search

WICG / digital-credentials

Digital Credentials, like driver's licenses
https://wicg.github.io/digital-credentials/
Other
82 stars 9 forks source link

[spec] Add additional examples #181

Closed timcappalli closed 1 week ago

timcappalli commented 1 month ago

The examples section currently only has government ID and some TBD text.

    <p id="credential-type-examples">
      There are many types of digital credential that can be conveyed using
      this API. <dfn data-lt="credential type examples">Examples of these
      types</dfn> include:
    </p>
    <ul>
      <li>a driver's license or identity card issued by a government
      institution
      </li>
      <li>TBW: other credential types
      </li>
    </ul>

Update to include:

samuelgoto commented 1 month ago

Yeah, I think more examples would be good to have.

marcoscaceres commented 1 month ago

Agree, but I think we should add them as we see actual real word usage of exposing such credentials to the Web (i.e, let's make sure the spec matches reality... like, is there really a website out there asking for someone's "employee ID" today?... probably not... but there may be in the future. We should add it then.)

We know at a minimum people want to use it for driver licenses, so let's start there and expand as we go. This is a living standards after all.

msporny commented 1 month ago

There are over 30+ use case examples in the Verifiable Credentials Use Cases document that you could borrow from, or citing that document might be useful as well:

https://w3c.github.io/vc-use-cases/#user-needs

MasterKale commented 1 month ago

I brought this up on the call today, but what about a more novel example like, "verify your zip code (in your mDL) to receive a locale-specific discount"? I'm thinking about how theme parks will give discounts to locals.

Other than that, typical loyalty membership cards might be good examples too, "sign in with Marriott" on some affiliated site (though this is kinda like federated sign-in which it sounds like we're trying to stay away from for now.)

samuelgoto commented 3 weeks ago

I like the language that you used in the PR:

https://github.com/WICG/digital-credentials/pull/186#pullrequestreview-2400248666

As I noted in the call, these two use cases have at least "some" intersection with FedCM:

federated sign in verified claim (phone, email)

For example: FedCM is being used for Social Login (which I'm guessing is a subset of "federated sign-in"?) and "verified claims" (e.g. emails providers exposing themselves as FedCM IdPs to share verified email addresses).

I think going forward there is going to be some intersection, and that's ok, but we should try to agree as a community group on what goes where so that we send a coherent message to the ecosystem.

In the meantime, I think this https://github.com/WICG/digital-credentials/pull/186#pullrequestreview-2400248666 does a great job at focusing on real-world government-issued identities where the applicability is a lot clearer at the moment.