search

Open-Credentialing-Initiative / Digital-Wallet-Conformance-Criteria

Conformance Criteria for Digital Wallets | https://open-credentialing-initiative.github.io/Digital-Wallet-Conformance-Criteria/latest
https://open-credentialing-initiative.github.io/Digital-Wallet-Conformance-Criteria/latest
Apache License 2.0
1 stars 2 forks source link

section 4 Wallet Conformance Criteria: description of DID methods #31

Closed bluesteens closed 1 year ago

bluesteens commented 1 year ago

4.1.2 Verifiable Data Registry & Endorsed DID Methods a. This sentence should be removed, as it offers a loophole for others to challenge or complicate existing OCI architecture.

A verifiable data registry might also be used for other cryptographically-verifiable data structures such as verifiable credentials.

b. The last column in the table (OCI Credentialing Actor) should be removed, as OCI should simply state which DID methods are endorsed without imposing the roles for which they are used.

c. OCI should define what is meant by:

Digital Wallet Providers SHALL implement and support all DID methods

"Support" can simply mean being able to resolve DIDs but also to offer DID creation for usage. I'd removed the word "implement". It is the solution provider's decision, which DID methods to offer to users for creation/usage. OCI can only really demand DID resolution of all methods to ensure interop.

d. OCI may want to consider setting out broad expectations on the qualities for DID methods to justify the recommended ones, e.g.

03/31 update: following review, this ticket has the same objective as ticket #32 - thus it is recommended to discuss them together

bluesteens commented 1 year ago

loosely related to issue: https://github.com/Open-Credentialing-Initiative/Credential-Issuer-Conformance-Criteria/issues/12

bluesteens commented 1 year ago

Affected Parties (help determine Sunrise/Sunset):

bluesteens commented 1 year ago

fix of CI 6.1 could be done alongside issue #15 ref relates to ticket #32

rceleste125 commented 1 year ago

The Trusted Issuer List is on Etherum and is a list of Trusted DIDs. Do the DIDs need to be ETH DIDs?

bluesteens commented 1 year ago

separate ticket into 2 based problem areas

lleifermann commented 1 year ago

The Trusted Issuer List is on Etherum and is a list of Trusted DIDs. Do the DIDs need to be ETH DIDs?

The trusted issuer list in its state right now stores the list of trusted dids as strings. So all even though the list resides on Ethereum it supports all types of dids (and other identifiers).

bluesteens commented 1 year ago

atm the Digital-Wallet-Conformance-Criteria talk about did:web security but not did:ethr >> consider adding a section

alexcolganLD commented 1 year ago

A. I read this as general information, but OK with removal as it might lead to confusion. B. Agree, this seems like an outdated placeholder. C. How about the following: "To ensure resolution of DID methods, Digital Wallet Providers SHALL support the resolving of all DID methods endorsed by OCI, and SHALL implement at least one DID method." D. 160+ DID methods exist or are under development, suggest we leave this one alone as a change management process question.

rceleste125 commented 1 year ago

Steering Summary:

  1. Remove the limitation for issuers to be limited to use DID:Web method only (allow all OCI supported methods)
  2. Define what "Support" means for a Wallet.
bluesteens commented 1 year ago

edits on branch https://github.com/Open-Credentialing-Initiative/Digital-Wallet-Conformance-Criteria/tree/bluesteens-did-methods

bluesteens commented 1 year ago

13.7.23: amend - "Digital Wallet Providers SHALL support the resolving of all DID methods endorsed by OCI, and SHALL implement at least one such DID method, i.e. create and maintain the resulting DIDs."