...
- Sam Curren <sam@indicio.tech>
- Jason Leach (BC Gov) <jason.leach@fullboar.ca>
- Stephen Curran (Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>
Welcome / Introductions
Focus
- Credential UX part 2
Discussion Topics
- Report on OCA:
- Auto-approval of presentation requests (e.g.: trusted verifier, trusted preset, etc ...)
- auto-approval of presentations can be risky (check box to auto-approve that verifier in the future.)
- presentation for login - some other user could login on a computer, and your phone auto approves.
- bulk-approval
- one time bulk approval
- present series of proofs with one user action to approve.
- automate multiple presentations.
- Aries RFC PRs:
- Presentations (merged): PR, current RFC 454 (note: not part of AIP 2.0)
- Issuing multiple credentials (not merged PR): https://github.com/hyperledger/aries-rfcs/pull/692
- policy-approval
- guardianship
- biometric unlock allows policy approvals.
- context matters
- Location, for example – e.g. for entry into a building – but likely still needs a manual trigger - e.g. biometric
- How to get there: Do it manually first and then look for automation opportunities to make the policies crisp
- Careful:
- Have to watch for anti-patterns (e.g. a login with no human interaction).
- Watching for the security vs. convenience trade-off.
- Making sure that the SSI principles are followed – control is with the user.
- A wallet is an agent – acts on behalf of the USER – fiduciary responsibility
- Actions:
- Need bulk presentation request (Present Proof) (mostly done, see above)
- Policy to recommend bulk actions
- auto-approval of presentations can be risky (check box to auto-approve that verifier in the future.)
- Consequences of Machine Readable Governance on UX
- Revocation implications for Mobile
...