Skip to main content

Secure Patterns for Internet CrEdentials (SPICE)
bofreq-prorock-secure-patterns-for-internet-credentials-spice-03

The information below is for an older version of this BOF request.
Document Type Approved BOF request Snapshot
Title Secure Patterns for Internet CrEdentials (SPICE)
Last updated 2023-09-28
State Approved
Editors Leif Johansson , Heather Flanagan , Henk Birkholz , Michael Prorock , Brent Zundel
Responsible leadership
Send notices to (None)
bofreq-prorock-secure-patterns-for-internet-credentials-spice-03

Name: Secure Patterns for Internet CrEdentials (SPICE)

Description

There is a need document verifiable credentials more clearly: credentials that utilize the issuer, holder, and verifier (three role) model across various work IETF, ISO, W3C, and other SDOs. This need particularly arises in use cases about verifiable credentials for personal credential and business credential. In support of compactness, those use cases benefit from CBOR encoding. In support of interoperabilty, those use cases benefit from the cryptographic agility properties of COSE. Based on these use cases, there is a need to clearly define message formats and supporting mechanisms. The proposed SPICE WG is intended to coordinate closely with other working group's items developing JSON-based credentials to keep that work and the SPICE WG's work architecturally aligned.

Digital credentials based on IETF standards have use cases ranging from personal credentials, such as drivers licenses and vaccination proofs, to business-to-business or business-to-government applications. One example is fraud and counterfitting prevention in cross-border trade documents by protecting digital representations of mill test reports, bills of materials, bills of lading, or commercial invoices. In order to meet privacy, security, and sustainability objectives, digital credentials need to be designed with awareness of computation and storage constraints associated with their use cases. These objectives can be achieved by leveraging industry adopted standards and managing tradeoffs between cutting-edge and well-established cryptography.

The SPICE WG aims to support digital credential formats based on existing IETF standards, and extend them to support stakeholders that are building compliance and automation systems based on industry adopted cryptography and protocols.

Required Details

Information for IAB/IESG

To allow evaluation of your proposal, please include the following items:

Agenda

Problem Statement (30 min)

  • Problem Area and introduction to verifiable credentials
  • Known Use Cases
  • How is SPICE related to other IETF Work

Scope and Proposed Work Items (45 min)

  • SPICE Use Cases Documentation
  • Selective Disclosure with CWTs
  • Architecture
  • Other Items that might be considered for inclusion in this group

Discussion (45 min)

  • Is the IETF the right place to do this work?
  • Which organizations and SDOs need to be involved/collaborated with?
  • What are the expected technical challenges?
  • Is there interest in implementing such specifications?
  • Is the technology likely to get deployed?
  • Is there enough interest in helping with the work (spec editing, reviewing, implementing, deploying)?