Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C Verifiable Credentials

Orie Steele <orie@transmute.industries> Wed, 10 August 2022 18:31 UTC

MIME-Version: 1.0
References: <CAN8C-_K-w5QQqrZDS9VH2-gzOO9e+HS8b9nGvG+ZBjJ-PM-MCw@mail.gmail.com> <LV2PR21MB3350154C13FA8A6F9D940FA79C9C9@LV2PR21MB3350.namprd21.prod.outlook.com> <13e501d8a738$1b277ed0$51767c70$@reliableenergyanalytics.com> <CAN8C-_JvDwS4CTBJMm9YN8jdXnLATPg0j3xO5BFs+yraWZc2Yg@mail.gmail.com> <144801d8a73c$adb8dec0$092a9c40$@reliableenergyanalytics.com> <OS3PR01MB75270FA0BFF65C76B2AD2D58D19C9@OS3PR01MB7527.jpnprd01.prod.outlook.com> <OS3PR01MB75272702BC43C5DA50A57081D19C9@OS3PR01MB7527.jpnprd01.prod.outlook.com> <170b01d8a766$6cf8b110$46ea1330$@reliableenergyanalytics.com> <DS7PR21MB33410F208AF17F985E9D7F609C659@DS7PR21MB3341.namprd21.prod.outlook.com>
In-Reply-To: <DS7PR21MB33410F208AF17F985E9D7F609C659@DS7PR21MB3341.namprd21.prod.outlook.com>
From: Orie Steele <orie@transmute.industries>
Date: Wed, 10 Aug 2022 13:30:56 -0500
Message-ID: <CAN8C-_+f5rvhSDKxGCJ_SxBuhO4HwONx7ZkRSV2qnhpYvH1_uQ@mail.gmail.com>
To: Steve Lasker <Steve.Lasker@microsoft.com>
Cc: "dick@reliableenergyanalytics.com" <dick@reliableenergyanalytics.com>, "Hart, Charlie" <charlie.hart@hal.hitachi.com>, Steve Lasker <Steve.Lasker=40microsoft.com@dmarc.ietf.org>, "scitt@ietf.org" <scitt@ietf.org>
Content-Type: multipart/related; boundary="0000000000009ed26805e5e740ad"
Archived-At: <https://mailarchive.ietf.org/arch/msg/scitt/KUWhjn-T7OFiL3ctOVy9chvfrMQ>
Subject: Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C Verifiable Credentials
Precedence: list

> This just points to the value of having personal, company, industry
policy based trust stores

+1 to this, here are a few examples of how groups have formed their own
trust systems:

- https://www.iata.org/en/pressroom/pr/2020-12-16-01/ (aviation / travel)
- https://vci.org/issuers (healthcare)
-
https://support.apple.com/guide/keychain-access/what-is-keychain-access-kyca1083/mac
 (personal)

You can imagine scenarios where a more limited set of issuers  might be
required, or cases where you really want to be very open.

Regards,

OS

On Wed, Aug 10, 2022 at 1:21 PM Steve Lasker <Steve.Lasker@microsoft.com>
wrote:

