search

WICG / mobile-document-request-api

Other
18 stars 10 forks source link

Fit mdocs into the Credential Management API #3

Closed bslassey closed 1 year ago

bslassey commented 2 years ago

resolves issue #2

bslassey commented 2 years ago

I've had some side conversations asking about how mdoc requests could be composed with requests for other credential types within the Credential Management API. Here's some hand waving of what that could look like along with some mocks that @samuelgoto put together thinking through how a browser might present this sort of combined request. The use case this uses as an example is verifying a user's age.

Baseline: request items of each type

let mdoc_options = {
    documentType: "org.iso.18013.5.1.mDL",
    requestedElements: [
        { namespace: "org.iso.18013.5.1", name: "age_over_18r" },
    ],
    desiredStorageDuration: {
        days: 7,
    },
    nonce,
};
let fedcm_options = {
       provider: [
          'https://accounts.google.com'
        ],
        age_over_18: true
}

navigator.credentials.get({mdoc: mdoc_options, 
                           identity: fedcm_options})
                      .then((credentialDocument) => { ... });

Ideal: convenience mode

navigator.credentials.get({
      mdoc: nonce, 
      identity: {
        provider: [
          'https://accounts.google.com'
        ]
      },
      attribute: age-over,
      attribute-condition: 18
    })

Mocks

Age Brackets

Allowing multiple sources for age verification in web Credential Management API

University Diplomas

Allowing multiple sources for age verification in web Credential Management API (1)

bslassey commented 1 year ago

had some offline chats and landed on creating a new namespace navigator.identity which mirrors functionality of navigator.credentials and update the PR accordingly.

bslassey commented 1 year ago

I think @agl's PR #5 is a better direction overall so I'm going to close this PR