Password Manager use case for EDV identifiers
The 21/1/7 meeting was very helpful. Thank you for bearing with me to understand the identifier issues.
To see if I get it, here's one use-case where a secure mobile wallet acting like a common password manager needs confidential storage beyond what it can store and recover locally. This is meant to be the simplest of use-cases. Alice is the only person involved and she does not plan to provide access or delegation to others any more than she would provide access to her mobile wallet / password manager to others.
That said, Alice wants to trust the confidential storage is reliable and accessible from all of the devices she controls that want to host a password manager. Alice also uses a DID to authenticate into her password manager. In case she loses the mobile that hosts her password manager app, Alice wants to be able to recover access to a new mobile device that is initialized with the password manager software and then use the recovery procedure of her DID method along with the plain-text address of her account at the confidential store.
In the sequence below, I'm using the roles (RO, AS, EDV) as described in these slides. This password manager use-case is closest to A4 - New Service Registration.
Sequence 2 - EDV Replication
Sequence 3 - RO Recovery
This sequence is not meant to be an optimal solution. Please improve it.