> It’s an interesting example of whether a single root trust store is the
> best solution.
>
> Just because the browser trusts a root certificate, doesn’t mean it’s
> something we individually, or as a company believe is appropriate. We’ll
> just leave the specifics for obvious conclusion.
>
> This just points to the value of having personal, company, industry policy
> based trust stores
>
>
>
> *From:* SCITT <scitt-bounces@ietf.org> *On Behalf Of * Dick Brooks
> *Sent:* Wednesday, August 3, 2022 11:26 AM
> *To:* 'Hart, Charlie' <charlie.hart@hal.hitachi.com>; Orie Steele
> <orie@transmute.industries>
> *Cc:* 'Steve Lasker' <Steve.Lasker=40microsoft.com@dmarc.ietf.org>;
> scitt@ietf.org
> *Subject:* Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C Verifiable
> Credentials
>
>
>
> That’s correct, Charlie. OATI’s root cert is not included in the browser
> trusted certificate store.
>
>
>
> I’m not sure why they chose to do this.
>
>
>
> Thanks,
>
>
>
> Dick Brooks
>
>
>
> *Active Member of the CISA Critical Manufacturing Sector, *
>
> *Sector Coordinating Council – A Public-Private Partnership*
>
>
>
> *Never trust software, always verify and report!
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Freliableenergyanalytics.com%2Fproducts&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535074276%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=KsnfIaGAkqxuCxU3BKAdgZqmbrtafNTMzZMb0caF4Wg%3D&reserved=0>*
> ™
>
> http://www.reliableenergyanalytics.com
> <https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.reliableenergyanalytics.com%2F&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535074276%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=TBONEGxZB1mG%2FnXafj9GjDqeB47Pb5W0eQ6l6uTL2Wg%3D&reserved=0>
>
> Email: dick@reliableenergyanalytics.com
>
> Tel: +1 978-696-1788
>
>
>
> *From:* Hart, Charlie <charlie.hart@hal.hitachi.com>
> *Sent:* Wednesday, August 3, 2022 12:00 PM
> *To:* 'Orie Steele' <orie@transmute.industries>;
> dick@reliableenergyanalytics.com
> *Cc:* 'Steve Lasker' <Steve.Lasker=40microsoft.com@dmarc.ietf.org>;
> scitt@ietf.org
> *Subject:* Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C Verifiable
> Credentials
>
>
>
> (Side comment: I see that OATI is not a recognized root certificate
> authority by Mozilla or Apple - didn't check others - so the website is
> therefore inaccessible without relaxing security.)
>
>
> ------------------------------
>
> *From:* SCITT <scitt-bounces@ietf.org> on behalf of Hart, Charlie <
> charlie.hart@hal.hitachi.com>
> *Sent:* Wednesday, August 3, 2022 11:48 AM
> *To:* 'Orie Steele' <orie@transmute.industries>;
> dick@reliableenergyanalytics.com <dick@reliableenergyanalytics.com>
> *Cc:* 'Steve Lasker' <Steve.Lasker=40microsoft.com@dmarc.ietf.org>;
> scitt@ietf.org <scitt@ietf.org>
> *Subject:* Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C Verifiable
> Credentials
>
>
>
> Thanks Dick. That is really helpful for SCITT a lot of related projects I
> am working on.
>
>
>
> Charlie
> ------------------------------
>
> *From:* SCITT <scitt-bounces@ietf.org> on behalf of Dick Brooks <
> dick@reliableenergyanalytics.com>
> *Sent:* Wednesday, August 3, 2022 9:26 AM
> *To:* 'Orie Steele' <orie@transmute.industries>
> *Cc:* 'Steve Lasker' <Steve.Lasker=40microsoft.com@dmarc.ietf.org>;
> scitt@ietf.org <scitt@ietf.org>
> *Subject:* [EXT]Re: [SCITT] Endor: A SCITT PoC for W3C Verifiable
> Credentials
>
>
>
> Orie,
>
>
>
> Here is a high-level overview of the authentication mechanism and tracking
> used today for OASIS, inter-tie electricity scheduling.
>
>
>
