Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Discussion: Profile Expansion #195

Open
wilwade opened this issue May 12, 2022 · 1 comment
Open

Discussion: Profile Expansion #195

wilwade opened this issue May 12, 2022 · 1 comment

Comments

@wilwade
Copy link
Member

wilwade commented May 12, 2022

DSNP Activity Content Profiles are fairly sparse. As DSNP grows, different applications will want to add different information to the profile.

  1. Should app specific information be added to the DSNP profile?
  • General feeling is that it would be good as it promotes user ownership of that information.
  • If so, how should other apps that might be updating the profile handle that?
  • Could app specific profile information be namespaced and announced separately? (MRC allows for additional schemas to be generated)
  1. How could the profile handle private profile information that is only shared with certain applications?
  2. How could the profile handle private profile information that is only shared with private graph connections?
  • Sub-question: Is it possible to do secondary connections? "Friend of a friend" could see it? This could happen on an application basis, but I'm not sure if is possible from a DSNP layer.

Misc ideas:

  • Namespacing profile fields
  • Apps registering new profile fields
  • Self-describing schemas for extended profiles
@wesbiggs
Copy link
Member

The attribute set proposal (#257) gives us one option for answering some of these questions.

  • Providers can define (and uniquely namespace) their own schema for user profile data (as Verifiable Credential Schema documents). They can then announce User Attribute Sets that reference the specific data points for a given user in Verifiable Credential format.
  • There is no protocol-level restrictions that prevent other apps from announcing their own Attribute Sets with that schema, but because sender and issuer fields are preserved at the announcement level, an application can decide which announcements it cares about, and might have schema-specific semantics to determine whether 3rd-party announcements should be ignored, or aggregated with or even replace their own (e.g. most recent wins).
  • You could see this evolving such that the schema was known and shared between multiple providers who agreed on its semantics so data could be shared across applications. If data was private, it could be encrypted with a key shared between the collaborating providers (with attendant group key management concerns, but doable).
  • Similarly, attribute set data could be encrypted with a group key covering private connections, or other well defined groups (group and group key management protocol details are TBD, but "friend of a friend" access representation is something we hope to address).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wilwade @wesbiggs