Global Interworking with W3C Verifiable Credentials (Guest blog by Crossword Security)
Two international projects are currently underway to demonstrate and facilitate the global interworking of W3C Verifiable Credentials (VCs) with decentralised identifiers (DIDs). W3C VCs allow users to replace their existing paper-based certificates and plastic cards with electronic credentials that they store in their digital wallets. Users will collect their VCs from a variety of issuers e.g. banks, governments, universities, hotels, airlines, the NHS etc., will store them in their digital wallets, and then present them to verifiers such as web sites, airline check-ins, security guards etc. when they want to gain access to resources. Pilot schemes are already in operation, such as presenting your proof of age when purchasing alcohol in supermarkets in California, or presenting your COVID-19 certificate to show that you have been immunised. However all pilots today are using proprietary protocols due to the lack of standards. The two projects described here aim to rectify this.
The first interworking project is the EU funded Next Generation Internet (NGI) Atlantic project entitled "Next Generation SSI Standards”. This is being led by the author, and the consortium partners are Spruce Inc in the US and Fraunhofer in Germany. This NGI Atlantic project is committed to using the OpenID for Verifiable Credentials (OIDC4VCs) suite of draft standard specifications, which the team is helping to define within the OpenID Foundation. This suite of protocols, which is being built on top of the popular OAuth2 protocol that is widely used e.g. by Google and Facebook, comprises OpenID for Verifiable Presentations and OpenID for Verifiable Credential Issuance. These protocols allow a digital wallet, which could be an app in a smartphone, or a web-based wallet, to pick up a W3C Verifiable Credential from any issuer, store it in their wallet, and subsequently present it to any verifier e.g. a web site that the user wishes to access. Besides demonstrating interworking between Europe and the USA, this project will also deliver an open source test suite that suppliers can use to test their W3C VC implementations for conformance to the OIDC4VCs protocol suite for both credential issuing and verification. Some tests are being added to the W3C CCG Traceability test suite (written in POSTMAN) and some are being added to the Open ID Foundation's existing OpenID Connect conformance test suite (written in Java). Further details about the project can be found at the project web site.
The second interworking project is the Walmart funded Jobs for the Future (JFF) Plugfest. The JFF Plugfest has over 30 participants from North America, Europe and Australasia, who are collaborating together to show the interworking of a qualification certificate that could be used when applying online for a job. Because there currently is not one finalised and published standard protocol for the transfer of Verifiable Credentials, JFF has decided to let the participants choose amongst themselves which draft standard protocol to use. Three protocol suites have been chosen: OIDC4VCs (as being used in the NGI Atlantic project), VC-API with CHAPI, and DIDComm. The plugfest comprises three events. Plugfest 1, which completed in September, demonstrated that the electronic wallets could successfully store and display the JFF qualification credential to its owner. Plugfest 2, scheduled for 14 November 2022, requires each VC Issuing software supplier to demonstrate the issuing of the JFF credential to the wallets of at least two different wallet software providers, whilst each wallet software provider must obtain a JFF credential from at least two other VC Issuing software providers. Plugfest 3, scheduled for February 2023 will require each wallet to demonstrate the presentation of a Verifiable Presentation containing the JFF credential to at least two different verification software suppliers, and each verifier must demonstrate that it is capable of accepting a VP/JFF VC from at least two different wallets.
The success of these two projects should catapult the acceptance of inter-workable W3C Verifiable Credential products to the market.
Help to shape and govern the work of techUK’s Cyber Security Programme
Did you know that nominations are now open* for techUK’s Cyber Management Committee? We’re looking for senior representatives from cyber security companies across the UK to help lead the work of our Cyber Security Programme over the next two years. Find out more and how to nominate yourself/a colleagues here.
*Deadline to submit nomination forms is 17:00 on Tuesday 18 October.
Upcoming events
Get involved
All techUK's work is led by our members - keep in touch or get involved by joining one of the groups below.
Authors
