New introduction to identity claims aggregation #197
Conversation
|
Closes #195. |
There was a problem hiding this comment.
I don't think that the word "signal" works here. In the definition of signal, it connotates a blip of communication rather than a reference to anything. I would use the word affiliation as it connotates an attachment of something to something. Here we are attaching an attachment of an identity to be included in the claims aggregation.
| @@ -788,131 +788,80 @@ Such updates to the specification SHOULD continue to use the `cawg.identity` ass | |||
|
|
|||
| === Identity claims aggregation | |||
|
|
|||
| In some use cases, an _<<_actor,actor>>_ in the system may wish to document their role in creating a _<<C2PA asset>>_ but does not have credentials with autonomous signing capability. | |||
There was a problem hiding this comment.
I would change to "contributing to a <>. It expands the options.
|
|
||
| In that case, they may arrange with an _<<_identity_claims_aggregator,identity claims aggregator>>_ to collect identity attestation claims from various _<<_identity_provider,identity providers>>_ (social media sites, ID verification vendors, etc.) and replay those identity attestation claims on their behalf to describe their role in producing a specific _<<C2PA asset>>._ |
There was a problem hiding this comment.
I would change replay those identity attestation claims to proxy those identity attestation claims
|
|
||
| 2. The _<<_identity_claims_aggregator,identity claims aggregator>>_ responds with a link (possibly a QR code) which points to a link:https://w3c-ccg.github.io/vp-request-spec/[Verifiable Presentation Request]. | ||
| These common identity signals, though popular, are not well-designed for use as lasting identifiers. Some of the challenges associated with these identity signals include: |
|
|
||
| 3. Alice then instructs her digital wallet to follow the QR code or link. | ||
| * The methods for accessing, describing, and presenting these signals are widely disparate. |
There was a problem hiding this comment.
I like "signal"; the presented information might not be an affiliation but a self-asserted statement (e.g., owning my own website)
| 3. Alice then instructs her digital wallet to follow the QR code or link. | ||
| * The methods for accessing, describing, and presenting these signals are widely disparate. | ||
| * These signals typically do not provide the ability to issue signatures on the _<<_named_actor,named actor’s>>_ behalf. | ||
| * The verification methods associated with these signals are typicially designed for momentary validation; they typically do not provide artifacts that can be independently verified at an arbitrary time (perhaps months or years after issuance). |
There was a problem hiding this comment.
I like "signal"; the presented information might not be an affiliation but a self-asserted statement (e.g., owning my own website)
|
|
||
| 4. Her wallet follows the link on her behalf. | ||
| To facilitate the use of such identity signals, the _<<_named_actor,named actor>>_ may use the services of a third-party intermediary that they trust to gather these signals and to restate them on their behalf. |
There was a problem hiding this comment.
affiliations not signals.
represent not restate.
There was a problem hiding this comment.
I like "signal"; the presented information might not be an affiliation but a self-asserted statement (e.g., owning my own website)
docs/modules/ROOT/pages/index.adoc
Outdated
| C2PA ->> C2PA: Finishes generating C2PA Manifest | ||
| C2PA ->> A: Final C2PA asset | ||
| .... | ||
| Once the _<<_identity_claims_aggregator,identity claims aggregator>>_ has verified one or more identity signals, the _<<_named_actor,named actor>>_ can then an authoring tool to create content. This authoring tool collaborates with the _<<_identity_claims_aggregator,identity claims aggregator>>_ to attach the identity claims which have been aggregated to date to the _<<C2PA asset>>_ being created. |
|
|
||
| 2. When Alice is ready to render her _<<C2PA asset>>,_ she signals to the authoring tool that she wants it to include a _<<_c2pa_manifest,C2PA Manifest>>_ with an *<<_identity_assertion,identity assertion>>* describing her role in producing the asset. |
docs/modules/ROOT/pages/index.adoc
Outdated
| C2PA ->> C2PA: Finishes generating C2PA Manifest | ||
| C2PA ->> A: Final C2PA asset | ||
| .... | ||
| Once the _<<_identity_claims_aggregator,identity claims aggregator>>_ has verified one or more identity signals, the _<<_named_actor,named actor>>_ can then an authoring tool to create content. This authoring tool collaborates with the _<<_identity_claims_aggregator,identity claims aggregator>>_ to attach the identity claims which have been aggregated to date to the _<<C2PA asset>>_ being created. |
There was a problem hiding this comment.
"can then use an authoring tool"
docs/modules/ROOT/pages/index.adoc
Outdated
|
|
||
| 9. This finalized _<<C2PA asset>>_ is then made available to Alice who can now distribute it as she wishes. | ||
| The _<<_identity_claims_aggregator,identity claims aggregator>>_ will produce a specific type of _<<_W3C verifiable credential,W3C verifiable credential>>_ called an “identity claims aggregation” that binds the identity attestation claims to the _<<C2PA asset>>._ This credential, once signed with the _<<_identity_claims_aggregator,identity claims aggregator’s>>_ signature, is the `signature` value for the *<<_identity_assertion,identity assertion>>.* The signature value is further described in xref:_verifiable_credential_proof_mechanism[xrefstyle=full]. |
There was a problem hiding this comment.
"This credential, once signed with the _<<identity_claims_aggregator,identity claims aggregator’s>> signature"
Technically, the ICA doesn't sign with a signature but with a private key
|
|
||
| 4. Her wallet follows the link on her behalf. | ||
| To facilitate the use of such identity signals, the _<<_named_actor,named actor>>_ may use the services of a third-party intermediary that they trust to gather these signals and to restate them on their behalf. |
There was a problem hiding this comment.
I like "signal"; the presented information might not be an affiliation but a self-asserted statement (e.g., owning my own website)
| 3. Alice then instructs her digital wallet to follow the QR code or link. | ||
| * The methods for accessing, describing, and presenting these signals are widely disparate. | ||
| * These signals typically do not provide the ability to issue signatures on the _<<_named_actor,named actor’s>>_ behalf. | ||
| * The verification methods associated with these signals are typicially designed for momentary validation; they typically do not provide artifacts that can be independently verified at an arbitrary time (perhaps months or years after issuance). |
There was a problem hiding this comment.
I like "signal"; the presented information might not be an affiliation but a self-asserted statement (e.g., owning my own website)
|
|
||
| 3. Alice then instructs her digital wallet to follow the QR code or link. | ||
| * The methods for accessing, describing, and presenting these signals are widely disparate. |
There was a problem hiding this comment.
I like "signal"; the presented information might not be an affiliation but a self-asserted statement (e.g., owning my own website)
No description provided.