Re: [GNAP] About the use case called "Self sovereign identity (SSI)"
Justin Richer <jricher@mit.edu> Fri, 21 August 2020 13:02 UTC
Return-Path: <jricher@mit.edu>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5DB03A0962 for <txauth@ietfa.amsl.com>; Fri, 21 Aug 2020 06:02:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UZpUBvhtQJLH for <txauth@ietfa.amsl.com>; Fri, 21 Aug 2020 06:02:09 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 854303A095E for <txauth@ietf.org>; Fri, 21 Aug 2020 06:02:09 -0700 (PDT)
Received: from [192.168.1.11] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 07LD23Xi004284 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 21 Aug 2020 09:02:04 -0400
From: Justin Richer <jricher@mit.edu>
Message-Id: <F07775DA-58ED-4C3E-A780-3D8864DD8DF7@mit.edu>
Content-Type: multipart/alternative; boundary="Apple-Mail=_9734F5B3-020A-4C26-A01C-B0EE9620401E"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
Date: Fri, 21 Aug 2020 09:02:03 -0400
In-Reply-To: <84df3d97-841d-5dea-477b-465866bcffaa@free.fr>
Cc: Francis Pouatcha <fpo@adorsys.de>, "txauth@ietf.org" <txauth@ietf.org>
To: Denis <denis.ietf@free.fr>
References: <84df3d97-841d-5dea-477b-465866bcffaa@free.fr>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/zfMtfrlRZwEnx68mseTllVojs_M>
Subject: Re: [GNAP] About the use case called "Self sovereign identity (SSI)"
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Aug 2020 13:02:12 -0000
The SSI trick is not the ticket — the SSI portion here is "She indicates that she is a resident of Bamberg”. We’d like Alice to be able to do that in a verifiable and programatic way that we can enable in the protocol flow. — Justin > On Aug 21, 2020, at 8:48 AM, Denis <denis.ietf@free.fr> wrote: > > > Hello Francis, > This WG has not been formed to address SSI (Self sovereign identity). This use case can be solved without using an AS and a RS > and without using a "Self Sovereign Identity (SSI)" approach. > > - Alice visits the website of AC-Tickets. > > - Alice looks up and finds "Bamberg Symphony", the concert she wants to attend. > > - Alice is informed that she can get a discount price if she is a resident of Bamberg. > > - Alice fills a form and enters the requested information. > She indicates that she is a resident of Bamberg and so she gets the discounted price. > > - Alice makes the payment using 3D secure. > > - Alice gets back a QR code on her phone that will be scanned when entering the concert hall. > > - Alice goes to the concert at Bamberg Symphony. > > - At the entrance gate, Alice presents her QR code which includes a unique identifier for this concert, the date and time of the concert, > her seat number reservation, her family name and her first name and the fact that the ticket price is a discounted price available only > for the residents of Bamberg. > > - If the person controlling the QR-codes at the gate has some doubt that Alice is indeed a resident of Bamberg, > she asks Alice to present her ID card or her passport which includes her home address and even more important her picture. > ("On the Internet, nobody knows you're a dog". Peter Steiner's cartoon, as published in The New Yorker on July 5, 1993). > > This is simple, efficient and easy to implement right now. > > This is roughly how train reservations are working on the French web site oui.sncf. Some one over 60 can request a discounted railway ticket . > If the train controller has some doubt that the bearer of the discounted railway ticket is really over 60 after scanning the QR code, he will ask > the person to show an identity card or a passport at the platform entrance or while in the train. Not only the year of birth will allow to make sure > that the individual is indeed over 60 but in addition the name on the identity card or the passport will be checked against the name on the railway > ticket and that picture matches with the face of the person in front of the train controller. > > Anyway, IMHO, I don't believe that this use case should be solved using GNAP. > > Denis > > PS. This use case has been posted here: > https://github.com/ietf-wg-gnap/general/wiki/SSI-integration#alice-purchasing-a-concert-ticket-without-disclosing-her-identity <https://github.com/ietf-wg-gnap/general/wiki/SSI-integration#alice-purchasing-a-concert-ticket-without-disclosing-her-identity> > -- > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth
- [GNAP] About the use case called "Self sovereign … Denis
- Re: [GNAP] About the use case called "Self sovere… Justin Richer
- Re: [GNAP] About the use case called "Self sovere… Francis Pouatcha
- Re: [GNAP] About the use case called "Self sovere… Francis Pouatcha
- Re: [GNAP] About the use case called "Self sovere… Fabien Imbault
- Re: [GNAP] About the use case called "Self sovere… Andrew Hindle