Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issue Credential: initiate with issue message #774

Open
dbluhm opened this issue Mar 1, 2023 · 10 comments
Open

Issue Credential: initiate with issue message #774

dbluhm opened this issue Mar 1, 2023 · 10 comments

Comments

@dbluhm
Copy link
Member

dbluhm commented Mar 1, 2023

Issue Credential as a protocol was formulated with support for credential formats like AnonCreds that require exchange of key cryptographic primitives prior to issuance. This resulted in the offer-request-issue-ack and proposal-offer-request-issue-ack flows we have today. However, not all credential formats have these requirements. LDP-VC credentials can skip straight to the issuing a credential in many circumstances. The protocol as specified right now requires that all issuer-initiated flows start from the offer message, despite the differing requirements between credential formats.

This has been discussed on the Aries WG call and the resolution was that it's fine for credential formats that don't require prior steps to begin with the issue message.

We should update the protocol to reflect this resolution.

Implications to discuss: how does this affect the version of the protocol?

cc @TelegramSam

@dbluhm
Copy link
Member Author

dbluhm commented Mar 1, 2023

cc @chumbert

@swcurran
Copy link
Member

swcurran commented Mar 1, 2023

According to what I see in the text of the RFC, offer is an optional step — https://github.com/hyperledger/aries-rfcs/tree/main/features/0453-issue-credential-v2#messages

offer-credential - Issuer to potential Holder (optional for some credential implementations; required for Hyperledger Indy).

I certainly remember when we defined this protocol that Offer was not supposed to be required for all credential formats, so I believe that is the expectation. I’m good with this being a clarification.

@talltree
Copy link
Contributor

talltree commented Mar 1, 2023

100% agree. Also, the revised language should no longer refer to "Hyperledger Indy" as if that defined a specific credential format, right? If I understand correctly, Hyperledger Indy is evolving into a digital wallet and credential framework that can support multiple credential formats. So the language should say something like, "...required for Hyperledger AnonCreds and other interactive credential issuance formats".

@swcurran
Copy link
Member

swcurran commented Mar 1, 2023

Yes — we need to convert all the language in the RFCs to replace Indy with AnonCreds where it references the AnonCreds credential format. That gets a tad tricky where the refrerences are in data models. In that case, we change the text, but include a note to indicate why the data items reference “indy”.

@dbluhm
Copy link
Member Author

dbluhm commented Mar 1, 2023

@swcurran based on current wording, I think the statement that the offer is optional implies that the exchange can start with a request but no alternatives where the issuer initiates are given. As a result of this language, as a concrete example, ACA-Py expects (requires) that a credential request must always be sent/received no matter the credential type or who initiated it. I think we could probably still get away with having this just be a clarification and not a version bump but if implementations were strictly adhering to this language like ACA-Py does, we might see some compatibility issues.

@swcurran
Copy link
Member

swcurran commented Mar 1, 2023

In the last comment — did you mean to say "expects (requires) that a credential request offer must always be…”?

The challenge happens with credential types that don’t specify what is needed to issue a credential. AnonCreds defines both data models and the interactions needed to issue a credential. That level of opinion makes it easier to know what to do. With a JSON-LD W3C credential using LD-Signatures), where only a data model is defined, there is no guidance on any steps in the issuance. An issuer doesn’t even need a credential request. If the issuer wanted some sort of SubjectID to put into the credential, they might require a credential request from the holder. They might even explicitly ask for that from the holder via a credential offer (which is what happens in AnonCreds — including the use of a nonce to prevent a replay attack by the holder).

I think the approach that is needed is that the base protocol issue-credential should define the options, and it is up to the RFCs that defines the usage for a specific credential type.

I agree that if there is a credential type that supports starting with a credential request, it should be possible in the concrete implementations. I’d be interested in knowing what assumptions are built into ACA-Py’s support for JSON-LD W3C credentials with LD-Signatures and BBS+ signatures.

@dbluhm
Copy link
Member Author

dbluhm commented Mar 1, 2023

In the last comment — did you mean to say "expects (requires) that a credential request offer must always be…”?

I do actually mean credential request. The Issue Credential protocol already permits starting from a request message making the list of potential entry points for the protocol:

  • propose-credential (holder initiated)
  • offer-credential (issuer initiated)
  • request-credential (holder initiated)

What's missing is a flow that permits the Issuer to initiate at the issue-credential message. If the issuer already has access to all the necessary information to issue the credential (from a previous exchange, from some other out-of-band system, renewing an old credential, etc.) and the credential type supports it, we have the technical and cryptographic capability to go ahead and issue the credential but the issuer would have to start at offer-credential since that's the only valid starting point for the issuer.

ACA-Py's JSON-LD W3C Credential implementation strictly expects these protocol entry points and, as the recipient of a credential, will reject an issue-credential message that was not preceded by at least a request-credential message. So what I was trying to point out was that other implementations may be similarly strict.

@swcurran
Copy link
Member

swcurran commented Mar 2, 2023

Sorry — I thought you were saying you wanted to start at the request-credential, but you are talking about starting at issue-credential without the prior steps. I don’t think that was necessarily anticipated in the discussions we had at the time we defined this protocol, but I don’t see that is against the spirit of the protocol. The idea is support the needs of different formats. I would be interested in what RFC 0593 (LD Signatures) and RFC 0646 (BBS+ Signatures) say they should support. Do they talk about being able to start with an “issue”? Yes, I know — I could look… :-)

I would be open to a PR that clarifies the starting point as being flexible, and then once we see the wording (and perhaps how you want to use it) we can see if that is a clarification of the existing protocol, or would require a version change. I’m betting on clarification, but we’ll see :-).

@TimoGlastra
Copy link
Member

Starting at issue credential makes sense to me. Also because the jsonld format doesn't provide a way to do proof of possesion of the subject did, so that would need to be handled separately. That's how an offer/request flow would be most useful

@TelegramSam
Copy link
Contributor

If it happens to be the same DID as the DIDComm connection, then proof of possession is automatic. If not, we'd need to include a separate proof of possession as @TimoGlastra describes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants