ereuse/idhub-help
9
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
idhub-help/site/search/search_index.json
leandro@ac.upc.edu fc5c43c2f1 updates to my community
2025-02-21 14:24:12 +01:00

1 line
46 KiB
JSON
Raw Blame History

{"config":{"lang":["en"],"separator":"[\\s\\-]+","pipeline":["stopWordFilter"]},"docs":[{"location":"","title":"Welcome/benvingut/bienvenido","text":"<p>This site, aquest lloc, este sitio: idhub.pangea.org.</p> <p>English | Catalan | Castellano</p>"},{"location":"ca/","title":"Benvingut a IdHub","text":""},{"location":"ca/#per-administradors","title":"Per administradors","text":"<ul> <li>Configureu el vostre compte com a emissor i seleccioneu plantilles de credencials a emetre</li> <li>Pugeu dades (fulls de c\u00e0lcul) per habilitar l'expedici\u00f3 de credencials</li> <li>Gestioneu els usuaris</li> <li>Credencials: vegeu les expedides, la revocaci\u00f3</li> </ul>"},{"location":"ca/#per-usuaris","title":"Per usuaris","text":"<ul> <li>Inicieu la sessi\u00f3 al vostre compte</li> <li>Sol\u00b7liciteu l'expedici\u00f3 de credencials</li> <li>Presenteu una credencial a un portal verificador</li> </ul>"},{"location":"ca/#sobre-nosaltres","title":"Sobre nosaltres","text":""},{"location":"ca/admin/","title":"Vista d'administrador","text":"<p>Aquest \u00e9s el men\u00fa d'administraci\u00f3 despr\u00e9s d'iniciar sessi\u00f3:</p> <p></p> <ul> <li>Acceptar la pol\u00edtica de privacitat del servei d'identitat = les teves dades s\u00f3n teves.</li> <li>Usuaris: Aquells que poden obtenir credencials, es creen autom\u00e0ticament quan se'ls ofereix una credencial.</li> <li>Rols: Definir usuaris amb permisos especials.</li> <li>Credencials: Configura el compte d'administrador de la teva organitzaci\u00f3 com a emissor de credencials.</li> <li>Plantilles: Seleccionar quins tipus de credencials voleu emetre a la teva organitzaci\u00f3.</li> <li>Dades: Puja fitxers (fulls de c\u00e0lcul) per habilitar l'emissi\u00f3 de credencials a persones.</li> </ul>"},{"location":"ca/admin/#credencials-configura-el-compte-administrador-de-la-teva-organitzacio-com-a-emissor-de-credencials","title":"Credencials: Configura el compte administrador de la teva organitzaci\u00f3 com a emissor de credencials","text":"<p>Per defecte, est\u00e0 quasi preparat. Haur\u00e0s de visitar \"Credencials\" i activar la plantilla de credencials amb la que vols emetre m\u00e9s tard.</p> <p>Pots comprovar les teves pr\u00f2pies credencials, utilitzades per signar qualsevol credencial que la teva organitzaci\u00f3 emeti. Es creen autom\u00e0ticament per a tu, per\u00f2 pots canviar-les si vols. Inclouen el teu identificador descentralitzat (DID): el teu nom p\u00fablic (equivalent a la teva adre\u00e7a de correu electr\u00f2nic en l'espai d'identitat). Aquest DID permet als tercers trobar la teva clau p\u00fablica, necess\u00e0ria per verificar qualsevol afirmaci\u00f3 que feu com a organitzaci\u00f3. Pots guardar la teva clau privada, un secret privat necessari per signar credencials per part de la teva organitzaci\u00f3. No compartiu-la mai amb cap tercer, ja que \u00e9s la clau per signar sota el nom de la teva organitzaci\u00f3.</p>"},{"location":"ca/admin/#plantilles-selecciona-quins-tipus-de-credencials-preteneu-emetre-a-la-teva-organitzacio","title":"Plantilles: Selecciona quins tipus de credencials preteneu emetre a la teva organitzaci\u00f3","text":"<p>Aqu\u00ed nom\u00e9s has de seleccionar, entre la llista, quins tipus de credencials (esquema) preteneu emetre a la teva organitzaci\u00f3.</p>"},{"location":"ca/admin/#dades-pujar-fitxers-fulls-de-calcul-per-habilitar-lemissio-de-credencials-a-persones","title":"Dades: Pujar fitxers (fulls de c\u00e0lcul) per habilitar l'emissi\u00f3 de credencials a persones","text":"<p>Pots pujar un full de c\u00e0lcul per habilitar credencials a persones perqu\u00e8 la teva organitzaci\u00f3 pot i vol declarar alguna cosa sobre elles.</p> <p>Tenim una llista de XLSX (fulls de c\u00e0lcul), un per cada tipus de plantilla, llestos perqu\u00e8 els omplis:</p> <ul> <li>Credencial de formaci\u00f3 (LaFede.cat)</li> <li>Compra d'un dispositiu (eReuse.org)</li> <li>Asserci\u00f3 d'operador (eReuse.org)</li> <li>Filiaci\u00f3 federativa (LaFede.cat)</li> <li>Vulnerabilitat financera (XO9B)</li> <li>Targeta de membre (qualsevol organitzaci\u00f3)</li> </ul> <p>Pots incloure una persona per fila, les cel\u00b7les amb un contorn s\u00f3n obligat\u00f2ries, les cel\u00b7les sense contorn s\u00f3n opcionals i es poden deixar buides. Com que el correu electr\u00f2nic \u00e9s un dels valors requerits, un cop carreguis el fitxer, aquests rebran una notificaci\u00f3 per correu electr\u00f2nic. No cal fer res m\u00e9s per part teva despr\u00e9s d'un carregament exit\u00f3s d'un full de c\u00e0lcul amb dades sobre una llista de persones.</p> <p>Amb aquesta notificaci\u00f3 ells poden sol\u00b7licitar la credencial quan vulguin. Rebran un compte a aquest IdHub, com una cartera, on trobaran les credencials habilitades per a ells o ja emeses com a credencials verificables. Poden acudir en qualsevol moment a la seva cartera. Poden fins i tot ignorar la notificaci\u00f3 fins que necessiten la credencial, de vegades durant una visita a un portal web d'altres organitzacions quan se'ls demana que proporcionin una prova verificable d'identitat o volen presentar qualsevol acreditaci\u00f3 que la vostra organitzaci\u00f3 ha preparat sobre ells, com ara per sol\u00b7licitar algun benefici proporcionat per altres organitzacions.</p>"},{"location":"ca/sobre/","title":"Sobre Nosaltres","text":"<p>Benvingut a IdHub, on portem la gesti\u00f3 d'identitats i el servei de credencials a un nou nivell per al sector social i solidari. Creat per l'esfor\u00e7 col\u00b7laboratiu de Pangea.org i UPC.EDU.</p>"},{"location":"ca/sobre/#la-nostra-visio","title":"La nostra visi\u00f3","text":"<p>La nostra visi\u00f3 \u00e9s senzilla: imagina una cartera amb dades d'identitat sobre tu i un conjunt de credencials que aquesta organitzaci\u00f3 t'ha ofert o t'ha donat, que puguis mostrar o enviar a altres organitzacions per demostrar el teu vincle amb aquesta organitzaci\u00f3 o sol\u00b7licitar un benefici derivat de les reclamacions incloses en una credencial que decideixes presentar. Les credencials s\u00f3n teves, tu les controles: tu decideixes quines ofertes vols que se t'expedeixin i s'emmagatzemin a la cartera, tu decideixes quines i quan les presentes a altres.</p>"},{"location":"ca/sobre/#la-nostra-missio","title":"La nostra Missi\u00f3","text":"<p>A IdHub, la nostra missi\u00f3 \u00e9s capacitar les persones i organitzacions amb una plataforma de confian\u00e7a i f\u00e0cil d'usar per gestionar les seves identitats digitals i credencials. Creiem que tothom hauria de tenir el control sobre les seves dades personals i poder accedir i compartir les seves credencials de manera f\u00e0cil quan sigui necessari.</p> <p>T'oferim una \"cartera d'identitat\" basada en web on pots trobar les teves claus i identificadors d'identitat, les credencials que aquesta organitzaci\u00f3 t'ha ofert o signat (expedit) i la possibilitat de presentar-les a terceres organitzacions que poden obtenir els detalls inclosos en una credencial i verificar que tots els detalls provenen amb integritat d'una font confiable.</p>"},{"location":"ca/sobre/#qui-som","title":"Qui Som","text":"<p>IdHub \u00e9s una iniciativa conjunta entre Pangea.org i UPC.EDU, dues organitzacions reconegudes amb una \u00e0mplia experi\u00e8ncia en el camp de la gesti\u00f3 d'identitat digital. Pangea.org \u00e9s una organitzaci\u00f3 global sense \u00e0nim de lucre dedicada a promoure la inclusi\u00f3 digital i capacitar les persones mitjan\u00e7ant la tecnologia. UPC.EDU \u00e9s una universitat l\u00edder en recerca coneguda per la seva experi\u00e8ncia en seguretat de la informaci\u00f3 i privadesa de les dades.</p>"},{"location":"ca/sobre/#la-nostra-experiencia","title":"La nostra Experi\u00e8ncia","text":"<p>Amb un equip de professionals qualificats, combinem l'experi\u00e8ncia de Pangea.org i UPC.EDU per oferir un servei de gesti\u00f3 d'identitat i credencials d'avantguarda. El nostre equip est\u00e0 format per persones del sector social i solidari que tracten de la seguretat de la informaci\u00f3, criptografia, disseny d'experi\u00e8ncia d'usuari, desenvolupament de programari, provisi\u00f3 de serveis web. Ens esforcem cont\u00ednuament per estar a l'avantguarda dels aven\u00e7os tecnol\u00f2gics per assegurar que la nostra plataforma sigui segura, fiable i f\u00e0cil d'usar.</p>"},{"location":"ca/sobre/#innovadors","title":"Innovadors","text":"<p>Oferim suport limitat a les signatures digitals actuals (certificats digitals). Aix\u00f2 s'anomena identitat europea 1.0 (eIDAS1). No obstant aix\u00f2, IdHub se centra en les noves capacitats de l'acordat recentment eIDAS 2 (que s'ha d'aprovar i entrar en vigor el 2024). S'ha de tenir en compte que IdHub \u00e9s un servei experimental i els teus comentaris ens ajuden a millorar l'oferta per satisfer les teves necessitats.</p>"},{"location":"ca/sobre/#com-us-podem-ajudar","title":"Com us podem ajudar","text":"<p>Ja sigui que siguis una persona que vulgui gestionar la teva identitat digital personal o una organitzaci\u00f3 que busqui una soluci\u00f3 robusta de gesti\u00f3 de credencials, IdHub est\u00e0 aqu\u00ed per ajudar-te. La nostra plataforma ofereix una s\u00e8rie de funcionalitats, incloent-hi l'emmagatzematge segur de credencials digitals, la compartici\u00f3 f\u00e0cil i la verificaci\u00f3 de credencials, i la integraci\u00f3 amb altres sistemes d'identitat. Estem compromesos a proporcionar-te una experi\u00e8ncia sense problemes i ajudar-te a prendre el control de la teva identitat digital.</p>"},{"location":"ca/sobre/#contacta-amb-nosaltres","title":"Contacta amb nosaltres","text":"<p>Si tens alguna pregunta, comentari o consulta, no dubtis a posar-te en contacte amb nosaltres. Pots contactar amb el nostre equip de suport a suport@pangea.org o visitar el nostre lloc web a trustchain.pangea.org. Valorem la teva opini\u00f3 i estem sempre a punt per ajudar-te.</p> <p>Esperem poder servir-te i ser el teu soci de confian\u00e7a en la gesti\u00f3 de la teva identitat digital i credencials en el sector social i solidari.</p>"},{"location":"ca/usuari/","title":"Vista de l'usuari","text":"<p>Aquest \u00e9s el men\u00fa d'usuari despr\u00e9s d'iniciar la sessi\u00f3:</p> <p>La primera vegada has d'acceptar les condicions de privacitat. En resum: les teves dades s\u00f3n teves.</p> <p></p> <ul> <li>Les meves dades</li> <li>Mis dades personals</li> <li>Mis funcions</li> <li> <p>Informaci\u00f3 de privacitat</p> </li> <li> <p>La meva carta</p> </li> <li>Les meves identitats</li> <li>Les meves credencials</li> <li>Sol\u00b7licitar una credencial</li> <li>Credencial de presentaci\u00f3</li> </ul>"},{"location":"ca/usuari/#la-meva-informacio","title":"La meva informaci\u00f3","text":"<p>Aqu\u00ed pots consultar la informaci\u00f3 que l'IdHub de la teva organitzaci\u00f3 guarda sobre tu.</p>"},{"location":"ca/usuari/#la-meva-cartera","title":"La meva cartera","text":""},{"location":"ca/usuari/#les-meves-identitats","title":"Les meves identitats","text":"<p>Aqu\u00ed pots veure informaci\u00f3 sobre la teva identitat (anomenada \"identitat descentralitzada\"). Una identitat t\u00e9 una clau privada i una clau p\u00fablica i un identificador descentralitzat (una mena d'adre\u00e7a web).</p> <p>Cada identitat equival a una p\u00e0gina web personal. Tot el m\u00f3n la pot veure, per\u00f2 nom\u00e9s tu pots modificar-la. Aqu\u00ed es tracta de la signatura. La teva clau p\u00fablica permet verificar qualsevol signatura o afirmaci\u00f3 que facis. La teva clau privada et permet generar reclamacions i generar signatures. La teva clau privada \u00e9s la teva identitat, no les comparteixis amb ning\u00fa sota cap situaci\u00f3, ni tan sols amb els operadors d'IdHub. Compartir-la significa deixar que altres actuen com a tu. Equivalent a compartir la contrasenya del teu correu electr\u00f2nic.</p>"},{"location":"ca/usuari/#les-meves-credencials","title":"Les meves credencials","text":"<p>\u00c9s la teva pr\u00f2pia \"cartera d'identitat\". All\u00ed pots trobar dos tipus de credencials: - Credencials habilitades, que ofereix l'administrador de l'organitzaci\u00f3. - Credencials emeses, que has demanat abans per ser signades=emeses i guardades aqu\u00ed.</p> <p>Credencials habilitades o emeses: Pots sol\u00b7licitar que qualsevol credencial habilitada sigui emesa (signada per l'administrador immediatament) en qualsevol moment. Emetre significa que l'organitzaci\u00f3 emissora li afegeix una signatura amb una marca de temps.</p> <p>Pots demanar que s'emeti qualsevol credencial habilitada, signar-la ara, o deixar-la pendent perqu\u00e8 s'emeti (signada) quan la demanin (signada m\u00e9s tard).</p> <p>Quan visitis qualsevol portal de tercers d'EIDAS2, denominat portal verificador, qualsevol altra organitzaci\u00f3 podria sol\u00b7licitar o oferir la possibilitat de presentar una credencial per demostrar la teva identitat o una declaraci\u00f3 registrada a una credencial. En aquest portal podr\u00e0s triar ser redirigit a aquesta cartera web d'identitat, seleccionar quina credencial necessites (ja emesa o emesa in situ), per ser transferit a aquest portal verificador com a presentaci\u00f3 verificable.</p>"},{"location":"ca/usuari/#sollicitar-una-credencial","title":"Sol\u00b7licitar una credencial","text":"<p>Aqu\u00ed pots sol\u00b7licitar l'emissi\u00f3 immediata (signatura) d'una credencial habilitada que tinguis disponible a la teva cartera (oferta per l'administrador d'aquesta organitzaci\u00f3)</p>"},{"location":"ca/usuari/#presentar-credencial","title":"Presentar credencial","text":"<p>Aqu\u00ed pots seleccionar una credencial verificable i una organitzaci\u00f3 de destinaci\u00f3 i la credencial s'enviar\u00e0 immediatament a aquesta organitzaci\u00f3 (si aquesta organitzaci\u00f3 est\u00e0 preparada per rebre-la).</p>"},{"location":"en/","title":"Welcome to IdHub","text":""},{"location":"en/#for-installers","title":"For installers","text":"<p>IdHub needs to be configured to do any meaningful work at your service. Check the Readme to setup the \".env\" file. A working SMTP connection is required to be able to send emails to participants.</p>"},{"location":"en/#for-communities","title":"For communities","text":"<p>A new community, a set of organisations sharing credentials, should agree and publish details about their shared understanding about credentials. These details can be added to IdHub before launch to be used in that community.</p>"},{"location":"en/#for-admins","title":"For admins","text":"<ul> <li>Setup your account as issuer</li> <li>Upload data (spreadsheets) to allow credential issuance</li> <li>Manage users</li> <li>Credentials: see issued, revocation</li> </ul>"},{"location":"en/#for-users","title":"For users","text":"<ul> <li>Enter your account</li> <li>Request credential issuance</li> <li>Present credential to verifier</li> </ul>"},{"location":"en/#about-us","title":"About us","text":""},{"location":"en/about/","title":"About Us","text":"<p>Welcome to IdHub, where we take identity management and credential service to a new level for the social and solidarity sector. </p>"},{"location":"en/about/#our-vision","title":"Our Vision","text":"<p>Our vision is simple: imagine a wallet with identity details about you and a set of credentials this organisation has offered or given to you, that you can show or sent to other organisations to prove your binding to this organisation or apply to a benefit from the claims included in a credential you decide to present. Credentials are yours, you control them: you decide which offered ones you want to be issued and stored in your wallet, you decide which and when to present them to others.</p> <p>We offer you a web-based \"identity wallet\" where you can find your identity keys and identifiers, the credentials this organisation has offered or signed (issued) to you, and the ability to present them to third-party organisations that can get the details included in a credential and verify all details come with integrity from a trusted source.</p>"},{"location":"en/about/#our-team","title":"Our Team","text":""},{"location":"en/about/#the-dreamers","title":"The Dreamers","text":"<p>Our team is made up of members of Pangea.org with the technology support of UPC.EDU. This is an experimental service, and your feedback helps us to improve the offering to suit you needs.</p>"},{"location":"en/about/#the-innovators","title":"The Innovators","text":"<p>We provide some limited support to current digital signatures (digital certificates). This is call European identity 1.0 (eIDAS1). However IdHub is focused on the new capabilities of the recently agreed eIDAS 2 (to be approved and enter into force in 2024).</p>"},{"location":"en/about/#the-support-team","title":"The Support Team","text":"<p>The support team in Pangea is ready to help testing this experimental service.</p>"},{"location":"en/about/#our-commitment","title":"Our Commitment","text":"<p>In Pangea we are committed to delivering this software as a service that is just useful for you. </p>"},{"location":"en/admin/","title":"Admin view","text":"<p>This is the admin menu after starting a session:</p> <p></p> <ul> <li>Accept privacy policy of the indentity service = your data is yours.</li> <li>Users: Those that can get credentials, auto-created when a credential is offered to them</li> <li>Roles: Define users with special permissions</li> <li>Credentials: Setup your organisation admin account as credential issuer</li> <li>Templates: Select which credential types your organisation plans to issue</li> <li>Data: Upload data (spreadsheet) to enable credential issuance to people</li> </ul>"},{"location":"en/admin/#credentials-setup-your-organisation-admin-account-as-credential-issuer","title":"Credentials: Setup your organisation admin account as credential issuer","text":"<p>By default it almost ready. You need to visit \"Credentials\" and activate the credential template you want to issue later.</p> <p>You can check you own credentials, used to sign any credential your organisation will issue. These are created automatically for you but you can change them if you want to. They include your decentralized identifier (DID): your public name (equivalent to your email address in the identity space). This DID allows third parties to find you public key, needed to verify any claim you make. You can save your private key, a private secret required to sign credentials by your organisation. Never share it with any third party as it is the key to sign under your name (of your organisation).</p>"},{"location":"en/admin/#templates-select-which-credential-types-your-organisation-plans-to-issue","title":"Templates: Select which credential types your organisation plans to issue","text":"<p>Here you just have to select, among the list, which credential types (schema) your organisation intends to issue. </p>"},{"location":"en/admin/#data-upload-data-spreadsheet-to-enable-credential-issuance-to-people","title":"Data: Upload data (spreadsheet) to enable credential issuance to people","text":"<p>You can upload a spreadsheet to enable credentials to people because your organisation was to claim something about them. </p> <p>We have a list of XLSX (spreadsheets), one per template type, ready for you to be filled in:</p> <ul> <li>Course credential (LaFede.cat)</li> <li>Device purchase (eReuse.org)</li> <li>e-operator claim (eReuse.org)</li> <li>Federation membership (LaFede.cat)</li> <li>Financial vulnerability (XO9B)</li> <li>Membership card (any org)</li> </ul> <p>You can include one person per row, cells with an outline border are mandatory, cells without outline are optional so can be left empty. As email is one of the required values, once you upload it they will receive an email notification. You are done with your part after a successful upload of a spreadsheet with data about a list of people.</p> <p>With that notification they will be able to request the credential any time they need it. They will get an account in this IdHub, as a wallet, where they'll find the credentials enabled for them or already issued as verifiable credentials. They can come at any time to their wallet. They can even ignore the notification until the need the credential, sometimes during a visit to a web portal from other organisations when they are requested to provide a verifiable proof of identification or they want to present any claim your organisation has made about them, such as to apply to some benefit provided by the target organisations.</p>"},{"location":"en/community/","title":"A new community","text":"<p>Let\u2019s imagine a community of organisations that want to exchange verifiable credentials (VC): the NGO federation in Uqbar (a fantastic country from J. L. Borges literature). There will be five roles:</p> <ol> <li>Trusted authority organisations (TAO): the governmental entities with authority to recognise legal actors in Uqbar.</li> <li>Trusted Issuers (TI): NGOs that relate to people as employees, members or beneficiaries. They can receive credentials from any of these NGO as a credentialSubject.</li> <li>Holders: citizens or organisations that can hold credentials. They hold them in their private wallet.</li> <li>Verifiers: organisations that can accept the presentation of credentials from subjects wich are interested in any benefit from verifiers (e.g. access or discount). The information in these credentials about these holders/credentialSubjects come from issuers, which may be accredited or recognised as such by trusted authority (Uqbar government).</li> <li>Public registries: where identifiers (DID), schemas, accreditations, VC issuance are registered. This registry is a trusted third-party, reachable to all, stores minimal data, and replicated to avoid data or service loss or tampering.</li> </ol> <p>This is the scenario according to EBSI, derived from the W3C model for VC: </p> <p>Ideally, the Friends of Uqbar (FoU) organisation receives a NGO paper accreditation and a VC (c1) after registration from Uqbar's tax authority, and a NGO federation (NGOF) member VC (c2). These two credentials are deposited in a public digital registry. These VC allow FoU to operate as NGO in Uqbar.</p> <p>The NGO federation can agree with Uqbar's education ministry on an accreditation for certain degrees and the fields to include in a training VC for all their member organisations. These diplomas comply with the schema of any training diploma in Uqbar (include data fields, required or optional, defined the education ministry) and those defined by NGOF for their courses. The NGO federation receives an accreditation from the Ministry of Education, and issues another accreditation to all member NGOs that pass a training course and qualify as training actors and therefore diploma issuers to trainees.</p> <p>Vulnerable Smith is a beneficiary person of FoU. FoU knows well his situation and receives in his ID wallet a VC (c10) as beneficiary signed by FoU. In that VC it details he passed a training course and is qualified to work as a blacksmith operator. The issuance of that VC (minimal details, at least its unique ID) is registered in a public registry.</p> <p>V. Smith applies for a job in the Iron for good (IfG) NGO. He has to fill in a web form for that but furthermore he can present IfG the VC with his professional qualification. </p> <p>In summary, we have these organisations:</p> <ul> <li> <p>TAO: tax authority, education ministry, NGO federation</p> </li> <li> <p>Trusted issuer: FoU</p> </li> <li> <p>Credential subject: V. Smith citizen</p> </li> <li> <p>Verifier: IfG</p> </li> </ul> <p>The list of credentials (VC accreditations):</p> <ul> <li> <p>c1: As a registered org, issued by Tax authority to FoU.</p> </li> <li> <p>c2: As a registered NGO, issued by NGOF to FoU.</p> </li> <li> <p>c10: As a beneficiary subject, issued by FoU to V. Smith</p> </li> </ul> <p>The web form details may not be trusted but the presented VC (c10) by V. Smith to IfG is verifiable:</p> <ul> <li> <p>The presentation act (of c10) by V. Smith (from his wallet) is signed by the applicant (V. Smith). </p> </li> <li> <p>The details included (in c10) are about V. Smith himself as credentialSubject, are signed by the issuer (FoU). </p> </li> <li> <p>The issuer, FoU, has other credentials issued by Uqbar's tax office (c1) and NGOF (in c2) with FoU as credentialSubject, that confirm that FoU is a valid/accredited issuer for a beneficiary VC.</p> </li> <li> <p>These credentials (c1, c2, c10) are registered in the public registry. </p> </li> <li> <p>All actors who trust Uqbar's government will also trust all these credentials (chain of trust).</p> </li> <li> <p>VC issuers can always revoke credentials if they change their mind (e.g. V. Smith is proven to cheat in the revision of the final exam) by adding his training credential (c10) to the VC revocation list in the public registry. The same can apply for FoU for any wrongdoing by FoU, with their VC (c2) revocation. </p> </li> <li> <p>VC do not ring home. Since all verifications rely on actor and credential identifiers that are stored in the public registry, FoU never knows, is never contacted, by employers so does not need to know if V. Smith used the credential or not and which employers he contacted.</p> </li> <li> <p>The standardisation of the fields, their meaning, types and correct values, required and optional ensures any of the associated VC can be used, are well understood and recognised by any actor in Uqbar.</p> </li> <li> <p>Any actor in Uqbar has a unique identifier (the decentralized identifier or DID) and two keys associated. The public key, that can be deducted (looked up) from the actor's DID, and the private, that as the name says is never shared by an actor. A signature string generated by the private key can be verified by anyone using that actor's public key. Therefore my address is my DID, that leads to find my public key. My identity consists on holding my private key. Sharing my identity is too risky as I am sharing my identity too: another actor can act as me (my DID) publicly.</p> </li> </ul>"},{"location":"en/community/#a-community-agrees-and-publishes-about-their-credentials","title":"A community agrees and publishes about their credentials","text":"<p>For NGO community members, to issue training credentials for vulnerable citizens, they have first to publish a set of documents with several agreed upon details about their training credentials for public awareness:</p>"},{"location":"en/community/#context","title":"Context:","text":"<p>(check ./context folder) The terms used to refer to credential fiels: the context (vocabulary or terms for fields) for credentials issued by that community: which terms are agreed upon and which definitions to avoid misunderstandings: For instance: course credential.</p> <p>Let\u2019s take \"firstName\": \"https://idhub.pangea.org/tree/release/context/#firstName\u201d \u201cfirstName\u201d is the term of that vocabulary and \"https://idhub.pangea.org/context/#firstName\u201d is the unique identifier given to that definition. It looks like a URL but doesn\u2019t need to work as such. </p> <p>It allows for the detection of different interpretations when these identifiers differ. For instance, \u201cfirstName\u201d with ID \u201chttps://libraries.org/context/#firstName\u201d may not accept the same values as the previous, even if the term is the same since namespaces are different and each community can have their specific definitions and expectations. Not in this case, but if these identifiers work as Web URLs, a visit to that URL on a web browser could bring a web page that describes that term for humans in more detail: precise definition, meanings, possible values, etc.</p>"},{"location":"en/community/#schemas","title":"Schemas:","text":"<p>(check ./schemas folder) The credential schema for that credential defines the correct structure, fields, and values, with mandatory and optional fields and possible values, including type and syntax. It allows checking whether a given credential instance is valid or not broken before being processed. For instance: course credential.</p>"},{"location":"en/community/#templates","title":"Templates:","text":"<p>(check ./idhub/templates/credentials folder) The credential template for that credential is a generic credential with placeholders for each possible value. For instance: course credential.</p>"},{"location":"en/community/#spreadsheet","title":"Spreadsheet:","text":"<p>(check ./examples/excel_examples folder) Once the credential template is ready, there is need (IdHub developers have a Python script to generate that automatically, will soon be published) that generates a spreadsheet template from most fields in the credential template: an empty XLSX spreadsheet that includes as many columns as credential fields, both mandatory and optional, the comments in each column for each field, the corresponding cell format for the column cells according to what is specified to facilitate data import. For instance: course credential.</p>"},{"location":"en/community/#in-summary","title":"In summary","text":"<p>As you can see, communities should agree and publish details about the credentials they are going to use and exchange. NGO members can issue these credentials, and third parties, verifier organisation, can accept these since they can understand the content, given all details about them are public and clear. Others can verify the credential integrity from the signature by an NGO member given its DID, and that the issuer DID corresponds to an accredited member of the NGO federation, and even registered in Uqbar's government. These accreditations are also VC issued by TAO to TI organisations. </p> <p>For that reason, we don\u2019t have a UI in IdHub to add support for new credential types, but once there is a public community agreement on context, schema and templates, these files can be included in the IdHub's corresponding folders, and even an model (with no subject's data) spreadsheet can be generated with a clear structure to fill in and issue on IdHub any number of these credentials at once.</p> <p>IdHub relies on sending email invites for credential issuance, therefore an email address is a key initial requirement for any actor to use IdHub, among others required during installation. Then, IdHub generates a DID, public key, private key, and can issue VCs to that actor. </p> <p>One current limitation of IdHub is that each issuer organisation creates a wallet to their VC holders. Therefore, a person related to multiple issuer organisations has as many separate web wallets. We plan to address that limitation soon with you contributions to further development to allow for a single wallet per person. Thanks in advance!</p>"},{"location":"en/user/","title":"User view","text":"<p>This is the user menu after login:</p> <p>The first time you need to accept the privacy terms. In summary: your data is yours.</p> <p></p> <ul> <li>My information</li> <li>My personal information</li> <li>My roles</li> <li> <p>Privacy information</p> </li> <li> <p>My wallet</p> </li> <li>My identities</li> <li>My credentials</li> <li>Request a credential</li> <li>Present credential</li> </ul>"},{"location":"en/user/#my-information","title":"My information","text":"<p>Here you can check information about you that the IdHub of your organisation keeps about you.</p>"},{"location":"en/user/#my-wallet","title":"My wallet","text":""},{"location":"en/user/#my-identities","title":"My identities","text":"<p>Here you can see information about your identity (so called \"decentralised identity\"). An identity is composed by a private key, a public key, and a decentralized identifier (a kind of a web address).</p> <p>Each identity is equivalent to a personal web page. Everyone can see it but only you can modify it. Here is about signing. Your public key allows to verify any signature or claim you make. Your private key allows you to generate claims and generate signatures. You private key is your identity, do no share it with anyone under any situation, not even with the operators of IdHub. Sharing it means letting others acts as you. Just like sharing the password of your email.</p>"},{"location":"en/user/#my-credentials","title":"My credentials","text":"<p>This is your own \"indentity wallet\". There you can find two types of credentials: - Enabled credentials, offered by the organisation administrator to you. - Issued credentials, that you requested before to be signed=issued and are kept here.</p> <p>Enabled or issued credentials: You can request any enabled credential to be issued (signed by the administrator immediately) at any time. Issuance means the issuer organization adds a signature to it with a timestamp. </p> <p>You can either request any enabled credential to be issued, signed now, or left there to be issued (signed) whenever one is needed (signed later).</p> <p>When you visit any EIDAS2 third-party portal, called a verifier portal, any third-party organisation may request or offer you the ability to present a credential to prove your identity or a claim recorded in a credential. In that portal you'll be able to choose to get redirected to this identity web wallet, choose which credential you need (already issued or issued on the spot), to be transferred to that verifier portal as a verifiable presentation.</p>"},{"location":"en/user/#request-a-credential","title":"Request a credential","text":"<p>Here you can request the immediate issuance (signature) of an enabled credential you have in your wallet (offered by this organisation administrator)</p>"},{"location":"en/user/#present-credential","title":"Present credential","text":"<p>Here you can select a verifiable credential and a target organisation and the credential will be sent immediately to that organisation (if that organisation is prepared to receive it).</p>"},{"location":"es/","title":"Bienvenido a IdHub","text":""},{"location":"es/#para-administradores","title":"Para administradores","text":"<ul> <li>Configura tu cuenta como emisor</li> <li>Sube datos (hojas de c\u00e1lculo) para permitir la emisi\u00f3n de credenciales</li> <li>Administra usuarios</li> <li>Credenciales: ver emitidas, revocaci\u00f3n</li> </ul>"},{"location":"es/#para-usuarios","title":"Para usuarios","text":"<ul> <li>Ingresa a tu cuenta</li> <li>Solicita la emisi\u00f3n de credenciales</li> <li>Presenta credenciales a verificador</li> </ul>"},{"location":"es/#acerca-de-nosotros","title":"Acerca de nosotros","text":""},{"location":"es/acerca/","title":"Acerca de Nosotros","text":"<p>Bienvenido a IdHub, donde traemos la gesti\u00f3n de identidades y el servicio de credenciales a un nuevo nivel para el sector social y solidario. Creado por el esfuerzo colaborativo de Pangea.org y UPC.EDU.</p>"},{"location":"es/acerca/#nuestra-vision","title":"Nuestra visi\u00f3n","text":"<p>Nuestra visi\u00f3n es sencilla: imagina una cartera con datos de identidad sobre ti y un conjunto de credenciales que esta organizaci\u00f3n te ha ofrecido o te ha dado, que puedas mostrar o enviar a otras organizaciones para demostrar tu v\u00ednculo con esa organizaci\u00f3n o solicitar un beneficio derivado de las reclamaciones incluidas en una credencial que decides presentar. Las credenciales son tuyas, t\u00fa las controlas: t\u00fa decides qu\u00e9 ofertas quieres que se te expidan y se almacenen en la cartera, t\u00fa decides cu\u00e1les y cu\u00e1ndo las presentas a otras.</p>"},{"location":"es/acerca/#nuestra-mision","title":"Nuestra Misi\u00f3n","text":"<p>En IdHub, nuestra misi\u00f3n es capacitar a las personas y organizaciones con una plataforma de confianza y f\u00e1cil de usar para manejar sus identidades digitales y credenciales. Creemos que todo el mundo deber\u00eda tener el control sobre sus datos personales y poder acceder y compartir sus credenciales de forma f\u00e1cil cuando sea necesario.</p> <p>Te ofrecemos una \"cartera de identidad\" basada en web en la que puedes encontrar tus claves e identificadores de identidad, las credenciales que esta organizaci\u00f3n te ha ofrecido o firmado (expedido) y la posibilidad de presentarlas a terceros organizaciones que pueden obtener los detalles incluidos en una credencial y verificar que todos los detalles proceden con integridad de una fuente confiable.</p>"},{"location":"es/acerca/#quienes-somos","title":"Qui\u00e9nes Somos","text":"<p>IdHub es una iniciativa conjunta entre Pangea.org y UPC.EDU, dos organizaciones reconocidas con amplia experiencia en el campo de la gesti\u00f3n de identidad digital. Pangea.org es una organizaci\u00f3n global sin \u00e1nimo de lucro dedicada a promover la inclusi\u00f3n digital y capacitar a las personas mediante la tecnolog\u00eda. UPC.EDU es una universidad l\u00edder en investigaci\u00f3n conocida por su experiencia en seguridad de la informaci\u00f3n y privacidad de los datos.</p>"},{"location":"es/acerca/#nuestra-experiencia","title":"Nuestra Experiencia","text":"<p>Con un equipo de profesionales cualificados, combinamos la experiencia de Pangea.org y UPC.EDU para ofrecer un servicio de gesti\u00f3n de identidad y credenciales de vanguardia. Nuestro equipo est\u00e1 formado por personas del sector social y solidario que tratan de la seguridad de la informaci\u00f3n, criptograf\u00eda, dise\u00f1o de experiencia de usuario, desarrollo de software, provisi\u00f3n de servicios web. Nos esforzamos continuamente por estar a la vanguardia de los avances tecnol\u00f3gicos para asegurar que nuestra plataforma sea segura, fiable y f\u00e1cil de usar.</p>"},{"location":"es/acerca/#innovadores","title":"Innovadores","text":"<p>Ofrecemos soporte limitado a las firmas digitales actuales (certificados digitales). Esto se llama identidad europea 1.0 (eIDAS1). Sin embargo, IdHub se centra en las nuevas capacidades de lo acordado recientemente eIDAS 2 (que debe aprobarse y entrar en vigor en 2024). Debe tenerse en cuenta que IdHub es un servicio experimental y tus comentarios nos ayudan a mejorar la oferta para satisfacer tus necesidades.</p>"},{"location":"es/acerca/#como-podemos-ayudarle","title":"C\u00f3mo Podemos Ayudarle","text":"<p>Ya sea que seas una persona que quiera gestionar tu identidad digital personal o una organizaci\u00f3n que busque una soluci\u00f3n robusta de gesti\u00f3n de credenciales, IdHub est\u00e1 aqu\u00ed para ayudarte. Nuestra plataforma ofrece una serie de funcionalidades, incluyendo el almacenamiento seguro de credenciales digitales, la f\u00e1cil compartici\u00f3n y la verificaci\u00f3n de credenciales, y la integraci\u00f3n con otros sistemas de identidad. Estamos comprometidos a proporcionarte una experiencia sin problemas y ayudarte a tomar el control de su identidad digital.</p>"},{"location":"es/acerca/#contactanos","title":"Cont\u00e1ctanos","text":"<p>Si tienes alguna pregunta, comentario o consulta, no dudes en ponerte en contacto con nosotros. Puedes contactar con nuestro equipo de soporte a suport@pangea.org o visitar nuestro sitio web en trustchain.pangea.org. Valoramos tu opini\u00f3n y estamos siempre listos para ayudarte.</p> <p>Esperamos poder servirte y ser tu socio de confianza en la gesti\u00f3n de tu identidad digital y credenciales en el sector social y solidario.</p>"},{"location":"es/admin/","title":"Vista de administrador","text":"<p>Este es el men\u00fa de administraci\u00f3n despu\u00e9s de iniciar sesi\u00f3n:</p> <p></p> <ul> <li>Aceptar la pol\u00edtica de privacidad del servicio de identidad = tus datos son tuyos.</li> <li>Usuarios: Aquellos que pueden obtener credenciales, se crean autom\u00e1ticamente cuando se les ofrece una credencial.</li> <li>Roles: Definir usuarios con permisos especiales.</li> <li>Credenciales: Configura la cuenta de administrador de tu organizaci\u00f3n como emisor de credenciales.</li> <li>Plantillas: Seleccionar qu\u00e9 tipos de credenciales desea emitir en tu organizaci\u00f3n.</li> <li>Datos: Sube archivos (hojas de c\u00e1lculo) para habilitar la emisi\u00f3n de credenciales a personas.</li> </ul>"},{"location":"es/admin/#credenciales-configura-la-cuenta-administradora-de-tu-organizacion-como-emisora-de-credenciales","title":"Credenciales: Configura la cuenta administradora de tu organizaci\u00f3n como emisora de credenciales","text":"<p>Por defecto est\u00e1 casi preparado. Tendr\u00e1s que visitar \"Credenciales\" y activar la plantilla de credenciales con la que quieres emitir m\u00e1s tarde.</p> <p>Puedes comprobar tus propias credenciales, utilizadas para firmar cualquier credencial que tu organizaci\u00f3n emita. Se crean autom\u00e1ticamente para ti, pero puedes cambiarlas si lo deseas. Incluyen tu identificador descentralizado (DID): tu nombre p\u00fablico (equivalente a su direcci\u00f3n de correo electr\u00f3nico en el espacio de identidad). Este DID permite a los terceros encontrar tu clave p\u00fablica, necesaria para verificar cualquier afirmaci\u00f3n que haga como organizaci\u00f3n. Puedes guardar tu clave privada, un secreto privado necesario para firmar credenciales por tu organizaci\u00f3n. No la compartas nunca con ning\u00fan tercero ya que es la clave para firmar bajo el nombre de tu organizaci\u00f3n.