilities IDCommons IIW DIDAuth + Obj. Cap. - IIW What is DIDAuth and how is it compatible with Object Capabilities?<br>We started by defining and describing object capabilities:<br>- A Capability is a Transferable Unforgeable Permission. It can be implemented with unguessable URLS or signed objects.<br>- A Java Program object reference is a capability, it allows for actions on the subject (the object instance).<br>- A stronger implementation of object capabilities involves a digital certificate issued by a public key, for a resource with a set of supported methods:<br>`Issuer: AlicePubKey`<br>`Resource: did:dad:0x123`<br>`Actions: Read,Write`<br>`Signature: 0x456` https://iiw.idcommons.net/DIDAuth_%2B_Obj._Cap. https://iiw.idcommons.net/images/c/cb/TH1G.jpg Session Notes Literature 2018-10-31
524 Object Capabilities WebofTrustInfo Bill Tulloh rwot8-barcelona Applying the Principle of Least Authority to User Interaction Object capabilities (ocaps) are increasingly recognized as an important tool for achieving the goals of self-sovereign identity. Many of the principles of self-sovereign identity, such as minimization and protection, can best be achieved through the disciplined pursuit of the principle of least authority that ocaps enable. This paper examines how POLA can be extended to better protect users when exercising their self-sovereign identity. https://github.com/WebOfTrustInfo/rwot8-barcelona/blob/master/topics-and-advance-readings/Applying_POLA_to_User_Interaction.md Paper Literature 2019-02-25
525 Object Capabilities WebofTrustInfo James Foley rwot7-toronto Introductory Capability DHT The Object Capability software design paradigm is a powerful philosophy for the programming of decentralized applications particularly in the realms of security and rights management. https://github.com/WebOfTrustInfo/rwot8-barcelona/blob/master/topics-and-advance-readings/introductory-capability-dht-concept.md Paper Literature 2019-02-08
559 DIDComm Personal https://didcomm.org/shorten-url/1.0/ Timo Glastra Just got my first DIDComm protocol published on the https://didcomm.org website. A protocol to request a shortened URL for a given URL. For example, an agent requesting a shortened out of band invitation url from a mediator. https://twitter.com/TimoGlastra/status/1572976791136137216 tweet Implementation 2022-08-22
560 DIDComm DIF DIDComm: ECDH-1PU Implementation In short, ECDH-1PU is a key derivation process that allows for sender authenticity and enables a “[Perfect Forward Secrecy](https://www.wired.com/2016/11/what-is-perfect-forward-secrecy/#:~:text=Perfect%20forward%20secrecy%20means%20that,of%20the%20user%27s%20sensitive%20data.)” mechanism, in addition to significant performance gains over JWS message nested in a JWE envelope, as used by existign ECDH-ES aproaches. ECDH-1PU is a key derivation process that offers sender authenticity, as well as significant performance gains over existing ECDH-ES aproaches. https://blog.identity.foundation/ecdh-1pu-implementation/ Post Implementation 2021-09-21
561 DIDComm Jolocom Community matters: Jolocom’s latest contributions to DIF We at Jolocom strongly believe that DIDComm is a crucial infrastructure element for the broader and future-proof SSI stack, and [current work on DIDComm v2 includes Jolocom’s implementation of the specification](http://github.com/jolocom/didcomm-rs) with authcrypt (authenticated encrypted) and most of the low level of the protocol. ...Interested parties can already start building high-level verifiable credential-based services and workflows on the Rust KERI implementation. https://jolocom.io/blog/jolocoms-contributions-to-dif/ https://jolocom.io/wp-content/uploads/2020/05/Jolocom-Logbook-DIF-contribution-cover-02-alt.jpg Post Implementation 2021-01-19
562 mDL INATBA “Decentralised Identity: What’s at Stake?” Looking at the above comparison, It is clear that both approaches strive to maintain user control of their personal data, selective disclosure/data minimization, and cryptographic methods to prove the integrity of identity claims. The differences are: first in their reliance (mDL) or independence (SSI) from issuer involvement in verification interactions, and second in their cryptographic approach, where the mDL relies on externally provided cryptographic tools while SSI builds on holder controlled private keys ← earlier paper https://inatba.org/wp-content/uploads/2020/11/2020-11-INATBA-Decentralised-Identity-001.pdf https://inatba.org/wp-content/uploads/2023/05/Background_561821321-scaled-copie.jpg Post Intro 2021-11