> Everything starts with the NAESB registry (EIR);
> https://www.naesb.org/pdf4/webregistry_mo_registration_quick_ref_guide_v1.0_0417.pdf
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F1IukwuhEQqregcVfBu_YTf7qloyu0S9CLEMvuw998GuhDfEFcipDth2Xtizyt11QWJE_rg9tKWNdFy9sR6AYzFs5C9RVZkYIdTyO90iI560dk7KjlRPsssiji4ni2uFgQoviKwbEitz9W0A-Jkx8qlZ-bf02dT2GpXl7-qqNgMCReV-n9bPYr7-gF7wRDuDdEpNTctYLkQFh_ODy3F4KcLc2yzJA66rSl-AObqSJo6LSNwG5QHs27-jxMPvsyvzy25FLEf6Q2NCVCA80ajyeRx-DLlAeVOtx8sKKHCAdqS60vvgk6XONNeacK9KVifmF7%2Fhttps%253A%252F%252Fwww.naesb.org%252Fpdf4%252Fwebregistry_mo_registration_quick_ref_guide_v1.0_0417.pdf&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535074276%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Lpe6kjBNiRZB787RBXZhVni30sGRs5WSm8w%2BvkivaXE%3D&reserved=0>
>
>
>
> Entities involved in inter-tie electricity transactions must register with
> NAESB’s EIR, see link above.
>
> The registration process requires a party to obtain a NAESB compliant
> X.509 certificate from an accredited certificate authority (ACA);
> https://www.naesb.org/pdf4/ac_authorities_2022.pdf
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F1T_py857nSLdfkwTRZ1F7IUeOLa0Mr0av8bfeuUJwVfOrnlR9B8EzOzxv92Uz4iu2yhDeR4WKL_eKK39aC0HZNHbI0L6S2ynYyf3MIqoWrhcKic931Qc8ha00DiNeKcev3mIQGWSdmm3oQWFZZeYhZ_XBpcojw3HL66SqprENJXYRuXx_69m7-vIbXr6m_muJ25A0-WOODvl0ZvSKLB5bCCNQHy8CETUnFlhi7KK4XlPGw6ngc0NPELIFd66qeSsonDSqajtS6_XsVDeQZ9afWewRkWRR2CS3RPxKELdvgtWbTLdNUMEo_OVauUoZUAaf%2Fhttps%253A%252F%252Fwww.naesb.org%252Fpdf4%252Fac_authorities_2022.pdf&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535074276%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=R2Qnv%2FGBaZuynbfRYUNUHNZIuuWchfIica0jLbpdl5M%3D&reserved=0>
>
>
>
> Entities use their digital certificates for identification in OASIS;
> https://www.naesbwry.oati.com/NAESBWRY/sys-index.wml
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F1K2p4qEguxjMHN9-wdAstRzAre5VeA0Zed0mvgfndElWXB3ORaiJPQc8AT7JJNrTMjapfMno_fFQCf0Y62gyPgnjQbEmdVMFYieaur2q043F0tN564aUJcAdmTBs4wbQV9V3zBPE-_4E3LKMveTRd4EEA3R0FVZKKh4vLBs4hzSu8wqJmm85OMK7l0hlniB0BYAgK4rRAKxGyo9m2gQbGh64ogBMsxFwFgbsiArp0Y6fdpXW0-RGp2kcNruYE4OtklUzkSHLHYNwG_4xj3QZVT0CcrM1parwb_zHxkQwcXBjyXQwqawaXGq5azf6Ymysk%2Fhttps%253A%252F%252Fwww.naesbwry.oati.com%252FNAESBWRY%252Fsys-index.wml&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535074276%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=gSGGqon0SBnWTei4HSVexS%2B%2BfJWmF7HdKvDb1kTwRkg%3D&reserved=0>
>
>
>
> Inter-tie transactions are scheduled and tracked, using an E-TAG;
> https://en.wikipedia.org/wiki/NERC_Tag
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F1jg0PAl4xaAUqdpMj0XlwOYUgtyWJ8AEDByMI06i_FhGx7hBsVedp3De0cfsLDJrOWQk0OpLsHA-LZhek33mGBHnd1yGGQeO7gyBdmpJ8iJUh1jEMhZRFRhVJl0de4TxzOc-JCGbVPgYXa-8-oyvGUdvqCL1u0riyE5i35ZXxhgFrK5jS167ftdpGerze8DpFzv01q-lfBzQY3KxMikI7Aq599QaeahZrP9NaHPsunaoGrxrKD2WGOgLGAbiIogZvwqD6F-rbN2lIbrdeJZSVYw42P3L69rJ7XlgeaYjhgkVyPIJ1HC1whjq-NLkd-N0k%2Fhttps%253A%252F%252Fen.wikipedia.org%252Fwiki%252FNERC_Tag&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535074276%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=jcDEq04tpnn4Xu4XTU2D2SWEVfuZZXoTqtKWg8CTkVE%3D&reserved=0>
>
>
>
> E-TAG’s are used to “connect the dots” and settle transactions that flow
> across Balancing Authroities.
>
>
>
> Hope this helps.
>
>
>
> Thanks,
>
>
>
> Dick Brooks
>
>
>
> *Active Member of the CISA Critical Manufacturing Sector, *
>
> *Sector Coordinating Council – A Public-Private Partnership*
>
>
>
> *Never trust software, always verify and report!
