OR13
commented
9 months ago First part sounds like the beginning of /etc/hosts but for browsers... If we don't give users agency / control over these experiences, they will just do it at the network / os layer, like we already do with pi-hole, etc...
Second part seems ok, but could be shortened to "not covering issuance & presentation in the same set of APIs is a vendor lock in tactic, and OIDC solves this by locking you to OIDC".
security & privacy: a lot of data will be flowing through the browser that are security relevant (such as nonces) and PII (in credentials). I already hear it "we will encrypt everything". Well, that will make the developers live harder.
I feel like making developers lives harder is less important than protecting user data... using encryption carefully is also part of the solution to your concerns regarding vendor lock.
You touched on all the layers in this post, let me summarize my view of them, and please let me know if I missed something critical:
- Transport ( names to addresses / invocable URIs )
- Session ( nonces, origin binding )
- Presentation ( format agnostic, encryption helps force this to be true )
- Application ( let user's choose which client to use for a given server, where client is wallet, and server is issuer or verifier, and in P2P land sometimes these roles get flipped )
Some parts of internet architecture intentionally blind the client/server from knowing the exact path that data will take / has taken.
The browser APIs this groups contemplate seem to fit well with that model, the browser is a trusted mediator, under the control of the user (ideally they can uninstall it or switch to a different one, in the case that it misbehaves, or has security / privacy stance that they don't agree with).
As such the browser can blind the wallet, from seeing anything other than what it is required to see in order to function, and blind the web server from seeing anything about the wallet / credentials / presentations beyond what is required to function.
This means the browser blinds the holder from the issuer, and the holder from the verifier.
Encryption with channel binding is one technique for blinding.
- presentation & issuance: issuers must find and invoke a wallet in the same way as a verifier. A comprehensive solution therefore must support both sides of the three party model and cover presentation in the same way as issuance. I'm being frequently told issuance cannot be standardized. Based on our experience w/ OpenID 4 Verifiable Credential Issuance I would say: it's hard but it is possible. And it is needed to give users the choice, foster adoption of the model and prevent lock in.
Our experience might be a bit different here.
We think both sides need to be covered with open standards (ones that are built in the open, and that you don't have to pay money to read, or provide critical security feedback on), but we don't think the same standards or protocols needs to be used for both sides of the triangle.
I could be in person, talking over bluetooth / QR Codes to get a credential (issuance in proximity), but later remote presenting with OIDC4VP (remote presentation without physical proximity).
The browser's job is to mediate these experiences, not to shuttle me into a one size fits all protocol suite, or credential format.
The requirements of a mediator API are to expose the interfaces necessary to use the mediator safely in other protocols.
The mediator does this better, the less they know about other protocols, this is a main reason why encrypting everything is a positive signal, at least from where I am sitting.
Now if it turns out that the way the encryption is done, you can only use certain operating systems or devices, with certain APIs... that would be a clever trick.
If the layering is done correctly, a browser does not know if it is mediating to a web extension or a native app, but the issuer or verifier does (because they need to know, and the browser does not need to know)... this property is similar to how middle boxes are not supposed to be able to decrypt traffic and inject or alter content... we know this breaks when we only rely on naive transport layer encryption.
If the browser, wallet, issuer or verifier knows its connecting to a specific platform, its easy to imagine setting an allow list for platforms, but at least with encryption we know the worst thing that can happen is censorship / denial of service when a party can't confirm that the target is "safe enough to trust"...
mcr
hlozi
tlodderstedt
samuelgoto
RByers
selfissued
Sakurann
timcappalli
Hi all,
I have been told a couple of times the fundamental issue this group wants to solve is to find an alternative to custom schemes for invoking wallets. I agree with that objective as custom schemes are less secure than app/universal links and really brittle.
To understand what is needed one needs to take a look on what custom schemes are used for today in this context. In OpenID 4 VC we use custom schemes on the interfaces between verifiers & wallets and issuers & wallets to discover & invoke a wallet in cases where there could be multiple wallets serving the same purpose, typically in a certain ecosystem.
One example will be the EU's eIDAS wallet ecosystem. All the EUDI wallets will provide the same feature set through the same interfaces with the same formats as defined in the regulation and further detailed in ARF and implementing acts. As a verifier, I would like to talk to them without the need to write specific code for every of those wallets. I also need a mechanism to invoke one of the EUDI Wallets installed on the user's device. Custom schemes are today the only way to do that.
So in my opinion, if we want to replace custom schemes, we at least need to provide a mechanism resolving an alias representing a coherent set of wallets into one or more wallets for a certain user and device.
However, all the proposals submitted in this group go much further as they invent new protocols/APIs for requesting and presenting credentials. Why is that? There are protocol for that in the market already, e.g. OpenID 4 VC, RestAPI, DIDComm, CHAPI, ...
I think the first increment (one could call it MVP) should be an API resolving a symbolic name (e.g. "EUDIW") to URLs (or other types of addresses as used by the respective protocols). The benefit for the ecosystem is obvious, existing implementations of the before mentioned protocols could be improved very quickly. I would love if the user had the choice what wallet to use in case multiple wallets are installed on the device, it would be great if the user could install a wallet on demand instead of sending the flow to dev nil if no matching app is installed, user could open wallets with much more confidence as there would be some mechanism (like for app/universal links) to make sure only legit apps could claim a certain alias. Awesome!
A second step could be to define a browser APIs for credentials. However, to come up with a compelling solution, such an API (in my opinion) must cover the following features:
Please be aware the second step might introduce a lot of challenges regarding scalability of the system, security, privacy, and regulation.
The alias approach does not pose any of those problems.
best regards, Torsten.