Comments (14)
from aries-rfcs.
@brentzundel and @ken-ebert: Among other things, what @llorllale is asking for here includes a rich and easy way for two parties to talk about attributes of a third: "Can you introduce me to someone who knows you _____ [are a member of the American Academy of Pediatrics; speak Spanish]". I expressed some concerns about personal privacy in third-party interactions like this, but note that in my examples, the request for proof was not about a third party--it was proof about the speaker, but a third party who already knew the same thing. The more dangerous variant would be "can you introduce me to someone who has attribute X ____", which may or may not be in scope here. Note as well that in cases where privacy doesn't matter, both variants would be supremely useful: "Can you introduce me to a self-driving car that's headed downtown?"
Regardless of the subtleties, the reason I'm mentioning both of you on this ticket is that I think the ability to express criteria in this way connects strongly with your work on Schema 2.0. What thinking do you already have on an expressive, powerful language for criteria?
from aries-rfcs.
@llorllale: I am wondering if we could tweak SGL (Simple Grant Language), or fork it, as a criteria language. Today it only matches on the id
and roles
properties of people, but making it support arbitrary other criteria would probably be trivial.
Tagging @mcorning as he might also be interested.
from aries-rfcs.
from aries-rfcs.
@dhh1128 @mcorning how do we go about tweaking SGL for these use cases? The criteria language needs to be used in two places:
- The initial requestor needs to describe what he wants
- The Introducer needs to describe the other party to the requestor
from aries-rfcs.
Reduced to its essence, SGL is just a very simple way to answer this question:
Does this JSON object (or array of objects) satisfy the arbitrary criteria I've written?
It was written with a particular problem in mind, which was to test authorization. However, it could easily be genericized; updating the code to support other properties besides those related to authorization would be quite easy. It's very simple code (maybe 100 lines of JavaScript?), which is part of why it's an attractive answer.
However, I wouldn't go down this road unless/until we do some research about a generic JSON query library (find parts of a JSON tree that match this criteria). If such a library exists, it might be a better alternative. The reason is that the community outside Aries seems to view things that Evernym contributes with suspicion, so SGL incurs some political baggage. (In this case, the language is so simple that I don't think that concern is rational, but I'm just a bit weary about fighting uphill battles).
from aries-rfcs.
@dhh1128 @ken-ebert where can I find docs for Schema 2.0? The name clash with schema.org 2.0 is unfortunate - makes it hard to locate
from aries-rfcs.
@dhh1128 we can lessen the risks of this change by inserting an attachment that contains a network-specific payload (similar to this pattern) in two messages:
{
"@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/introduce/1.0/request",
"@id": "df3b699d-3aa9-4fd0-bb67-49594da545bd",
"please_introduce_to": {
"name": "Carol",
"description": "The woman who spoke after you at the PTA meeting last night.",
"expected": true,
"criteria~attach": { // new
"mime-type": "application/json",
"data": {
"base64": "<network-specific>"
}
}
},
"nwise": false,
"~timing": { "expires_time": "2019-04-23 18:00Z" }
}
{
"@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/didexchange/1.0/invitation",
"@id": "12345678900987654321",
"label": "Alice",
"recipientKeys": ["8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K"],
"serviceEndpoint": "https://example.com/endpoint",
"routingKeys": ["8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K"],
"criteria~attach": { // new
"mime-type": "application/json",
"data": {
"base64": "<network-specific>"
}
}
}
from aries-rfcs.
The addition to didexchange/1.0/invitation
is also interesting in that it ratchets up the level of trust of the invitation being received.
from aries-rfcs.
I think you are onto something good here, George. I agree that expressing criteria in this way is a desirable feature, and in particular, that it would be ideal if the criteria you express in this type of use case uses exactly the same mechanism as criteria expressed in ordinary proof requests.
Here is an insight that I had when discussing this with George over the phone just now, that I want to record in this public thread:
An introduction involves 3 stakeholders. We can therefore think of it as creating or depending upon a 3-way relationship, even though only 2 of the stakeholders (the introducees) actually end up doing DID exchange when we are done. And in that 3-way relationship, selection criteria might need to be expressed about any one of the 3 2-way pairs in the relationship, or any of the 3 individual parties in the relationship. The request for an introduction could say any of the following: Please introduce me to someone who...