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F1uy0clDWHgs8Om4IdyHuQzeSluoA8y61U3xQt6svGk4U9mgvOzG2j87xdGPNZwfL_6NeZLyvs2RtDXbQkJ-uy5FySOKYDraC9BCS46sTnuZZuNABtffYE50uYM3Wm6rGdSXPbIPyLIo1S9U5eKgRY62SvXzyvZStiEIy-g4zrHrqiwoZ4G2AfwJHqEMJbnR-Z8wwwLfANn8naHWq7IhHtieZojGBeisJx2LyDGehov7fBpcHgRQuNF-I-Idh5jB6CnEp4puLs01qMMVa-dVd11j8FHVTLpLcooV6gqqaabRENW_QqNKXvWegEhvV1Ow4u%2Fhttps%253A%252F%252Freliableenergyanalytics.com%252Fproducts&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535074276%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=kEFGwuLi1p2Fb%2BF5wvXOfCa1c8cAPh8l8BI4WXTaIp0%3D&reserved=0>*
> ™
>
> http://www.reliableenergyanalytics.com
> <https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsecure-web.cisco.com%2F1GaJ6l5AOFj6kxiBsMksWncl4vuiZ-pUmsWTXCh5o60xFuI9fXHdmN1JPI17VWNKtRAJykdCd5QOfGdmalJsZes_8gztMRvB-TvoYWb6WOAm14Usouk0VNKr4H31T9BT5T0w1SnOo7YCh-3jVo0P2A80_8zELCxl4Ngnjzy7TfQm5dwNV_k8eKhiVi6wwvKSudLmuLC5ig0f-n4vQfqd3zlefh4egnP1zyrbhWoo50tuzH3ceMULrOjDHUs9QVKGe8Q74awwW_o1b6KYbqOP7Z8sQrpBMjf_ClYd-WXRlq6NNIXX0Ncd2niPfogZIcU6Y%2Fhttp%253A%252F%252Fwww.reliableenergyanalytics.com%252F&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535074276%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=edem0R5mX%2BXaUssyXoTyrm1iugZmeyxqDIrxvtcVmvM%3D&reserved=0>
>
> Email: dick@reliableenergyanalytics.com
>
> Tel: +1 978-696-1788
>
>
>
> *From:* Orie Steele <orie@transmute.industries>
> *Sent:* Wednesday, August 3, 2022 9:09 AM
> *To:* dick <dick@reliableenergyanalytics.com>
> *Cc:* Steve Lasker <Steve.Lasker=40microsoft.com@dmarc.ietf.org>;
> scitt@ietf.org
> *Subject:* Re: [SCITT] Endor: A SCITT PoC for W3C Verifiable Credentials
>
>
>
> Thanks!
>
>
>
> I am interested in applying Verifiable Credentials to energy use cases,
> even if we don't have customers in that sector today.
>
> The calls are open (https://github.com/w3c-ccg/traceability-vocab#meetings
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F1HgK84MRR4bzXYAE7Niaeb8pYlkoyIfmiR0g4Dwj3DQJAh8OlSJW5p7TckF_9U5dHGeGuxJhuDgslYxAZNOsxcRUvIxstDWa3DOjtKeNjD-_Hps6IsgjIJjvkoJM6z6RXWAtxjfWtD3HV63XpkV_CEsvexRY-o5lFOUDFBoLvOST5pm3bbQJt3vdY1-67GIT9kXmrMYnnWWXvjuDcZkNODE1fmxIV1SYT7tQT9JveadGh5Z92HkOF2nqx92HaLeF53pxMJ1kYS8DiFQiewlQiLm9iNH3U9ZkX9n0d4hCRmD8Sp062hKxDB9F-2b8UFejS%2Fhttps%253A%252F%252Fgithub.com%252Fw3c-ccg%252Ftraceability-vocab%2523meetings&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535074276%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=sx0%2BPp8rkZjTjYBIcGVzqhvubsx%2Brt9GZN8NvLgZKCc%3D&reserved=0>),
> but fair warning that most of the work happens on github async, and we
> usually just process issues and PRs during call time.
>
> There are also aspects of Verifiable Credentials that I believe are
> relevant to the structure of endorsements / receipts:
>
> The concept of "evidence":
>
> - https://www.w3.org/TR/vc-data-model/#evidence
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F1q-6jNVM6JiTVpXBQDNrSw3REGqFIliEx86xQ3m1hKtfX38eVvCRSGYTej4K2SK8mdFcn2JqBZgNoMPS_rcXVBpyF1l5PmPOoFcCN-jmLI5CobgwDRSgnNTCovBIYUYq-zsaSmiiEAjGR8kgswrCi8csy-ZzBotSGM-M-GgM63-EeON2WUp7tplgZcM0drfvbvSkPmJNyhQ7IVz_JWZxPH45UgBXDwg3rEsIvPQjU2jV8dtlLOSr9PG4zRhRFcn9AsvFV6OrKVwmbgHSCHZuRW-k3T397qO__A7xJXOWprvooFuCc9y3ROkMuPUf12DNw%2Fhttps%253A%252F%252Fwww.w3.org%252FTR%252Fvc-data-model%252F%2523evidence&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535074276%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=lKfHYqDX4bNK65KwIXhdco%2BM9ozgxX55oetF9G56sqo%3D&reserved=0>
> -
> https://datatracker.ietf.org/doc/html/draft-ietf-cose-countersign#section-3.1
