Presentation from a Wallet
From MgmtWiki
Contents
Full Title or Meme
This represents a bundle of claims and credentials in a Presentation from a Wallet.
Context
- This was generated as the high-level view of a Mobile Driver's License Presentation.
- Wallets are now (in 2021-07) being asked to accumulate a variety of user private information and credentials. Here-to-fore not common request to a wallet has been proposed.
- See the wiki page Direct Presentation for Microsoft's take on the same topic.
Actors
The issuer of the credential is not included in this list but is essential to the entire Ecosystem.
- The human user of a computing device with a means to securely store secrets.
- The application running as a User Agent on the computing device with access to a secure, hardware enabled wallet containing user credentials and other secrets.
- The computing device, whether mobile phone or laptop, will need to provide secure storage and collect user inputs for transmission in the bundle to the RP.
- The Relying Party aka the Verifier of the bundle sent by the Wallet.
Problems
Standards and other guidance have been created for requesting private information from users. There is little coordination between these efforts. A partial list follows:
- W3C Verifiable Credentials
- OpenID Connect
- IETF GNAP
- Open ID SIOP
- ISO 18013-5 on the Mobile Driver's License
Solution
The following is both a collection and a proposal for a unified solutions to the problems.
Policy
- Policies are expressed as a purpose
Request
- Collection of needs sent to the wallet by the verifier.
- Each request is for a collection of data elements that will be called a purpose.
Response
Bundled set of credentials presentations and user information from the Wallet.
User Journey
- User is at a place where some form of ID is required.
- User taps wallet to verification device
- Verification Device sends a request to the user
- Uwe Wallet interprets the verifier request into a SINGLE SCREEN UX
- If there are optional requirements the user can disable them.
- The user clicks OK
- The presentation response returns to the verifier
- If the verifier is happy the user gains access