Agenda
- Announcements
- GLEIF Issuing Production vLEIs this week
- Press Release
- GLEIF Reporting API
- Ecosystem Governance Framework documents published
- RootsID Demo'ed a Cardano Ledger Backer used to create an inception and several rotation events
- XBRL International Digital Signatures working group meeting
- GLEIF Issuing Production vLEIs this week
- Reports Immplementation of ACDCs
- vLEI
- ViRA (verifiable iXBRL Report Attestation)
- GS1 looking to implement in 2023
- HCF was older implementation but more work in future
- Items
- TLS with ACDCs
- Soon to be support for over the wire encryption for CESR
- We need to add support for variable length code for encrypted primitive
- Bare metal encrypted protocol for gossip protocol, over UDP for example
- Once we have codes for variable length encrypted primitives, they can be embedded in ACDCs or DIDComm messages
- DIDComm or TLS are options to use right now.
- With CESR we could have a scalable UDP streaming protocol
- Scalability and performance are the main reasons to use something other than DIDComm or TLS
- Authenticity, confidentiality and privacy are the three trade offs of the CAP theorem
- Encrypted at motion vs encrypted at rest
- DIDComm and TLS solve the encrypted channel (at motion) problem. But once received, the encryption are thrown away.
- With TLS alone and passwords you are vulnerable to attacks that can steal your password
- With KERI over TLS a TLS attack can make you vulnerable to loss of confidentiality because they can see the content but not loss of any secrets because there are no shared secrets with KERI
- Good tradeoff to use KERI over TLS now.
- In January we'll have codes for symmetric and asymmetric encrypted primitives.
- How about OIDC4VC & OIDC4VP?
- you can't have zero-trust with identity providers
- identity providers can become super aggregators
- Neil: The main use for VCs for OIDC is for Enterprise environments - not general internet
- Many websites are converting from passwords to passkeys which will allow to bypass OpenID
- What happened to DIDComm v3
- Daniel Hardman will be starting that work in January to define v3, heavily KERI influenced. Tentatively for January 9th 9pm CET
- Stripped down to what DIDComm does best
- Daniel: There is a DIDComm gossip protocol
- Lance: Should agents that have implemented DIDComm v1 transition to DIDComm v2 or wait for v3?
- Daniel- go ahead and move to v2 because that will get you closer to v3.
- Soon to be support for over the wire encryption for CESR
- GLEIF well-known root-of-trust
- TLS with ACDCs