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F13CILjI0celZHQgVsa-DDsoLq4Y6By6DHs7W3LY0H0AaoPvolfKPwURAqZMWPsqbcYMf_kWUKJ-sA8NLPu8wziluBz0l68B1CFniaOfUMqbMnF6C6XI8csVpayR5nSduP0DzdtYVrex3bRpGSYyBCgbFgdA9HbqgX48TPfCCsHHqaKMfCgJpqP1qqkn_Rvw8fRnwCncrbvhrPVrZR2672B85djLFYzQp6QkfNZLX2m7CyYa7EPkxXYtqpqrgKQ86Yl61tsyZjFCIlMY3qaHk_-T7iJ8rYjvtEwV0uGSDPKFXIQ-beS1aVt3d7utZHCYYa%2Fhttps%253A%252F%252Fdatatracker.ietf.org%252Fdoc%252Fhtml%252Fdraft-ietf-cose-countersign%2523section-3.1&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535074276%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=lyNnb15FoMpqG3YqaZ7Q%2B%2BwQ58m6%2B36WgJ0L0cr0uRo%3D&reserved=0>
> - https://datatracker.ietf.org/doc/html/rfc4998
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F17DAGq2foFEYXkhjzWI_n3yyo-dU8HMigJwlon4x4SGlq2nwnPypo_SZZqn_HVrT0rymuTwcEF4muUKWKqsOGLkvOVa-LFd_al2zZ_lLftgtmhzFQhRFS7caOQJT0nf29VQs3woHnI7EoIfq1qF_87Py293jXAOIKL085OwcNuJbugCi46HG7Aoa0iPHiyavETuibYIlyB9E0dX9ck-eC39YMnZLGZAbf_U_zNKqeI-AYJbaKiKSYOMap89Xfp9wsrscC0zBwrQyJbQeJeX0W6bmWhWAyUuBgeHltrwzsA_eV6OT02qMLpg525iRIanpK%2Fhttps%253A%252F%252Fdatatracker.ietf.org%252Fdoc%252Fhtml%252Frfc4998&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535230169%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=paf%2B35b2TBlTemh2b0wOG3b%2FsYpfwZ60IvQ5DJeIHrk%3D&reserved=0>
>
>
>
> As one example.
>
> I am hopeful that the next version of the Verifiable Credentials
> specification can point more directly to IETF RFCs to make its arguments,
> even if the json data model can't be updated to support CBOR / COSE as a
> first class citizen this round.
> Perhaps the next charter for that WG might support this better, if we pave
> the way with examples.
>
> Regards,
>
> OS
>
>
>
> On Wed, Aug 3, 2022, 7:54 AM Dick Brooks <dick@reliableenergyanalytics.com>
> wrote:
>
> I agree. This paper by Orie, Michael, Brian and Mahmoud is very useful as
> guide for terminology and semantics.
>
>
>
> I can provide the authors with a description of how we track electricity
> transactions for inter-tie scheduling, called OASIS a NAESB standard, if
> interested.
>
>
>
> Thanks,
>
>
>
> Dick Brooks
>
>
>
> *Active Member of the CISA Critical Manufacturing Sector, *
>
> *Sector Coordinating Council – A Public-Private Partnership*
>
>
>
> *Never trust software, always verify and report!
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F1uy0clDWHgs8Om4IdyHuQzeSluoA8y61U3xQt6svGk4U9mgvOzG2j87xdGPNZwfL_6NeZLyvs2RtDXbQkJ-uy5FySOKYDraC9BCS46sTnuZZuNABtffYE50uYM3Wm6rGdSXPbIPyLIo1S9U5eKgRY62SvXzyvZStiEIy-g4zrHrqiwoZ4G2AfwJHqEMJbnR-Z8wwwLfANn8naHWq7IhHtieZojGBeisJx2LyDGehov7fBpcHgRQuNF-I-Idh5jB6CnEp4puLs01qMMVa-dVd11j8FHVTLpLcooV6gqqaabRENW_QqNKXvWegEhvV1Ow4u%2Fhttps%253A%252F%252Freliableenergyanalytics.com%252Fproducts&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535230169%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=MYcSiz2t7vc3nJM%2B40Xw5J9ZLEGd8sL7Qf3CIYAY5is%3D&reserved=0>*
> ™
>
> http://www.reliableenergyanalytics.com
> <https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsecure-web.cisco.com%2F1GaJ6l5AOFj6kxiBsMksWncl4vuiZ-pUmsWTXCh5o60xFuI9fXHdmN1JPI17VWNKtRAJykdCd5QOfGdmalJsZes_8gztMRvB-TvoYWb6WOAm14Usouk0VNKr4H31T9BT5T0w1SnOo7YCh-3jVo0P2A80_8zELCxl4Ngnjzy7TfQm5dwNV_k8eKhiVi6wwvKSudLmuLC5ig0f-n4vQfqd3zlefh4egnP1zyrbhWoo50tuzH3ceMULrOjDHUs9QVKGe8Q74awwW_o1b6KYbqOP7Z8sQrpBMjf_ClYd-WXRlq6NNIXX0Ncd2niPfogZIcU6Y%2Fhttp%253A%252F%252Fwww.reliableenergyanalytics.com%252F&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535230169%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=HND5DLyP22eqBJdlood7UQwe1sPdzgi9vgKZhs7UFdc%3D&reserved=0>
>
