- From: Michael Herman (Parallelspace) <mwherman@parallelspace.net>
- Date: Thu, 19 Sep 2019 17:42:21 +0000
- To: "daniel.hardman@evernym.com" <daniel.hardman@evernym.com>
- CC: "public-credentials@w3.org" <public-credentials@w3.org>
- Message-ID: <MN2PR13MB26083C5F09026A3B693DC05AC3890@MN2PR13MB2608.namprd13.prod.outlook.com>
Good analysis (as usual š) Daniel,
First, one potential point of confusion is that Iām thinking of a Credential in broad terms:
* A set of Claims (name-value pairs) associated with a Credential ID as well as the ID of the Subject of the Credential
* In this sense, Iām not distinguishing between a Credential and a DID Document ā¦neither physically or from a high-level schema perspective, they essentially look the same:
a set of Claims (name-value pairs)
* A Credential is an actual thing (aka application object) ā¦i.e. an instance of a data structure filled with data values
Letās look at your use cases:
1. the holder receiving the credential for the first time from the issuer
* Itās a fair assumption that the Issuer (before transmission) and the Holder (upon receipt) will need to store the Credential somewhere (e.g. local wallet, private database, etc.).
What are the keys for retrieving/working with these Credentials?
* The Credential will also need to be persisted for transmission and might live in an indexed, intermediate store that is part of the communication protocol.
What are the keys for retrieving/working/inspecting with these Credentials?
2. the holder sharing the credential with a verifier later
* Ditto for the Holder and Verifier (interchanging Verifier for Holder and Holder for Issuer)
3. the holder looking up the credential in their private database, for their own use?
* Ditto for the Holder (essentially the same as use case #1 and #2)
In all 3 use cases, an Agent, or another piece of software, might also need to āinspectā a Credential to determine who the Subject is as well as the scope/subject matter of the Credential (Credential ID, schema identifier, etc.).
So my evolved questions are:
1. How are Credentials uniquely ānamedā or identified? Subject ID only, Credential ID only, or should it be both?
2. Are there any evolving (generic) APIs/protocols for retrieving a Credential (set of Claims) from a store (e.g. a wallet, private database, distributed transaction store, relational database, etc. etc.)
[cid:image002.jpg@01D56EDF.48022480]
Best regards,
Michael Herman
Self-Sovereign Blockchain Architect
Hyperonomy Digital Identity Lab
Parallelspace Corporation
[Trusted Digital Web Certificate 0.1]
From: Daniel Hardman <daniel.hardman@evernym.com>
Sent: September 18, 2019 9:46 PM
To: Michael Herman (Parallelspace) <mwherman@parallelspace.net>
Cc: public-credentials@w3.org
Subject: Re: Verified Credentials: where are the protocols described for retrieving a VC?
When you say "retrieving" a verified credential, are you talking about the holder receiving the credential for the first time from the issuer--or about the holder sharing the credential with a verifier later--or about the holder looking up the credential in their private database, for their own use?
On Wed, Sep 18, 2019 at 8:21 PM Michael Herman (Parallelspace) <mwherman@parallelspace.net<mailto:mwherman@parallelspace.net>> wrote:
Where are the protocols described for retrieving a Verified Credential? For example, at the Technology level, is a VC just the same as a conventional DID Document?
Also, do you only need to know the DID for the VC to be able to retrieve it? ā¦or do you need to know both the DID for the VC as well as the DID for the Subject of the VC?
Best regards,
Michael Herman
Self-Sovereign Blockchain Architect
Hyperonomy Digital Identity Lab
Parallelspace Corporation
[Trusted Digital Web Certificate 0.1]
Attachments
- image/jpeg attachment: image002.jpg
- image/jpeg attachment: image006.jpg
- image/jpeg attachment: image009.jpg
Received on Thursday, 19 September 2019 17:42:49 UTC