Open Q&A Session

[juliapampus]

We want to give you the opportunity to get in touch with the responsibles for this project. Therefore, we provide a monthly meeting on fridays - moderated by selected core team members on a rotating basis.

We will meet in the "general" voice channel. Please make sure you have a Discord account and are a member of the EDC server. Invitation link: https://discord.gg/n4sD9qtjMQ.

2024

If you want to add the meeting series to your calendar, please feel free to use this packed .ics file:
2024_EDC_Q&A_Session.zip

Date	Time	Moderators	Topics/Guests
19.01.2024	2 pm (UTC+2)	@wolf4ood @ronjaquensel
16.02.2024	2 pm (UTC+2)	@jimmarino @paullatzelsperger
15.03.2024	2 pm (UTC+2)	@bscholtes1A @mspiekermann
19.04.2024	2 pm (UTC+2)	@ndr-brt @juliapampus
17.05.2024	2 pm (UTC+2)	cancelled
21.06.2024	2 pm (UTC+2)	cancelled
19.07.2024	2 pm (UTC+2)	@mspiekermann	Link
16.08.2024	2 pm (UTC+2)		Link
20.09.2024	2 pm (UTC+2)
18.10.2024	2 pm (UTC+2)
15.11.2024	2 pm (UTC+2)
13.12.2024	2 pm (UTC+2)

[mspiekermann]

Hey folks,

Our Q&A meeting is set up for the greater EDC community to get in touch with the EDC committer team and other community members in order to ask questions or discuss issues around the EDC developments or its adoption.

In order to prepare the meeting and make sure the right contact persons are available, please raise questions at least until Tuesday EOB before the meeting. To do so, please visit the corresponding EDC discussions. Every Q&A session has its own thread (linked in above table), where you can add your question as a comment and provide details. While adding a question, please create one question per comment and add a meaningful title and description.

If you have any questions, please contact the team via the Discord channel and we will try to help as fast as possible.

[bnouwt]

Hello everyone, I have the following question for the Q&A planned for this afternoon. Where can I best post it?

Our software uses EDC Connectors to arrange the trust between two actors within a network. To exploit this trust from within our application we need access to the public key with which a consumer participant has configured its EDC Connector. This way, we want to verify whether this participant actually is who they say they are or whether they have a valid token but are using an unexpected identifier.

Currently, we already use the token generated based on the contract agreement between the consumer and provider and validate/verify it on the provider side using the /control/token REST API of the EDC Connector. At that moment, we would also like to have access to the public key of the consumer participant using that token and double check whether it is using the expected identifier (from a public key -> identifier mapping given to our application at startup). Is there a REST API operation available that can provide us this public key?

Thanks in advance!

Barry

[jimmarino]

Hi,

The proper way to handle this would be to use Web DIDs (or another DID method) for the participant IDs. The resolved DID document would contain public key material as a verification method. In addition, you will need to use self-issued certificates sent as a JWT in the auth header.

Note, however, that the above does not establish trust. It only establishes control over a DID. For trust, you need an issuer that provides Verifiable Credentials and is accepted by both parties. The VCs would be presented as a VP to the provider.

Identity Hub and EDC configured with the decentralized identity extensions support this. I would suggest reading up on decentralized identity concepts if you are not familiar with them and then looking at the pre-release Identity Hub documentation.

[bnouwt]

Hi @jimmarino, thanks for your quick response. We've looked a bit more into DID and watched this video, but we will also have to read the documentation you suggested.

Just to verify my current limited understanding: if we correctly configure EDC Connectors with an IdentityHub and start using WEB DIDs like did:web:example.com, the EDC Connectors will automatically verify these DIDs during contract negotiation. And then, when a contract was agreed upon, our software can use this DID to find the public key from a consumer and use that to verify the information we want to double check. And it seems logical to use a VerifiableCredential to replace our 'public key -> identifier mapping'.

By the way, do you know if the Q&A is still happening? Or is that what we are doing now?😉

Thanks!

Barry

[jimmarino]

Please read through the documentation and that should point you in the right direction. Please be aware that Identity Hub is still a work in progress. Take a look also at the MVD as that is being updated to include samples.