> Email: dick@reliableenergyanalytics.com
>
> Tel: +1 978-696-1788
>
>
>
> *From:* SCITT <scitt-bounces@ietf.org> *On Behalf Of *Steve Lasker
> *Sent:* Tuesday, August 2, 2022 8:21 PM
> *To:* Orie Steele <orie@transmute.industries>; scitt@ietf.org
> *Subject:* Re: [SCITT] Endor: A SCITT PoC for W3C Verifiable Credentials
>
>
>
> Very cool, Orie.
>
> Love the sandbox experiments
>
>
>
>
>
> *From:* SCITT <scitt-bounces@ietf.org> *On Behalf Of *Orie Steele
> *Sent:* Saturday, July 30, 2022 2:08 PM
> *To:* scitt@ietf.org
> *Subject:* [SCITT] Endor: A SCITT PoC for W3C Verifiable Credentials
>
>
>
> I made this today:
>
> https://github.com/OR13/endor
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F1JdHGvnoZNb-fsV-unMzNkw21OKT7rRYo5H60Wa4K-Q4p7fB8jPlLTjzltfaxYOFnI68iv9RdZu4eeZzCvslBoPZThRfqgjbkIpAc_QAmXII8wXvclTmJp1PwWBck7W8vUKCgPgTPKwAgR4azwJsBLeLGe7E_NyiTmvg20gtS7omF01B7xzwXNs2jk4HRv9cwHQUOknpcyXaDoXN69mDdag7A6KlfSI3EnnlDQtYrlaKovDQmzajAmTkxfuCfWTP_pf0IHh1ylWT3YFkVxRBNLDyDNrCvdIUdSvpseyxcBy2VV7YxaRLm7g0FGZCbhIv6%2Fhttps%253A%252F%252Fnam06.safelinks.protection.outlook.com%252F%253Furl%253Dhttps%25253A%25252F%25252Fgithub.com%25252FOR13%25252Fendor%2526data%253D05%25257C01%25257CSteve.Lasker%252540microsoft.com%25257C79cb3d326bec41bf51ac08da726fb0f1%25257C72f988bf86f141af91ab2d7cd011db47%25257C1%25257C0%25257C637948121310174010%25257CUnknown%25257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%25253D%25257C3000%25257C%25257C%25257C%2526sdata%253DGdRRD0aMpzOJQIcqCyhajcz2NXRZH4irlRR31FFausk%25253D%2526reserved%253D0&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535230169%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=6IV8599BgU3xL5N4L63IGHQniTIIJS5twOQxrQ3j09M%3D&reserved=0>
>
> As it says in the readme, this is just a toy example I made up to
> experiment with.
>
> The nice thing about endorsing W3C Verifiable Credentials is that they are
> already an abstraction that applies to "non software supply chain" use
> cases...
>
> For example, we model cyber physical supply chain flows using them:
>
> https://w3id.org/eability
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F12vv3ms4fQAlyFEE4k1zPXuwNVQhbw5JZJG1gBL6pcqttkVpsiI3zrO00D8muCuDxuryJz9JNlTjNav5jhFZwmrDOzf2g002uvnOa4j5zplIUKqg9fIr9y-JZ4w5q4mXJXza6z62EHNy6BzBsjPIluYavv0fR109auX6z1titrQhnW1fmk_usfbPqwJgY780ZABU5QTV12sZSiHaInC4MzZokObYCrnulteZlYaIml9emeQtOkK5mYExh0HK13aas-6VpgxE3PbRyBO3h9W_wUt3BpoaWT0QrjMaAM3NSTsiDsayitR5Pm48JR4E_wr_U%2Fhttps%253A%252F%252Fw3id.org%252Feability&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535230169%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=972dszTN6A5wL%2BF9grdajdo0Mps2SCZNrXEF9FQTBL4%3D&reserved=0>
>
> There are a number of organizations looking at oil and gas, steel,
> ecommerce, and agriculture supply chains.
>
> Often they will share some common trade documents such as Bills of Lading
> or Commercial Invoices.
>
> These are examples of "SCITT Artifact Types" which you might expect to see
> across various distinct supply chain use cases.
>
> However, as is the case with Oil and Gas needing to account for fluid
> dynamics, and software needing to account for compilers, build servers and
> various source files, there are cases where you may need to model
> components of a supply chain with Verifiable Credentials that are highly
> specific to the use case.
>
> If you can tolerate modeling in RDF, W3C Verifiable Credentials come with
> a built in abstract data model that integrates well with existing industry
> ontologies such as:
>
> - https://www.ebi.ac.uk/chebi/
