W3C home > Mailing lists > Public > public-credentials@w3.org > June 2016

Re: Request for terminology input - consumer/inspector/TBD Credential

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Wed, 08 Jun 2016 14:52:29 +0000
Message-ID: <CAM1Sok1aQ2yoZjGTdxf7XqZYeOhwuBJ+k=zjZNTxnUNv+8gcMA@mail.gmail.com>
To: Dave Longley <dlongley@digitalbazaar.com>, Manu Sporny <msporny@digitalbazaar.com>, Credentials Community Group <public-credentials@w3.org>
NB: Roger Clarke[1] has an array of other considerations here:
http://www.rogerclarke.com/ID/IdModel-1002.html#M  (understanding the scope
of that site is rather extensive).

NB: i'm not part of the IG - so - until that changes, i've dropped it off
the list rather getting a bounced email.

Tim.H.

[1] http://www.xamax.com.au/

On Thu, 9 Jun 2016 at 00:43 Timothy Holborn <timothy.holborn@gmail.com>
wrote:

> ditto about the caveat:  what about 'checkpoint' - it's a check-point, do
> not pass go, do not collect $100, provide your credentials and you may
> pass...
>
> Tim.H.
>
> On Thu, 9 Jun 2016 at 00:36 Dave Longley <dlongley@digitalbazaar.com>
> wrote:
>
>> On 06/07/2016 11:00 PM, Manu Sporny wrote:
>> > We discussed terminology on the Verifiable Claims Task Force call today
>> > and left two things undecided. We really need to get this terminology
>> > straight in order to align the prose in all of the documents. As a first
>> > step, we need to get all of the options on the table.
>> >
>> > -------
>> >
>> > We have a block in our architecture block diagram that is currently
>> > labeled as "inspector":
>> >
>> > http://w3c.github.io/webpayments-ig/VCTF/architecture/architecture.svg
>> >
>> > This is the entity that requests a set of verifiable claims from the
>> > holder and examines them to determine if they are valid for the purposes
>> > of granting access to a particular resource. Naming options include:
>> >
>> > Consumer
>> > Inspector
>> > Reader
>> > Verifier
>> > Receiver
>>
>> I'd like to add "Requester" to the list. I can't say it's my #1 (I
>> apologize for not complying with that particular caveat for new
>> suggestions), but it was offered in the previous call as an alternative
>> so I thought it should be here.
>>
>> When someone visits a website that requires authentication, they will be
>> asked to provide their credentials by this party. So we're talking about
>> the party that is "requesting" a credential/set of claims from the
>> holder. It seems natural that "Requester" should be considered as a
>> possible name. They may not be the same party that does the verification
>> or "inspection" as they may outsource this -- so I feel like it's a
>> better name than "Verifier" or "Inspector".
>>
>> The term "consumer" has caused confusion/trouble for a number of people
>> so I would prefer to find something less controversial.
>>
>> I'm also amenable to reusing an existing term of art, "Relying Party",
>> as offered by David Chadwick. But it is both a positive and a negative
>> that it's an existing term. While it's easy for people who know the term
>> to grasp its purpose quickly, it may bring with it baggage we do not
>> want or it may suggest to people that we're not inventing something new.
>> We moved away from "user centric" for similar reasons, but there was a
>> strong misalignment of definitions there whereas Relying Party closely
>> matches here.
>>
>>
>>
>> --
>> Dave Longley
>> CTO
>> Digital Bazaar, Inc.
>> http://digitalbazaar.com
>>
>>
Received on Wednesday, 8 June 2016 14:53:08 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:29 UTC