UserInfo Verifiable Credentials as MLS Credentials
draft-barnes-mls-userinfo-vc-00
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Richard Barnes , Suhas Nandakumar | ||
Last updated | 2023-09-14 (Latest revision 2023-03-13) | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This specification extends Message Layer Security (MLS) credentials framework with a new credential type, "UserInfoVC", based on the OpenID Connect UserInfo Verifiable Credential type "UserInfoCredential". A UserInfo Verifiable Credential encapsulates the UserInfo claims from the OpenID provider as a Verifiable Credential that can be presented to a third-party Verifier. These credentials can be easily provisioned to MLS clients using the OpenID Connect login flows, augmented with type "UserInfoCredential". The credential itself is an object associating identity attributes to the signature public key that the client will use in MLS, signed by the OpenID Provider. In situations where the OpenID Provider is distinct from the MLS Delivery Service, these credentials provide end-to-end secure identity assurance.
Authors
Richard Barnes
Suhas Nandakumar
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)