W3C home > Mailing lists > Public > public-credentials@w3.org > July 2016

Terminology

From: David Chadwick <d.w.chadwick@kent.ac.uk>
Date: Fri, 29 Jul 2016 15:50:23 +0100
To: W3C Credentials Community Group <public-credentials@w3.org>
Message-ID: <38f970cc-4e94-41dc-ec9c-718e47b708df@kent.ac.uk>
Dear Group

Our documentation says that we need user-centric and privacy-enhancing
credentials (e.g.
https://docs.google.com/document/d/1dYup3KC2nak3LVTzyapr996TKxDj1w5Eyp4g13rQQBA/)
but I cannot find anywhere where we state precisely what we mean by the
terms user-centric and privacy-enhancing in the context of verifiable
credentials. I think it would be a good idea to include these phrases in
our glossary of terms (http://opencreds.org/specs/source/glossary/)
along with our definitions.

So here are my initial proposals for these definitions:

user-centric - the user is in full control of the collection, storage
and use of his/her credentials

privacy-enhancing - the credentials do not reveal any personal
information about the user except that which the user specifically permits

Wrt to the last definition, I have an issue regarding the use of a
unique ID in credentials, and whether this is a correlating handle or
not. If it is, then the recipient could obtain personal information
about the user without his/her express permission, and then the
definition would not be accurate. Comments?

regards

David
Received on Friday, 29 July 2016 14:50:54 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:30 UTC