- From: David Chadwick <d.w.chadwick@kent.ac.uk>
- Date: Fri, 29 Jul 2016 15:50:23 +0100
- To: W3C Credentials Community Group <public-credentials@w3.org>
Dear Group Our documentation says that we need user-centric and privacy-enhancing credentials (e.g. https://docs.google.com/document/d/1dYup3KC2nak3LVTzyapr996TKxDj1w5Eyp4g13rQQBA/) but I cannot find anywhere where we state precisely what we mean by the terms user-centric and privacy-enhancing in the context of verifiable credentials. I think it would be a good idea to include these phrases in our glossary of terms (http://opencreds.org/specs/source/glossary/) along with our definitions. So here are my initial proposals for these definitions: user-centric - the user is in full control of the collection, storage and use of his/her credentials privacy-enhancing - the credentials do not reveal any personal information about the user except that which the user specifically permits Wrt to the last definition, I have an issue regarding the use of a unique ID in credentials, and whether this is a correlating handle or not. If it is, then the recipient could obtain personal information about the user without his/her express permission, and then the definition would not be accurate. Comments? regards David
Received on Friday, 29 July 2016 14:50:54 UTC