563 mDL SpruceID An Identity Wallet Bill of Rights - Starting With the Mobile Driver License Spruce’s continued mission is to let users control their data across the web, whether it’s web2, web3, or beyond. This also applies to credentials issued by existing entities, such as the Mobile Driver License (mDL) issued by motor vehicle authorities across the world. Spruce’s continued mission is to let users control their data across the web, whether it’s web2, web3, or beyond. This also applies to credentials issued by existing entities, such as the Mobile Driver License (mDL) issued by motor vehicle authorities across the world. https://blog.spruceid.com/an-identity-wallet-bill-of-rights/ https://blog.spruceid.com/content/images/2022/09/mDL.png Post Intro 2022-09-12
564 mDL INATBA ​​Mobile Driver’s Licence (mDL) VS. Self-Sovereign Identity (SSI) The ISO mDL specification (ISO-compliant Driving License or IDL)  is purpose driven, as its name implies, but is said to be specifically intended to:<br>* enable verifiers not affiliated with or associated with the issuing authority to gain access to and authenticate the information<br>* allow the holder of the driving license to decide what information to release to a verifier<br>* include the ability to update information frequently, and to authenticate information at a high level of confidence. https://inatba.org/identity/mobile-drivers-licence-mdl-self-sovereign-identity-ssi-comparison/ https://inatba.org/wp-content/uploads/2023/05/Background_561821321-scaled-copie.jpg Post Main 2020-11
565 mDL CCG Mailing List https://w3c-ccg.github.io/vdl-test-suite/ Manu Sporny Spruce, MATTR, Digital Bazaar, CCG Verifiable Driver's Licenses and ISO-18013-5 (mDL) As some of you might be aware, ISO-18013-5 (mDL -- Mobile Driver's License) was published as a global ISO standard in September 2021. A number of us in the W3C CCG and W3C VCWG attempted to ensure that W3C Verifiable Credentials were supported by the mDL work, but that effort is not reflected in the finalized ISO mDL standard (and due to the way ISO operates, we are not at liberty to share any details). There have been increasing concerns related to the divergence of mDL with W3C Verifiable Credentials and to the market dynamics at play around mDL. https://lists.w3.org/Archives/Public/public-credentials/2021Nov/0105.html Discussion Main 2021-11-29
566 mDL Procivis ISO/IEC 18013-5 vs Self-Sovereign Identity: A proposal for an mDL Verifiable Credential in the context of government identity programs we see it as useful to compare them on the following parameters – background, credential data model & trust anchor and transmission protocols. https://www.procivis.ch/post/iso-iec-18013-5-vs-self-sovereign-identity-a-proposal-for-an-mdl-verifiable-credential https://uploads-ssl.webflow.com/5fae427844470c4d4b49d62b/62440e2a85213a51704c8641_Picture%203.png Post Main 2022-03-30
567 mDL AAMVA Mobile Driver's License (mDL) Implementation Guidelines 1.2 The AAMVA Joint Mobile Driver’s License (mDL) Working Group (WG) has been active around mobile identification since 2012. As the mDL evolves, the mDL WG continues to identify and address topics on which guidance to Issuing Authorities can be helpful. This document represents the bulk of the current guidance, and points to additional resources as needed https://www.aamva.org/getmedia/b801da7b-5584-466c-8aeb-f230cef6dda5/mDL-Implementation-Guidelines-Version-1-2_final.pdf Report Main 2023-01
568 mDL AAMVA Mobile Driver's License Model Legislation The Mobile Driver’s License (mDL) Model Legislation has been developed to facilitate the uniformity of proposed legislative changes related to implementation of mDL in various jurisdictions. The model legislation is meant to demonstrate how the requirements in the ISO standards and AAMVA Mobile Driver’s License Implementation Guidelines could be represented in jurisdiction-specific legislation. Thus, the language contained in the model legislation is designed to offer examples and is not expected to be proposed to legislatures without consideration for controlling legal provisions in your jurisdiction https://www.aamva.org/getmedia/cb9fd6c7-29e6-48a4-926b-e16d6400eab5/mDL-Model-Legislation_final.pdf Report Main 2023-01
