Comments (7)
Not much... just enough to give a simple overview of how things related to each other and maybe super simple example of a credential picker (super abstract though... like just a box showing a driver's-license-like credential).
We might be able to make it more complex from there, showing how things are verified etc. and what role each thing in the model plays.
from digital-credentials.
Here is a quick sketch... Obviously the method names would need to align to the webIDL.
flowchart LR
subgraph mobile_device
credential_private_key
credential_private_key --> public_key_credential
subgraph public_key_credential[Mobile Driver's License]
credential_public_key
end
end
subgraph user_agent
credential_manager[Select Digital Credential]
end
subgraph relying_party
request_proof_of_age[Request Age Verification]
end
relying_party -.- presentationRequest -.-> user_agent
relying_party -.- presentationResponse -.- user_agent
user_agent -.- mdocRequest -.-> mobile_device
user_agent -.- mdocResponse -.- mobile_device
in case anyone wants to hack at this, here is a live editor link
from digital-credentials.
Ok, awesome! This is a great start.
So yeah, once we land #57 we can start adding some of the terminology from there to the diagram... we also don't yet have any mention of mDoc (#67) yet, so we can incrementally build this up as we add things to the spec.
This is already hugely helpful though.
from digital-credentials.
I can make a mermaid.
How much detail are you looking for?
from digital-credentials.
Perhaps a better diagram: https://github.com/WICG/digital-identities/blob/main/resources/IdentityCredentialAPI-Layering-2023.pdf
Green arrows seem to be controlled by Chromium, Safari, Geko (Browsers)
Purple arrows seem to be controlled by iOS and Android / Samsung. (Mobile OS)
Red arrows seem to be controlled by macOS / linux / windows (Desktop OS)
Blue arrows seem to be controlled by verifier protocols (OpenID specs, mDoc specs).
We seem to be spending a lot of time talking about "Green and Blue", and there seems to be general agreement, that while we might influence Purple and Red, thats not really what the W3C is good for.
I've thought this CG was limited to "navigator APIs".
I imagined it would produce an FCGS that a W3C WG could pickup to expose something like WebAuthN did.
That would leave everything but the green arrows, out of scope.
Website supports a "Verifier Protocol" website uses navigator APIs to "query a wallet".
Consent happens.
Wallet query response is obtained by the Website.
Website then either forwards the response to its backend (like is done in WebAuthN), or website knows to listen for a back channel notification, in the case that the Verifier Protocol supports that.
from digital-credentials.
Green arrows seem to be controlled by Chromium, Safari, Geko (Browsers)
Purple arrows seem to be controlled by iOS and Android / Samsung. (Mobile OS)
Red arrows seem to be controlled by macOS / linux / windows (Desktop OS)
Blue arrows seem to be controlled by verifier protocols (OpenID specs, mDoc specs).
Green arrows in the browser would be implemented by browser engines: Chromium, Webkit, Geck, etc
Green arrows between client platforms/devices would be implemented by the client platforms: Android, Windows, macOS, iOS, Linux (with some small exceptions where browsers may handle it themselves)
Purple and Red arrows are implemented by app platforms: Android, Windows, macOS, iOS, Linux
from digital-credentials.
This depends on #83 (that is to say, whatever ends up in #83 should be the words used in the diagram... along with "platform" etc.)
from digital-credentials.
Related Issues (20)
- Threat Modeling for Decentralized Identities HOT 18
- Should we have a common and interoperable definition of request types and their privacy properties? HOT 4
- Web Platform Tests: refactoring digitial-credentials.tentative.https.html HOT 2
- What should be the data type for the response? HOT 3
- Are iframes supported by the Digital Credential API? HOT 2
- Should requests be assumed to be linkable by the browser? HOT 4
- Access to an Open Global Web Reduced HOT 1
- [spec] add statement about responses with PII MUST be encrypted HOT 1
- [spec] Add JSON (de)serialization methods
- Digital credential API should support requests for directed identifiers HOT 8
- Digital credential API should support identity verification HOT 3
- Define error handling
- Define WebDriver integration HOT 1
- Consider requiring mitigation of script injection attacks. HOT 3
- Consider requiring a strong signal of user intent. HOT 5
- Explainer: Expand alternatives considered section
- define a well-known way for a verifier to indicate registration, validation, trustmark assurances or other necessary info HOT 3
- Add placeholder security and privacy considerations section
- Issuer identity in selective disclosure cases HOT 3
- Disallow multiple types via navigator.credentials's methods HOT 9
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from digital-credentials.