mesur.io

mprorock@mesur.io

Gen Digital

Brent.Zundel@gendigital.com

Internet None SPICE This document describes various use cases related to credential exchange in a three party model (issuer, holder, verifier). These use cases aid in the identification of which Secure Patterns for Internet CrEdentials (SPICE) are most in need of specification or detailed documentation.

Notational Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in .

SPICE Use Cases

Introduction There are several expanding use cases and common patterns that motivate the working group and broader community, including:

• Use of microcredentials, particularly in education
• Digitization of physical supply chain credentials in multiple jurisdictions
  • CBOR credentials
  • High volume with system to system exchange of credentions
  • both regulatory data as well as business driven information
• IoT, Control Systems, and Critical Infrastructure related Credentials
• Credentials related to authenticity and provenance, especially of digital media
• Offline exchange (in person) of credentials that may have been internet issued
• Embedding of credentials in other data formats
• Digital Wallet Initiatives
• Selective disclosure with CBOR

Details on Each Use Case TBD

Security Considerations TBD

IANA Considerations NONE

Acknowledgements The authors would like to thank those that have worked on similar items and/or whom have provided input into this document, especially: Hannes Tschofenig, Henk Birkholz, Heather Flanagan, Kaliya Young, Orie Steele, Leif Johansson, Pamela Dingle, Tobias Looker, Kristina Yasuda, Daniel Fett, Oliver Terbu, and Michael Jones.

Normative References