</p>"},{"location":"es/admin/#plantillas-selecciona-que-tipos-de-credenciales-pretende-emitir-en-tu-organizacion","title":"Plantillas: Selecciona qu\u00e9 tipos de credenciales pretende emitir en tu organizaci\u00f3n","text":"<p>Aqu\u00ed s\u00f3lo tienes que seleccionar, entre la lista, qu\u00e9 tipos de credenciales (esquema) pretendes emitir en tu organizaci\u00f3n.</p>"},{"location":"es/admin/#datos-subir-archivos-hojas-de-calculo-para-habilitar-la-emision-de-credenciales-a-personas","title":"Datos: Subir archivos (hojas de c\u00e1lculo) para habilitar la emisi\u00f3n de credenciales a personas","text":"<p>Puedes subir una hoja de c\u00e1lculo para habilitar credenciales a personas, porque tu organizaci\u00f3n puede y quiere declarar algo sobre ellas.</p> <p>Tenemos una lista de XLSX (hojas de c\u00e1lculo), una por cada tipo de plantilla, listas para que las llenes:</p> <ul> <li>Credencial de formaci\u00f3n (LaFede.cat)</li> <li>Compra de un dispositivo (eReuse.org)</li> <li>Aserci\u00f3n de operador (eReuse.org)</li> <li>Membres\u00eda federativa (LaFede.cat)</li> <li>Vulnerabilidad financiera (XO9B)</li> <li>Tarjeta de miembro (cualquier organizaci\u00f3n)</li> </ul> <p>Puedes incluir a una persona por fila, las celdas con contorno son obligatorias, las celdas sin contorno son opcionales y se pueden dejar vac\u00edas. Puesto que el correo electr\u00f3nico es uno de los valores requeridos, una vez cargas el archivo, \u00e9stos recibir\u00e1n una notificaci\u00f3n por correo electr\u00f3nico. No hace falta hacer nada m\u00e1s por tu parte despu\u00e9s de una carga exitosa de una hoja de c\u00e1lculo con datos sobre una lista de personas.</p> <p>Con esta notificaci\u00f3n ellos pueden solicitar la credencial cuanto quieran. Recibir\u00e1n una cuenta en este IdHub, como una cartera, donde encontrar\u00e1n las credenciales habilitadas para ellos o ya emitidas como credenciales verificables. Pueden acudir en cualquier momento a su cartera. Pueden incluso ignorar la notificaci\u00f3n hasta que necesitan la credencial, a veces durante una visita a un portal web de otras organizaciones cuando se les pide que proporcionen una prueba verificable de identidad o quieran presentar cualquier acreditaci\u00f3n que su organizaci\u00f3n ha preparado sobre ellos, tales como solicitar alg\u00fan beneficio proporcionado por otras organizaciones.</p>"},{"location":"es/usuario/","title":"Vista de usuario","text":"<p>Este es el men\u00fa de usuario despu\u00e9s de iniciar sesi\u00f3n:</p> <p>La primera vez tienes que aceptar las condiciones de privacidad. En resumen: tus datos son tuyos.</p> <p></p> <ul> <li>Mis datos</li> <li>Mis datos personales</li> <li>Mis funciones</li> <li> <p>Informaci\u00f3n de privacidad</p> </li> <li> <p>Mi cartera</p> </li> <li>Mis identidades</li> <li>Mis credenciales</li> <li>Solicitar una credencial</li> <li>Presentar credencial</li> </ul>"},{"location":"es/usuario/#mi-informacion","title":"Mi informaci\u00f3n","text":"<p>Aqu\u00ed puedes consultar la informaci\u00f3n que el IdHub de tu organizaci\u00f3n guarda sobre ti.</p>"},{"location":"es/usuario/#mi-cartera","title":"Mi cartera","text":""},{"location":"es/usuario/#mis-identidades","title":"Mis identidades","text":"<p>Aqu\u00ed puedes ver informaci\u00f3n sobre tu identidad (la llamada \"identidad descentralizada\"). Una identidad se compone de una clave privada, una clave p\u00fablica y un identificador descentralizado (una especie de direcci\u00f3n web).</p> <p>Cada identidad equivale a una p\u00e1gina web personal. Todo el mundo puede verla, pero s\u00f3lo t\u00fa puedes modificarla. Aqu\u00ed se trata de la firma. Tu clave p\u00fablica permite verificar cualquier firma o afirmaci\u00f3n que hagas. Tu clave privada te permite generar reclamaciones y generar firmas. Tu clave privada es tu identidad, no la compartas con nadie bajo ninguna situaci\u00f3n, ni siquiera con los operadores de IdHub. Compartirla significa dejar que otros act\u00faen como t\u00fa. Igual que compartir la contrase\u00f1a de tu correo electr\u00f3nico.</p>"},{"location":"es/usuario/#mis-credenciales","title":"Mis credenciales","text":"<p>Esta es tu propia \"cartera de identidad\". All\u00ed puedes encontrar dos tipos de credenciales: - Credenciales habilitadas, que te ofrece el administrador de la organizaci\u00f3n. - Credenciales emitidas, que solicitaste antes que se firmaran=emitieran y se guardan aqu\u00ed.</p> <p>Credenciales habilitadas o emitidas: Puedes solicitar que cualquier credencial habilitada sea emitida (firmada por el administrador inmediatamente) en cualquier momento. Emitir significa que la organizaci\u00f3n emisora le a\u00f1ade una firma con una marca de tiempo. </p> <p>Puedes solicitar que se emita cualquier credencial habilitada, firmada ahora, o dejarla ah\u00ed para que se emita (firmada) cuando se necesite (firmada m\u00e1s tarde).</p> <p>Cuando visites cualquier portal de terceros de EIDAS2, denominado portal verificador, cualquier organizaci\u00f3n de terceros podr\u00e1 solicitarte u ofrecerte la posibilidad de presentar una credencial para demostrar tu identidad o una declaraci\u00f3n registrada en una credencial. En ese portal podr\u00e1s elegir ser redirigido a este monedero web de identidad, elegir qu\u00e9 credencial necesitas (ya emitida o emitida in situ), para ser transferida a ese portal verificador como presentaci\u00f3n verificable.</p>"},{"location":"es/usuario/#solicitar-una-credencial","title":"Solicitar una credencial","text":"<p>Aqu\u00ed puede solicitar la emisi\u00f3n inmediata (firma) de una credencial habilitada que tenga en su monedero (ofrecida por el administrador de esta organizaci\u00f3n)</p>"},{"location":"es/usuario/#presentar-credencial","title":"Presentar credencial","text":"<p>Aqu\u00ed puedes seleccionar una credencial verificable y una organizaci\u00f3n de destino y la credencial se enviar\u00e1 inmediatamente a esa organizaci\u00f3n (si esa organizaci\u00f3n est\u00e1 preparada para recibirla).</p>"}]}
Reference in a new issue View git blame Copy permalink