AI for discussion: Different patterns of Alice's AS and RS's accepting and providing federated logins? (Adrian)

I would like to champion a #wideeco solution called "A Lock to Alice's Shared Door" as follows:

The RS is an IoT lock on the shared door of a multi-unit condo.
The lock has to work even if disconnected from the internet.
Alice has her own AS in her own condo.
Alice has to be able to unlock the shared door even if disconnected from the internet.
Alice carries a smartphone that can connect to the RS and AS locally and via the internet.
Bob is a guest that wants to access the shared door based on Alice's AS policies.
Bob carries a smartphone that can connect to the RS and AS locally and via the internet.
The shared door RS and Alice's AS are each built on standard commodities that include a typical secure element.

e.g.: https://www.arduino.cc/en/Main/ArduinoMKR1000 including http://www.atmel.com/products/security-ics/cryptoauthentication/ecc-256.aspx

Bob can present claims to Alice's AS:

by referencing a personal certificate previously stored in the AS (e.g.: using PGP, a FIDO key, or equivalent)
by contacting Alice out-of-band for a one-time credential into her AS
by authenticating to the RS (assuming the RS has been configured as an IdP and is trusted by the AS)
by authenticating to an IdP (assuming the internet is working and the IdP is trusted by the AS)
by authenticating to a blockchain persona like https://medium.com/@ConsenSys/uport-the-wallet-is-the-new-browser-b133a83fe73#.d5stuazgi this could involve a camera and face recognition as in http://www.planetbiometrics.com/article-details/i/4238/desc/google-trialling-face-recognition-payment-app/
by following a claims gathering process directed by Alice's AS

I believe these 6 are the only distinct categories and I would hope that Alice's AS supports all of them if Alice is willing to take the time to configure them. Within each category, there will be various user experiences depending on what kind of technology Bob has in his pocket.

Adrian

On Fri, Apr 8, 2016 at 4:40 PM, Eve Maler <eve@xmlgrrl.com> wrote:

I've also done a little bit of suggested reordering of the roadmap priorities to account for the appearance of so many use case buckets in the first bullet in the list, and other realities; please see what you think. Essentially, we can't really consider Justin's proposals for #wideeco without also considering their #simplify impact, and some of their #IoT impact, but some other #IoT analysis will have to wait a bit longer. Also, we don't have any #security work on our docket at the moment, but more could arise at any time, and there's some constant legal-subgroup work being done. Etc.

Oh, and I've put the named people who I hope will take on action items directly on the cc list this time, to draw their attention to my request.

Happy Friday! :-)

Eve Maler
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl

On Fri, Apr 8, 2016 at 9:52 AM, Eve Maler <eve@xmlgrrl.com> wrote:
Hi all-- The agenda for our call yesterday tried to summarize what I think is the most up-to-date list of ideas I've heard so far:

Examining solutions for wide ecosystem challenges (Eve's challenge analysis doc) – look at:
UMA-protected UserInfo? (various) [Mike]
Different patterns of Alice's AS and RS's accepting and providing federated logins? (Adrian)
"Multi-party" proposal? (Justin) (engages with #APIsec and #simplify use case buckets too) [also #IoT as discussed on Thursday]
AS requests claims and client does act_as Bob to send them? (Mike, James)
Alice's AS dynamically gets client credentials to Bob's claim sources? (various) [Eve]
Meta-suggestion: Should trust elevation methods be modularized? (James)
Others?

Can the people identified above please take action items to present at upcoming calls? If you're not clear on what this is about, or if you can't do this action, please let me know. Thanks!

And remember, we've got some upcoming "holes" in our Q2 WG meeting schedule. I've just deleted some of our Thursday meetings (Fridays haven't been impacted yet), with possibly a couple more to come. We've got some exciting work coming up, so let's try to press ahead with offline prep such as this.

Eve Maler
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl

Adrian Gropper MD

PROTECT YOUR FUTURE - RESTORE Health Privacy!
HELP us fight for the right to control personal health data.
DONATE: http://patientprivacyrights.org/donate-2/