Roadmap for testing the Simpler Universal Verifier (SUV)
Here is a proposed roadmap for the required tasks to perform some interworking trials for a Simple Universal Verifier (SUV) during January 2021
- Define a simple use case for people to test against e.g. download a confidential document from the eSSIF web site.
- Define the semantic policy for this along with the schemas, trusted issuers etc. e.g.'In order to "download" "essif documents" users must present “member” from a “eSSIF Certificate”.
- Run a Policy Registry at AWS (VCL will provide this) using the already published APIs (see https://gitlab.grnet.gr/essif-lab/business/policyman/answers-for-productisation-meeting/-/tree/master)
- Each Participant uploads their syntactic policy (that matches the semantic policy) to the Policy Registry and tests the interworking of this API.
- We agree on the definition of the Access Decision API between the Service Provider (SP) and the SUV published here (https://gitlab.grnet.gr/essif-lab/business/policyman/answers-for-productisation-meeting/-/tree/master).
- Each participant publishes their existing Verifier API.
- We agree on the definition of the PolicyRef API between the SUV and the Participants' apps defined here (https://gitlab.grnet.gr/essif-lab/business/policyman/answers-for-productisation-meeting/-/tree/master).
- We determine which application protocol we will use between the Participants' apps and the SP e.g. Https with java script along with the required parameters i.e. Request VP, SUV URL, Challenge
- One or more participants volunteer to build the SP e.g. eSSIF document store (web server)
- Each Participant builds their own app to interact with their existing wallet, the SP, the SUV and the Policy Registry according to the SUV architecture diagram and the specified APIs.
- One or more Participants alone or together build an SUV that can call all the Participants Verifier services via their existing Verifier APIs.
- Each participant populates their own wallet with a VC that matches the semantic policy e.g. member of eSSIF project issued by eSSIF.
- Each participant tests the following:
- [i] that their app can contact the SP and retrieve the required parameters: Request VP, SUV URL, Challenge
- [ii] that their app can call the SUV PolicyRef API and retrieve the policyMatch parameter
- [iii] that their app can call the PolicyRegistry API and retrieve the policy in their own syntax using the policyMatch parameter
- [iv] that their wallet can embed the challenge in the VP and return the VP to their app (Note. How they do this is not specified and the Participant can use any mechanism it requires).
- [v] that their app can return the VP to the SP
- The builders of the SUV test the following
- [i] that its PolicyRef API can return the correct policyMatch parameter to the calling apps.
- [ii] that it can call the PolicyRegistry API to get a policy in the syntax it supports
- [iii] that it can call the Participants' Verifier APIs and receive W3C formatted verified credentials in return (i.e. JSON VCs with the proof removed)