W3C home > Mailing lists > Public > public-credentials@w3.org > February 2016

Re: Verifiable Claims Telecon Minutes for 2016-02-09

From: Steven Rowat <steven_rowat@sunshine.net>
Date: Mon, 15 Feb 2016 12:32:31 -0800
To: public-credentials@w3.org
Message-ID: <56C235DF.5080109@sunshine.net>
On 2/15/16 10:06 AM, John Tibbetts wrote:
> Hi Steven, I think you’d get a lot of push-back from registrars if
> you asserted that the student is the owner of the student record.

I see that would be a problem.

So I took a step back, and realized that including people and how they 
already interact around BSc and so forth may be a red herring.

The system being designed here should function equally-well if a 
machine is being given a credential (for being able to be safe, or do 
a certain job) -- and a machine might even make that decision, and a 
database might be the final user.

So here's another radical change. How about looking at it from the 
point of view of evidence and statements about evidence. I'll use A, 
B, and C as the actors. Can be people or machines, any of them.

A brings evidence to B. B considers the evidence and decides to issue 
a credential -- the evidence is satisfactory.  At this point:

B declares a credential.
B is a Declarer.

B issues the credential to A to use.
A is a Bearer of the credential.

A takes the credential to C.
C is an Acceptor of the credential.

Thus, Declarer, Bearer, Acceptor.

?

Steven




steven_rowat@sunshine.net> wrote:
>>
>> On 2/15/16 6:54 AM, Dave Longley wrote:
>>> We could do something new with the entire terminology like
>>> "issuing party", "holding party",
>>> "storage/aggregator/curator/agent party", "interested party",
>>> where "interested party" takes over for "consumer".
>>
>> Maybe this too radical to be useful here, but it occurs to me
>> that there's a philosophical argument (at least) that the
>> 'holder' is actually the 'owner'. As follows:
>>
>> If Jane has a university degree, let's say a BSc, issued by let's
>> say MIT, and let's say it was issued ten years ago (just to give
>> a context) --
>>
>> Jane says, in normal human speech with other people: "I have a
>> BSc. It's from MIT."
>>
>> Jane is then the owner of the BSc, in normal, non-specialized
>> human understanding. It's her BSc. The fact that it came from MIT
>> is merely an attribute of her BSc. In fact, usually she wouldn't
>> even mention it. "I have a BSc" would be the more common usage.
>>
>> And in normal human speech, we wouldn't say MIT 'has' or 'owns'
>> Jane's BSc. This is logical, because MIT can only issue a BSc if
>> it's further accredited by a government, or by an association of
>> universities. So MIT is only partially responsible for its power
>> to issue the BSc.
>>
>> But, before this *specific* BSc was issued, it didn't even exist.
>> It was issued so that Jane and only Jane could have it. So, in
>> effect, it wouldn't be surprising to say she owns it, IMO.
>>
>> I see that there are other ways to interpret this, but it has a
>> major advantage of being part of the everyday usage in our
>> society.
>>
>> And if we started from that -- with 'owner' as the central word
>> -- then it might make the privacy implications much clearer also.
>> She also owns what can be done with it, to at least some distance
>> from herself.
>>
>> ?
>>
>> Steven
>>
>>>
>>> The "consumer" is the party that needs trust in the credential
>>> holder in order for it to do something. They are a "relying
>>> party", an "interested party", and sometimes a "service
>>> provider" (but not always). They are the party that wants to
>>> know (and be able to trust) something about another entity (for
>>> some reason). I don't know if any of that helps anyone think of
>>> a better name.
>>>
>>>> Requestor is more accurate in the case where we are talking
>>>> about the entity that is asking the holder for the claim.
>>>
>>> Unfortunately, "requestor" or "recipient" can be confused with
>>> the "holder" because the holder must request a credential be
>>> issued to them from the issuer.
>>>
>>>>
>>>> On Mon, Feb 15, 2016 at 2:20 AM, Adrian Hope-Bailie
>>>> <adrian@hopebailie.com <mailto:adrian@hopebailie.com>>
>>>> wrote:
>>>>
>>>> Verifier seems appropriate given that these are "verifiable"
>>>> claims
>>>>
>>>> On 15 February 2016 at 00:59, Steven Rowat
>>>> <steven_rowat@sunshine.net
>>>> <mailto:steven_rowat@sunshine.net>> wrote:
>>>>
>>>> On 2/14/16 1:44 PM, Manu Sporny wrote:
>>>>
>>>> I'm happy with 'evaluators', but wonder what our colleagues
>>>> in the education industry think? ...[snip]
>>>>
>>>> Credential/Claim Requestor and Credential/Claim Verifier
>>>> could also work?
>>>>
>>>>
>>>> IMO any of Requestor, Verifier, or Evaluator would be
>>>> preferable to Consumer.
>>>>
>>>> Except, Requestor could be confused with 'holder', the
>>>> person/entity asking for the original issuing, since at the
>>>> start they are 'requesting' that a credential be issued for
>>>> them -- which they then take elsewhere to be Evaluated or
>>>> Verified (or, currently, Consumed).
>>>>
>>>> But as you noted, with multiple possible systems in play --
>>>> finance, education, payments, government -- it's going to be
>>>> hard not to cause at least some confusion somewhere.
>>>>
>>>>
>>>> Steven
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> -- -Shane
>>>
>>>
>>
>
>
>
Received on Monday, 15 February 2016 20:32:59 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:27 UTC