Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Mobile Summit is a series of weekly workshops organized to address issues specific to mobile agents and wallets.

Summit meetings are Tuesdays 8-10am US/Mountain

Zoom Link: https://zoom.us/j/93810537086

Meetings

2021 Nov 16 -11-16 Aries Summit Session - QR/ InvitationsInvitations 

2021 Nov 23 -11-23 Aries Summit Session - Mobile InfrastructureInfrastructure 

2021 Nov 30 - 2021-11-30 Aries Summit Session

further meetings will be organized.

-11-30 Aries Summit Session - Credential UX Part 1

2021-12-07 Aries Summit Session - Credential UX Part 2

2021-12-14 Aries Summit Session - General UX / Summit Wrap-up


Outcome & Work Items

RFC 496 - Transition to OOB and DID Exchange From 2021-11-16 Session

  • To do: Chase wallet vendors, share findings, and update RFC Stephen Curran

How are we really going to do deep-links? From 2021-11-16 Session

Handling HTTP on mobile, since mobile OS's require an exemption to use HTTP. DIDComm over HTTPS results in double encryption. From 2021-11-16 Session

Auto-approval of presentation requests. From 2021-12-07 Session

  • Can be risky, e.g. auto-presenting could lead to interaction-less login
  • One aspect: bulk approval (present series of proofs with one user action to approve)
  • Another aspect: policy approval (conditions by which an approval or other user action can be automated)
    • Care needed on: anti-patterns, security vs. convenience, following SSI principles, fiduciary responsibility when agents work on behalf of users
  • To Do:
    • Needs bulk presentation request (Present Proof) (mostly done)
    • Needs policy to recommend bulk actions
    • Policy approval is complex and needs more investigation

Machine-Readable Governance and UX. From 2021-12-07 Session

  • Introduces new types of user interactions
  • Has many types of governance: root of trust, identifying participants, etc.
  • Mike is working on test applications of Machine Readable Governance

Credential UX

UX of Invitations

  • Development of Machine Readable Governance
  • Development of language around trust
  • To Do: Need Proposed Initial Attempt as an Aries RFC - Sam Curren

Mobile Verifiers

  • Inversion of QR scanning flow where verifier scans holder's QR code
  • Other mechanisms other than QR Code (e.g.: BLE)
  • Todo: Summary of existing state for BLE
  • Todo: Summary of existing state for NFC
  • Todo: Document use cases and UX flows

Device Backup/Recovery

  • Define interop format for backup
    • Not everything can be backed up. Some credentials may only be usable in the device/wallet it was issued to 
  • Define a backup service protocol

Error Handling and Reporting

  • We don't currently have enough published community knowledge to organize the conversation very well.
  • Errors need to be communicated at both a technical level and a human level
  • Context for errors is important - don't imply that background errors relate to a different foreground operation.
  • ToDo: Need a focused convention of agent developers to share the errors they handle and how, with a goal of capturing community knowledge and best practices.

Original Topics List

  • Mobile Infrastructure (2)
    • Mobile Verifiers
    • Device Recovery (Backup/Restore/Sync/Rotation to new keys)
    • Secure Element usage
    • SDK / Embedding Agents into existing Mobile Apps
  • Credential UX (3)
    • SVG Cred Display
    • Auto-approval of presentation requests (e.g.: trusted verifier, trusted preset, etc ...)
    • Credential Theming (e.g. Icon, Colors, Description)
    • Revocation implications for Mobile
    • Consequences of Machine Readable Governance on UX
  • Other User Experience (UX) (4)
    • UX of Invitations
    • Exposing errors / details to users & power users (404 and 503 like errors)
      • Unsupported DID Method
    • Glossary - naming conventions - how to hide technicalities in front of user
  • QR / Invitations (1)
    • How are we really going to do deep-links?
    • RFC 496 - Transition to OOB and DID Exchange
    • RFC 700 - sending out-of-band as query parameters and enable redirect back.
    • HTTP Mobile exemptions
  • Security
    • DID method specific
    • Immutability of schema and JSON-LD security issues
    • Biometrics/PIN unlock (overlap with UX)
  • Protocols
    • DIF Credential Manifest attachment (followup from Issue Credential v2 json-ld attachment in AIPv2).
    • DIDComm v2 (and related)
      • DIDComm v2
      • WACI