Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensuring Data Integrity & Authenticity in a Solid Pod #72

Open
laurensdeb opened this issue Sep 5, 2022 · 4 comments
Open

Ensuring Data Integrity & Authenticity in a Solid Pod #72

laurensdeb opened this issue Sep 5, 2022 · 4 comments
Labels
challenge technical problem applied to a use case proposal: approved ✅

Comments

@laurensdeb
Copy link

laurensdeb commented Sep 5, 2022
edited

Pitch

Once data is written into a Solid Pod, it is outside of the control of an authentic data source. For some data in the Pod, the user themselves may be the authentic source, like for their contact information or calendar. However, for other kinds of data like your high school or university diploma's, your driver's license and national identity card, an external party like a government or company is the source. When sharing the data originating from these parties, we want to uphold their integrity and authenticity to ensure that they can be validated by a data consumer.

Desired solution

The broader W3C community has proposed the use of Verifiable Credentials in order for a particular issuer, i.e. an organization, government or even an end-user themselves, to assert certain identity claims. The current framework of Verifiable Credentials does not consider the use of a personal data vault to store these Credentials, however the concept of repository might be closely related to what we want to achieve with Solid. While we have been able to identify a number of similarities between concepts in the VC and Solid specifications, we are still lacking formal alignment between the two domains.

Our desired solution to this challenge would be as follows:

  • We have outlined the advantages and disadvantages of different solutions for Linked Data Integrity & Authenticity in relation to Solid.
  • We are able to align the concepts and terminology of the Verifiable Credentials data model to Solid's concepts of Pods and WebIDs.
  • The concept of a WebID can be integrated into the Verifiable Credentials data model by extending the Profile document with any additional relevant properties.
  • We have defined the technical and functional requirements for providing a Credential Holder backed by a Solid Pod as credential repository, e.g. concerning secrets management, user interface, authentication, ...

Acceptance criteria

TBD

Pointers

Scenarios
@laurensdeb laurensdeb added challenge technical problem applied to a use case proposal: pending ❓ labels Sep 5, 2022
@RubenVerborgh RubenVerborgh removed their assignment Sep 6, 2022
@pheyvaer
Copy link
Contributor

@RubenVerborgh Shouldn't this challenge have criteria?

@RubenVerborgh
Copy link
Contributor

I'm assuming those from #73.

@pheyvaer
Copy link
Contributor

Ok. @laurensdeb For completeness sake, can you add the criteria in this challenge as well? Thanks!

@laurensdeb
Copy link
Author

@pheyvaer I will be adding these, probably towards the end of this week.

@marcvanandel marcvanandel mentioned this issue Oct 11, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
challenge technical problem applied to a use case proposal: approved ✅
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@RubenVerborgh @laurensdeb @pheyvaer