...
Excerpt |
---|
|
Recording of Call: 20230130 AnonCreds Specification Working Group Meeting Call Recording.mp4
Notices:
This specification creating group operates under the Linux Foundation Community Specification License v1.0.
...
Stephen Curran (BC Gov / Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>
Rodolfo Miranda (RootsID)<rodolfo.miranda@rootsid.com>
Matteo Midena (Monokee) <matteo.midena@monokee.com>
Lance Byrd (RootsID) <lance.byrd@rootsid.Steve McCown (Anonyome Labs) <smccown@anonyome.com>
Related Repositories:
...
- Welcome and Introductions
- Announcements:Request for a host for the meeting next week – Timo
- Updates the Agenda
Agenda
Open Issue
- PRs for review and merging
- Issues to Discuss
- Revocation Interval
- Further discussion from last week.
- Approach to determine if the holder used an acceptable RevRegistry – see this Issue comment
- Who calls the AnonCreds method to get the Revocation Registry from the ledger for verification
- Verifier
or AnonCreds? - Stephen Curran claims it is the verifier, and therefore the verifier can decide if the provided NRP used an acceptable revocation registry AnonCreds is NOT responsible for deciding if the right RevRegEntry was used – only if the NRP based on a given rev reg value is valid.
- Verifier
- To set "validation" to true/false based on the RevRegEntry timestamp in relation to the revocation interval? Presentation
- Key points:
- 1. an RevRegEntry is “current” from the time it is written, to the time of the next RevRegEntry
- 2. “within the interval” is based on when a RevRegEntry is “current” (see 1.), not its timestamp.
- 3. AnonCreds or the Verifier (calling AnonCreds) should calculate “within interval” (using 2.) and mark verification true if the RevRegEntry used by the Prover is within the interval, else false.
- Dangers:
- False-Negatives: If a strict "timestamp used is between from, to" and not based on when a RevReg is "current" (per 2.), we will get "not verified" incorrectly.
- False-Positives: If we don't do any checking of the timestamp and the interval, the holder could incorrectly use an old RevRegEntry.
- Dangers:
- 4. General point: AnonCreds should return both a summary (true/false) and if false, additional data about why it was false.
- Decision – add an optional `at_from_ts` set of entries, one per NRP, that AnonCreds can use for determining if the holder_ts is within the Presentation Request interval.
- Revocation Interval
- Issue #137 added regarding further investigation into what happens to the issuance data flow nonce(s) by Belsy
- No progress yet.
- Interest in this – figure out way to do this.
- Outstanding progress
- Packages are being published
- Test last week showed that the library is working – demo from first try: https://www.loom.com/share/8497e12cb1c64383aa01768ac2551078
- Awesome!!
Future Calls
...