Create attestations #3
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This pull request is being automatically deployed with Vercel (learn more). 🔍 Inspect: https://vercel.com/identity-box/covid-19/kkf8r17y3 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR enables care professionals to create COVID attestations for the registered users.
How attestations will be verified?
When the user logs into his hospital account, he will see if there are any attestations available.
If the user is already logged in with Identity Box, then the user can directly scan the attestation QRCode and have the attestation bound to the currently used DID. Otherwise, the user needs to first select the DID he wants to use for the attestation with his Identity App, connect with his Identity App to the browser and then the attestation will be bound to this DID and transferred to the user's device. In other words, only one scanning of the QR code is required.
Because the attestation is kept on the user's mobile, the user can present the attestation as a QR-Code to the verifier. The verifier can verify the attestation by simply scanning the presented code with the Identity App.
For the service providers, the user would first connect to the service provider web app in the browser and then the service provider my request a specific attestation. The user then select the attestation that he wants to share with the service provider and this attestation is then securely transferred to the service provider web app, where it can be verified used the service provider's Identity Box by acquiring the public key of the attestation issuer and verifying the signature.
Regenerating attestations
This is a working name and perhaps it will be covered by another PR. An interesting case is when the user has an attestation with multiple attributes. For instance, an attestation from the state my include your age, address, tax number, etc. Sometimes you only want to share a subset of the attributes or even you may like to generate an on the fly attestation containing only a subset of the attributes and bound to another DID of yours. How are we going to solve this? Do we want it to be solved?