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F1xFJzJsWalPbOckWorQVNuB3cCxcqr_4Pnqdh8BSqQrkm5N_-bHyC7w5_vXmkyt3-yiVfIj2Taw61Ngm4aT3AjD2Qv9jcxLAp632sCb0f7Z5opQ1IopQYFh035H3GJnum5M15fE7-kYGBh8eU24y4DJKQAGfZ6-2bMGAFBVdqq-7OCluOKHpJ7klc1xO775JEUod25j8sSRq32VCH023VBaqj9QgsfC-48IxN6LcJbg6jK3GgYWuUW9etiMl5z6YA0zskfxChMC6yEEFi8jPu3jPIy1SKm5Zu3HDbk7_-aS_gzJ-Kg45rGJrtq0L6Yh9Y%2Fhttps%253A%252F%252Fnam06.safelinks.protection.outlook.com%252F%253Furl%253Dhttps%25253A%25252F%25252Fwww.ebi.ac.uk%25252Fchebi%25252F%2526data%253D05%25257C01%25257CSteve.Lasker%252540microsoft.com%25257C79cb3d326bec41bf51ac08da726fb0f1%25257C72f988bf86f141af91ab2d7cd011db47%25257C1%25257C0%25257C637948121310174010%25257CUnknown%25257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%25253D%25257C3000%25257C%25257C%25257C%2526sdata%253DbXykuDkWeLmveTLjWO5zepwu20MQ5H8LIcQJyCaKN%25252BM%25253D%2526reserved%253D0&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535230169%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=%2BCChwvBvYne57MI0bZIpilx5QqSX8QCKjS3JSSZlgjI%3D&reserved=0>
> - https://qudt.org/
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F1wTZmUTRG0X-fSLt6dzZoQCNorRuSvOgI2Zkd9g1PT-Iict4ikGg0GMZvBAIgZsC1maaOAyMgHegWdFG3dXEcQrYKnrjpiOl7OWCtiRGcjVJC4W7PiyfkrkoEDMc-WVzXjqIc3RTjhCVEO2Hy1KcH5Xg8lqTshdNo9NGPllnHT63UctpLAAQ4N8tGBMfu3q7YUicxI0zcgap8yD60I8HL33SfI2MFnr2DphA42faHPK6e5mePI5N1MZuhmdt3ou2MvF4zqUj9xhZGwb3nRkquaaObQFWXt8G-nog2o8iwaQFLpUTsPJbOJlpOLnLalkAL%2Fhttps%253A%252F%252Fnam06.safelinks.protection.outlook.com%252F%253Furl%253Dhttps%25253A%25252F%25252Fqudt.org%25252F%2526data%253D05%25257C01%25257CSteve.Lasker%252540microsoft.com%25257C79cb3d326bec41bf51ac08da726fb0f1%25257C72f988bf86f141af91ab2d7cd011db47%25257C1%25257C0%25257C637948121310174010%25257CUnknown%25257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%25253D%25257C3000%25257C%25257C%25257C%2526sdata%253DQOs%25252F5MIMJSm%25252BkqzHSSxV6MtsA4mOIzanJ6Vwtpl4NO8%25253D%2526reserved%253D0&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535230169%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=YYx2ssQ0gOhgKVviLNwHExeQE%2Br9XdN8vz%2BxjTJY7Cc%3D&reserved=0>
>
> My main complaint against W3C Verifiable Credentials is the limitation to
> JSON representations, if we could represent RDF in CBOR, we would have the
> best of both worlds with the main remaining disadvantage being the
> namespace overhead inherent in RDF.
>
> If you drop that, you will likely need some registry or algorithm process
> for handling collisions and interoperability, but there are various
> solutions to those problems.
>
> If you feel I butchered any of the concepts or terminology, feel free to
> yell at me here or on github issues, as I said, I made this today, it's not
> reflective of actual SCITT architecture, it was just to explore the space.
>
> Regards,
>
> OS
>
>
>
> --
>
> *ORIE STEELE*
>
> Chief Technical Officer
>
> www.transmute.industries
> <https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsecure-web.cisco.com%2F1Pqu2CqEyHo4isckQh51PNnQ8tUbRhJ7fbWyn-w7XWT8mKjJG9jHB52pzDC91cVOUDvvB6yXP7TPyKL-6KQw4nyDVUvafmadZHo9d8Ch-lC1xIGYylhkgiUeEJlkJzb-8_bPpc3HM-numNyVUnz3wy-QWiv7Bwzc0EZvjlrk8l2zMTP7sgOAXQE64zUCay7yyWGYJm91CoHDytU3DDP8fEQdoS8GBRvo94T1w1wYmTEFjJWuq9_05ol76LbaYkHTQoZhRROFIusDfu9XNDv5Ofj1Xk0y_YmZkz6KS0Mx2eClGFuUIOo_FtTiX7i0x16EI%2Fhttp%253A%252F%252Fwww.transmute.industries&data=05%7C01%7CSteve.Lasker%40microsoft.com%7Cd8d28e6d530b4f586a9b08da757d9685%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637951480535230169%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=tp6XOluv3mRxCU5PJa3Qgu2zy1w37PdLPbeU1QrXLyo%3D&reserved=0>
>
>
>
>