569 mDL Kantara Initiative Working Group for Privacy Enhancing Mobile Credentials Clearly the use of a driver’s license goes well beyond proving eligibility to drive a vehicle. It has become the de-facto standard for proving that you are who you say you are – and are entitled to the product or service requested. An increasing number of states are adopting mobile ID systems to recognise and verify mobile credentials including driver’s licenses (mDL). https://kantarainitiative.org/introducing-kantaras-working-group-for-privacy-enhancing-mobile-credentials/ https://kantarainitiative.org/wp-content/uploads/2021/11/mitya-ivanov-2HWkORIX3II-unsplash-scaled-1.jpg Post Guidance 2021-11-15
570 mDL Kantara Initiative Kantara Releases Report on Identity and Privacy Protection For mobile Driver’s Licenses The report outlines how to implement mDL systems as Privacy Enhancing Technologies. It provides guidance on protecting people’s individual privacy and the digital identifiers of an individual who carries or uses an mDL. https://kantarainitiative.org/kantara-releases-report-on-identity-and-privacy-protection-for-mobile-drivers-licenses/ https://kantarainitiative.org/wp-content/uploads/2019/08/favicon_kantara.png Post Guidance 2021-08-27
571 mDL Biometric Update https://kantarainitiative.org/kantara-lays-out-trust-building-recommendations-for-mdls/ Kantara lays out trust-building recommendations for mDLs A global digital ID association has published steps vendors and others need to take in order to build effective mobile driving license services that also put ID holders in control of their identity. The Kantara Initiative’s report starts from the premise that trust in mobile driving licenses grows with the degree of control that license holders have over the documents, their privacy and their biometric identifiers. Trust in mobile driving licenses grows with the degree of control that license holders have over the documents, their privacy and their biometric identifiers. https://www.biometricupdate.com/202108/kantara-lays-out-trust-building-recommendations-for-mdls https://d1sr9z1pdl3mb7.cloudfront.net/wp-content/uploads/2020/04/06115457/mDL-mobile-drivers-license.png Post Guidance 2021-08-27
572 mDL CCG Verifiable Driver's License Interoperability Report 1.0 The purpose of this test suite is to demonstrate a path to interoperability between the ISO-18013-5 Mobile Driver's License data model and the W3C Verifiable Credentials ecosystem. The technologies explored in this test suite are experimental and meant to be complementary to ISO-18013-5 (mDL) and not a replacement of the standard. This document contains the most recent interoperability report between issuers and verifiers for Verifiable Driver's License Credentials using the Verifiable Driver's License Vocabulary. This report is generated on a weekly basis. https://w3c-ccg.github.io/vdl-test-suite/ Report Guidance 2023-01-08
573 mDL IETF RFC 8943 RFC 8943: Concise Binary Object Representation (CBOR) Tags for Date In CBOR, one point of extensibility is the definition of CBOR tags. RFC 7049 defines two tags for time: CBOR tag 0 (date/time string as per RFC 3339) and tag 1 (POSIX "seconds since the epoch"). Since then, additional requirements have become known. This specification defines a CBOR tag for a date text string (as per RFC 3339) for applications needing a textual date representation within the Gregorian calendar without a time. It also defines a CBOR tag for days since the date 1970-01-01 in the Gregorian calendar for applications needing a numeric date representation without a time. This specification is the reference document for IANA registration of the CBOR tags defined. The Concise Binary Object Representation (CBOR), as specified in RFC 7049, is a data format whose design goals include the possibility of extremely small code size, fairly small message size, and extensibility without the need for version negotiation. https://www.rfc-editor.org/rfc/rfc8943 rfc CBOR 2020-11
574 mDL Personal https://www.rfc-editor.org/rfc/rfc8943 Mike Jones Concise Binary Object Representation (CBOR) Tags for Date is now RFC 8943 The Concise Binary Object Representation (CBOR) Tags for Date specification has now been published as RFC 8943. In particular, the full-date tag requested for use by the ISO Mobile Driver’s License specification in the ISO/IEC JTC 1/SC 17 “Cards and security devices for personal identification” working group has been created by this RFC. The abstract of the RFC is: Mike Jones shares that CBOR (Concise Binary Object Representation) is officially a specification at IETF. woohoo! and it is a key part of [ISO’s mDL standard](https://www.iso.org/committee/45144.html) (date fields must use it). https://self-issued.info/?p=2136 Post CBOR 2020-11-20