Summary:
- Credential UX part 2
- Auto-approval of presentation requests (e.g.: trusted verifier, trusted preset, etc ...)
- Revocation implications for Mobile
- Consequences of Machine Readable Governance on UX
Note: This call was recorded and the recording and chat transcript are at the bottom of the page.
Date
(7AM-9AM Los Angeles)
|
Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit the Hyperledger Code of Conduct. |
|---|
Anti-Trust Policy:
Linux Foundation meetings involve participation by industry competitors, and it is the intention of the Linux Foundation to conduct all of its activities in accordance with applicable antitrust and competition laws. It is therefore extremely important that attendees adhere to meeting agendas, and be aware of, and not participate in any activities that are prohibited under applicable US state, federal or foreign antitrust and competition laws.
Examples of types of actions that are prohibited at Linux Foundation meetings and in connection with Linux Foundation activities are described in the Linux Foundation Antitrust Policy available at http://www.linuxfoundation.org/antitrust-policy. If you have questions about these matters, please contact your company counsel, or if you are a member of the Linux Foundation, feel free to contact Andrew Updegrove of the firm of Gesmer Updegrove LLP, which provides legal counsel to the Linux Foundation.
Dial-in link
https://us02web.zoom.us/my/telegramsam (updated!)
Attendees
- Sam Curren <sam@indicio.tech>
- Jason Leach (BC Gov) <jason.leach@fullboar.ca>
- Stephen Curran (Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>
- Akiff Manji <amanji@petridish.dev>
Welcome / Introductions
Focus
- Credential UX part 2
Discussion Topics
- Report on OCA:
- Auto-approval of presentation requests (e.g.: trusted verifier, trusted preset, etc ...)
- auto-approval of presentations can be risky (check box to auto-approve that verifier in the future.)
- presentation for login - some other user could login on a computer, and your phone auto approves.
- bulk-approval
- one time bulk approval
- present series of proofs with one user action to approve.
- automate multiple presentations.
- Aries RFC PRs:
- Presentations (merged): PR, current RFC 454 (note: not part of AIP 2.0)
- Issuing multiple credentials: Submitted PR
- policy-approval
- guardianship
- biometric unlock allows policy approvals.
- context matters
- Location, for example – e.g. for entry into a building – but likely still needs a manual trigger - e.g. biometric
- transport tech
- How to get there: Do it manually first and then look for automation opportunities to make the policies crisp
- Repeated Presentations authorized by user
- Careful:
- Have to watch for anti-patterns (e.g. a login with no human interaction).
- Watching for the security vs. convenience trade-off.
- Making sure that the SSI principles are followed – control is with the user.
- A wallet is an agent – acts on behalf of the USER – fiduciary responsibility
- Actions:
- Need bulk presentation request (Present Proof) (mostly done, see above)
- Policy to recommend bulk actions
- Progress
- Kiva - already doing multiple presentation with policy - looking forward to be policy file driven
- auto-approval of presentations can be risky (check box to auto-approve that verifier in the future.)
- Consequences of Machine Readable Governance on UX
- New types of user interactions
- warnings of acting outside governance
- selections of governance frameworks
- communicating opinions of governance frameworks
- governance framework discovery
- Discover Features 2.0 Protocol can list supported frameworks
- Types of Governance
- Roots of trust
- Identifying Participants
- Progress:
- Mike working on test applications of Machine Readable Governance
- New types of user interactions
- Revocation implications for Mobile
Action items
Call Recording