- ...is a doctor (matching criteria are tested against credentials of the other introducee, or maybe against informal knowledge that the introducer has; privacy cautions apply here)
- ...has been your friend for over a year (matching criteria are tested against the relationship between introducer and the other introducee)
- ...is the person I met last week (matching criteria tested against the relationship between the two introducees, as embodied in knowledge the introducer has)
- ...is someone who lives near me, speaks my language, and is a plumber (matching criteria tested against knowledge that the introducer has about BOTH of the introduces, AND against one attribute of the other introducee)
- ...knows you are a doctor (matching criteria tested against the other introducee's relationship to the introducer AND against attributes of the introducer)
- ...believes that I am a doctor (matching criteria tested against the other introducee's knowledge of the first introducee AND against attributes of the party seeking an introduction)
...and so forth.
from aries-rfcs.
I suggest that we change your single criteria~attach
object into an array, to let us express as many of these matching criteria as are needed. We might end up with something like this:
introduce/1.0/request
:
{
// (suppressing parts of the message that are not relevant)
"criteria~attach": [
{
"verb": "asserts",
"criteria": "introducer.name = 'Alice' OR introducer.name = 'Carol'"
},
{
"verb": "asserts",
"criteria": "their.zip_code = '93075'"
},
{
"verb": "asserts",
"criteria": "Bob.vocation = 'plumber'"
},
{
"verb": "can-prove",
"criteria": "introducer.age > 25"
},
{
"verb": "can-prove",
"criteria": "their.age > 65 AND their.certifications CONTAINS 'MD'"
},
]
}
from aries-rfcs.
In the example above, I am using an SQL-like syntax to express criteria. Don't get hung up on that. How we express the criteria isn't the point. What matters is the following:
- We can have as many criteria objects as we like in the attachment array.
- Each object in the array has a verb that tells how the criteria must be evaluated. The
can-prove
verb means that evaluation should be rooted in credentials. Theasserts
verb means the evaluation can be based on self-assertion or other informal knowledge. - Each object in the array expresses criteria that are namespaced according to which party in the relationship is being described. Here, I've shown
their.*
to reference the other introducee, andintroducer.*
to reference the introducer, andBob
to reference some completely separate party that is none of the parties involved in the introduction.
from aries-rfcs.
Regarding point 3 in the preceding comment, the ability to namespace criteria according to which party is being described needs to be part of general proof request syntax already. If I am asking for proof from a birth certificate, I already need to be able to say, in effect: Prove to me that... mother.first_name = 'Alice' AND baby.birth_month = 'December'
.
from aries-rfcs.
Just realized this was still open from reading the agenda for today's call.
The help-me-discover RFC was submitted for this and we are still in exploration and assessment of this spec.
Will open new issues if/when something comes up.
from aries-rfcs.
Related Issues (20)
- RFC 0592 Proof Request includes nonce that is also required for a proof proposal HOT 2
- Outdated "problem_report" in Connection Protocol HOT 2
- Inconsistency in DIDComm mime-type HOT 1
- Issue Credential: initiate with issue message HOT 10
- Eliminate the use of %VER in the RFCs in favor of the explicit version in the method IDs
- Credential attribute for images/photos HOT 4
- [string](string) does not exist
- Add "watermark" to the Meta Overlay in the OCA for Aries RFCs HOT 1
- Message Content Type HOT 2
- Signal holder app when a transaction is done
- Credential Metadata about how to get a credential
- #0453 V2 issue-credential: review HOT 2
- Clarification on encoding format of attachment data in `Delivery` message of RFC-0685-pickup-v2 HOT 1
- Out of band - proposing change ( `services` VS `from` ) HOT 1
- Clarity on nullability of `credential_preview` in issue-credential-v2 offers (Aries RFC 0453) HOT 8
- add clarification to RFC 0510 on how to use with JWT VPs
- Is a JSON string valid to be used in attachment data `json`?
- Special case of threading in didexchange #0023 ? HOT 9
- Using `oobUrl` in `didcomm://` deeplink for linking with shortened url HOT 6
- List of additions to the published Aries RFCs mkdocs/gh-pages Website
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aries-rfcs.