-- 
*ORIE STEELE*
Chief Technical Officer
www.transmute.industries

<https://www.transmute.industries>

Attachment: image001.png
Attachment: image002.png
Attachment: image003.png

[SCITT] Endor: A SCITT PoC for W3C Verifiable Cre… Orie Steele
Re: [SCITT] Endor: A SCITT PoC for W3C Verifiable… Steve Lasker
Re: [SCITT] Endor: A SCITT PoC for W3C Verifiable… Dick Brooks
Re: [SCITT] Endor: A SCITT PoC for W3C Verifiable… Orie Steele
Re: [SCITT] Endor: A SCITT PoC for W3C Verifiable… Dick Brooks
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Hart, Charlie
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Hart, Charlie
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Dick Brooks
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Dick Brooks
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Steve Lasker
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Orie Steele
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Dick Brooks
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Steve Lasker
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Dick Brooks
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Carl Wallace
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Dick Brooks
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Steve Lasker
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Carl Wallace
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Steve Lasker
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Carl Wallace
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Dick Brooks
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Steve Lasker
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… ProSapien Sam Smith
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Dick Brooks
Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C V… Carl Wallace

Re: [SCITT] [EXT]Re: Endor: A SCITT PoC for W3C Verifiable Credentials

Attachment: image001.png

Attachment: image002.png

Attachment: image003.png