Add a diagram showing how things in the model relate to each other

[marcoscaceres]

It would be nice to have a diagram showing how parts of the model relate to each other.

[OR13]

I can make a mermaid.

How much detail are you looking for?

[marcoscaceres]

Not much... just enough to give a simple overview of how things related to each other and maybe super simple example of a credential picker (super abstract though... like just a box showing a driver's-license-like credential).

We might be able to make it more complex from there, showing how things are verified etc. and what role each thing in the model plays.

[OR13]

Here is a quick sketch... Obviously the method names would need to align to the webIDL.

flowchart LR

    subgraph mobile_device
        
        credential_private_key
        credential_private_key --> public_key_credential

        subgraph public_key_credential[Mobile Driver's License]
            credential_public_key
        end
    end

    subgraph user_agent
        credential_manager[Select Digital Credential]
    end

    subgraph relying_party
        request_proof_of_age[Request Age Verification]
    end

relying_party -.- presentationRequest -.-> user_agent
relying_party -.- presentationResponse -.- user_agent

user_agent -.- mdocRequest -.-> mobile_device

user_agent -.- mdocResponse -.- mobile_device

Loading

in case anyone wants to hack at this, here is a live editor link

[marcoscaceres]

Ok, awesome! This is a great start.

So yeah, once we land #57 we can start adding some of the terminology from there to the diagram... we also don't yet have any mention of mDoc (#67) yet, so we can incrementally build this up as we add things to the spec.

This is already hugely helpful though.

[OR13]

Perhaps a better diagram: https://github.com/WICG/digital-identities/blob/main/resources/IdentityCredentialAPI-Layering-2023.pdf

Green arrows seem to be controlled by Chromium, Safari, Geko (Browsers)

Purple arrows seem to be controlled by iOS and Android / Samsung. (Mobile OS)

Red arrows seem to be controlled by macOS / linux / windows (Desktop OS)

Blue arrows seem to be controlled by verifier protocols (OpenID specs, mDoc specs).

We seem to be spending a lot of time talking about "Green and Blue", and there seems to be general agreement, that while we might influence Purple and Red, thats not really what the W3C is good for.

I've thought this CG was limited to "navigator APIs".

I imagined it would produce an FCGS that a W3C WG could pickup to expose something like WebAuthN did.

That would leave everything but the green arrows, out of scope.

Website supports a "Verifier Protocol" website uses navigator APIs to "query a wallet".

Consent happens.

Wallet query response is obtained by the Website.

Website then either forwards the response to its backend (like is done in WebAuthN), or website knows to listen for a back channel notification, in the case that the Verifier Protocol supports that.

[timcappalli]

Green arrows seem to be controlled by Chromium, Safari, Geko (Browsers)

Purple arrows seem to be controlled by iOS and Android / Samsung. (Mobile OS)

Red arrows seem to be controlled by macOS / linux / windows (Desktop OS)

Blue arrows seem to be controlled by verifier protocols (OpenID specs, mDoc specs).

Green arrows in the browser would be implemented by browser engines: Chromium, Webkit, Geck, etc

Green arrows between client platforms/devices would be implemented by the client platforms: Android, Windows, macOS, iOS, Linux (with some small exceptions where browsers may handle it themselves)

Purple and Red arrows are implemented by app platforms: Android, Windows, macOS, iOS, Linux

[marcoscaceres]

This depends on #83 (that is to say, whatever ends up in #83 should be the words used in the diagram... along with "platform" etc.)