Re: [MLS] About Verifiable Credentials in MLS
Richard Barnes <rlb@ipv.sx> Fri, 19 January 2024 15:44 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B1ACC15109D for <mls@ietfa.amsl.com>; Fri, 19 Jan 2024 07:44:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HH_7S6xkUpSM for <mls@ietfa.amsl.com>; Fri, 19 Jan 2024 07:44:27 -0800 (PST)
Received: from mail-ed1-x532.google.com (mail-ed1-x532.google.com [IPv6:2a00:1450:4864:20::532]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 34016C151532 for <mls@ietf.org>; Fri, 19 Jan 2024 07:44:27 -0800 (PST)
Received: by mail-ed1-x532.google.com with SMTP id 4fb4d7f45d1cf-55a684acf92so745622a12.0 for <mls@ietf.org>; Fri, 19 Jan 2024 07:44:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20230601.gappssmtp.com; s=20230601; t=1705679065; x=1706283865; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=16TKAJc+43wNChJe2Hv3yddJL++4E7h5aXSjE2SvcnM=; b=uVEP4GVBnBnsaej3ZhgSXvlYQbxr9rHb1a2H1V7xHDodGZF5CUvs15UORxlXWEWfl1 CVxDXU0negIPk3dGRWLkkDyRIAmjsXNeB8JPHskL55Mdb2UpkqS70ORj53ycoH1NgylF P2kZ41NlEmNgmwAZvz43gAgUpcXvocp5kxc8xQwNvVKgsPscxVARq7pl7rHRVnj3M/98 Ia2OpRAiMEMeV//ANSBczcvNbFre0Ej/dvfzlkh1r4RDhvnHgw6TxLczVSJCR10tPyCP +YkkXgEcb2AnQzzUnMIX/IB5PRiHl05n2cH36aQVRc52+sXgtgACW2q+VZojgJK+1AzG lY/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705679065; x=1706283865; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=16TKAJc+43wNChJe2Hv3yddJL++4E7h5aXSjE2SvcnM=; b=lAtrG0cSJrJy0mgWv7NlZFR7t6ys7dPrx23B7VT3F19H4+1Oa7pHuXjAPaEVnUZuV6 MquM/POxFqrYsx1wG2TVHhgcAUdYAL+4YeuLZwAzshpGisY0x24ULGv6n+Fdm+2LRGOP H0zLYBu0hc+u2igxIYcrl22xXPNKRhyM/sgE6aCQvAIhGXBuNLlAlJsjM1kBE2ANCkS2 PKqj/T6NN02UQnh0pJPVYDnpUNzw5Zzgm7bYwKhArlJ7x+x9L4gDCxNQMVhU6KGVbHqP sf/MkUEZ8yokfGTlfSizGkjwrO8njRKgLSD5tXwrWgaMtTOYy3eeKF9NFG9gtvP+7BTG N7Rg==
X-Gm-Message-State: AOJu0Yz2T9Tijpo6JvMPcwZl+OoM+Wexu0NJhSZW4qL3ubaSXPj2udCq 93e6fKShi1W1mPRiTCYT0d6xc6Ov7XQTapD8rYyNXjd2kfZOWR5b7Of0hMlWNkaZOr87tP19z2n 8Jci0li8eE5eP6R5SzIerIMUb9dUCc4wFuMgAzo2hh3DIxtoIyic=
X-Google-Smtp-Source: AGHT+IFH0tKtU87oF+Lb2EwPW7ElNXufxAyvA+6laXL3plj8JLRP7vyBXmP6DHniVG+oBJgSJWlzJ9vLFvEBK1sPHOQ=
X-Received: by 2002:a17:907:969e:b0:a2f:1cfc:679a with SMTP id hd30-20020a170907969e00b00a2f1cfc679amr1114752ejc.184.1705679064860; Fri, 19 Jan 2024 07:44:24 -0800 (PST)
MIME-Version: 1.0
References: <PR3PR02MB646049440B1D162AB22CA46887702@PR3PR02MB6460.eurprd02.prod.outlook.com>
In-Reply-To: <PR3PR02MB646049440B1D162AB22CA46887702@PR3PR02MB6460.eurprd02.prod.outlook.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Fri, 19 Jan 2024 05:44:17 -1000
Message-ID: <CAL02cgS9g1wy2FCMbWxJEq=jOR-KAeig0pLioFx4Nko0Z9YH2g@mail.gmail.com>
To: David Soler García <david.soler=40udc.es@dmarc.ietf.org>
Cc: "mls@ietf.org" <mls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000c3352b060f4e5ada"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/IkEm8uVEZi5TIP4vrVt9gP49tv0>
Subject: Re: [MLS] About Verifiable Credentials in MLS
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jan 2024 15:44:28 -0000
Hi David, Thanks for letting the group know about this. Personally, I would be interested to hear more. A couple of related things that might be of interest to you: 1. With regard to zero-knowledge: The IETF OAuth working group is working on VCs formatted as "selective disclosure" JWTs, which would allow a participant to disclose certain attributes but not others. It's not zero-knowledge, obviously, but it has some similar privacy objectives. https://datatracker.ietf.org/doc/draft-ietf-oauth-sd-jwt-vc/ 2. MLSpp has implemented the UserInfoVCCredential and MultiCredential schemes from the "additional credentials" draft. https://datatracker.ietf.org/doc/draft-barnes-mls-addl-creds/ https://github.com/cisco/mlspp/blob/main/include/mls/credential.h#L61 https://github.com/cisco/mlspp/blob/main/include/mls/credential.h#L125 Best, --Richard On Fri, Jan 19, 2024 at 1:39 AM David Soler García <david.soler= 40udc.es@dmarc.ietf.org> wrote: > Hi. I'm David Soler. I'm a PhD student and my thesis is oriented to > implementing MLS in a decentralised setting. I started a few months ago. > > I recently subscribed to the MLS mailing list and today I received that in > the next meeting in January 25th the topic of adding new credential > types, including Verifiable Credentials, will be addresed. > > I actually have been working in that topic: I have devised a > "Attribute-Based MLS" in which groups publish a set of attributes (such as > age or possession of a university degree) they require for participating in > the group. Thus, the subject of authentication is not the Clients' > identity, but the attributes they possess. Users with valid VCs can access > the MLS group through External Joins. I have also developed a PoC > implementation in OpenMLS. Though it is not developed yet, my plan is to > include zero-knowledge proofs (ZKP) to increase the level of privacy. > > If you think my work could be of interest to you, please let me know. > > Kind regards. > > > __________________________________________________________________________________________ > > David Soler García > > LIA[2] - Departamento de Ciencias da Computación e Tecnoloxías da > Información > > Universidade da Coruña > > Tfno. (+34) 981 167 000 Ext. 1264 > _______________________________________________ > MLS mailing list > MLS@ietf.org > https://www.ietf.org/mailman/listinfo/mls >
- [MLS] About Verifiable Credentials in MLS David Soler García
- Re: [MLS] About Verifiable Credentials in MLS Richard Barnes
- Re: [MLS] About Verifiable Credentials in MLS Jeffrey Burdges