What is the process for authorising users to view a profile , attestation or attribute ? Does it involve using the CLI to access the users public key, if so how do I share information prior to user sharing public key?
Hey @adrian.ronayne. This is still subject to change but here’s the current model:
- Public data is public and pointed to by the user’s DNS zone file
- Private data is encrypted but accessible at public endpoints
- Users provision new parties to access private data by updating the multi-party encryption and then sending the URL of the file to the new parties
- Multi-party encryption works by encrypting the file with an asymmetric key and then encrypting the asymmetric key multiple times with all of the public keys of the parties with access
Currently the CLI only has support for public profile data but we’re working on adding support for private data attributes. The same goes for the browser.