Wallet Requests

From MgmtWiki
Revision as of 18:06, 21 February 2024 by Tom (talk | contribs) (Solutions)

Jump to: navigation, search

Full Title or Meme

What should a request to the wallet look like to achieve the purpose of the Verifier and the privacy of the Subject.

Context

Today it is possible to use a driver's license issued in California to enter a bar in Thailand. The question arises about how a request from a Verifier in any jurisdiction can make a request that all digital Wallets could meaningfully handle to allow existing purposes. The use cases listed below include cases were interoperability of wallets with disparate requirements in diverse identity Ecosystems are important to the person that selects which wallet to use.

Problems

  1. Users will not select Wallets that cannot get them access to resources that they depend upon. This page focuses on the way to create a request from a verifier such that it can be handled by the wallets that the user is likely to have in their possession.
  2. When the request from the Verifier includes multiple purposes it is not likely that the user can be expected to switch from one wallet to another. Nor is it clear that the user ID will be the same in two different wallets.
  3. Many states in the US are issuing Mobile Driver's License wallets that can only hold their own State Issued Identifiers. Thus using that Wallet for other purposes of the Verifier will force the user to select different wallets to gain access the the desired resource. A solution that many user will avoid.
  4. Technologies, including cryptographic methods, are changing rapidly. If these changes are not accommodated by users with existing mobile devices, the user will not be able to use them until they upgrade their device.

Use Cases

  1. A wallet that holds a California Mobile Driver's License can be used to enter a bar in a different country with different legal requirements.
  2. A shopper at a grocery store wants to give the store their Loyalty ID in order to take advantage of selective discounts available to loyal customers.
  3. A sovereign state needs State Mandated Identification in order to have a consistent Identifier for any of the several hundred licenses and other uses.

Solutions

This page describes two way to handle requests from wallets that need to server multiple purposes in a single request to the wallet. While it is possible that wallet could hand both types of request, interoperability would be improved if only one of these methods were selected.

References

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Wallet_Requests&oldid=20046"