W3C home > Mailing lists > Public > public-credentials@w3.org > June 2016

Re: Updated Verifiable Claims Use Cases document

From: Shane McCarron <shane@spec-ops.io>
Date: Wed, 22 Jun 2016 11:47:19 -0500
Message-ID: <CAJdbnOAQfnH4jmx3aCAAKJQ_rEg-R=AQK7eN09w2G-97oq0A5w@mail.gmail.com>
To: Steven Rowat <steven_rowat@sunshine.net>
Cc: Credentials Community Group <public-credentials@w3.org>
I pushed an update to the use cases document that reintegrates those
scenarios.  I massaged the Anna scenario so that it flowed more cleanly
with the existing KYC scenario in F.1.

On Wed, Jun 22, 2016 at 10:49 AM, Shane McCarron <shane@spec-ops.io> wrote:

> Comments inline:
> On Wed, Jun 22, 2016 at 10:17 AM, Steven Rowat <steven_rowat@sunshine.net>
> wrote:
>> On 6/22/16 5:21 AM, Shane McCarron wrote:
>>> Thanks to a bunch of people for chiming in on the use cases.  Most
>>> people agreed that the use case scenarios we had were sufficient
>>> (although we were missing a few - added now).  The biggest set of
>>> comments was about presentation and organization.  So I, with the help
>>> of many others, have reorganized the document to be more about users
>>> and how they will benefit.
>>> You can see the latest (and hopefully stable) version
>>> at http://w3c.github.io/webpayments-ig/VCTF/use-cases/
>>> I do not plan to make any further edits to this document prior to the
>>> meeting on 1 July (unless someone points out an embarrassing typo!).
>>> I look forward to your feedback.  Feel free to use the github issue
>>> tracker.
>> The new organization seems to improve it greatly, IMO.
>> Except: I'm puzzled to see that the interesting
>> whistleblowing/pseudonymity use-case in the previous version of the
>> document has been removed. It was listed under "Social Authority", about
>> the journalist who wanted to publish information without revealing their
>> real name.
>> I'm curious whether this was a policy decision? And if so, was it more
>> that 'it's not important enough', or that 'it's important but we won't
>> mention it for X reason'? If the former, I disagree; if the latter, I'd
>> like to know the reason.
> Hmm.   Neither.  In fact, I didn't know I dropped any scenarios from the
> document.  I just did a complete walk through of the document.  There were
> two scenarios that fell through the cracks:
> "Freedom?" is an online forum that encourages free discussion about issues
> controversial in Freedonia. The forum allows users to register anonymous
> accounts, but it also allows users to obtain badges based upon real world
> certifications. Paula has been certified as an aid worker, and wishes that
> information to be marked on her posts. She shares her certificate with the
> forum, but limits it to only verifying that she is the holder of the
> certificate, that she is the subject of it, and that she is an aid worker.
> In this way she maintains her anonymity in this controversial forum while
> still being able to assist her fellow countrymen.
> and
> Anna is opening an account at a bank in Finland. As part of that process,
> the bank asks her to provide two from a variety of possible sources to
> confirm her identity - a so called "Know Your Customer" check. She selects
> claims that confirm she receives postal mail at a certain address and that
> she has a national ID card. Confirming these allows the bank to open her
> account and be confident in her identity when she conducts transactions.
> Both of these have value... I will see where I can slot them (back) in.
> While this is a substantive change, it is not introducing new material (or
> at least not material that wasn't there yesterday) so I am going to call it
> editorial+.
>> Also, I'd like to know if this pseudonymity capability is still
>> envisioned to exist in the data model as a whole? Specifically, is there
>> anything that would prevent a holder from registering an "Identity Profile"
>> under a name that was not their legal name, and yet associating verifiable
>> credentials such as professional credentials, proof that they've published
>> certain public documents in the past, etc.  Or, to put it in the positive:
>> does it still appear possible to do this? (I've assumed to this point that
>> it was).
> Of course.  Anyone can create anything they want.  That's sort of the
> whole point.  Now when you get down to trust... obviously there are a
> number of problems with attempting to use an "identity profile" that is not
> legitimate for any sort of official purpose.  For example. my profile that
> describes me as Elmer Fudd will get me into a local Anime convention, but
> is unlikely to allow me to open a bank account.
>> Two other points about the document as a whole.
>> One -- too late to change probably, but I'll note -- one type of
>> important User Need overall category that I believe could have been
>> provided in section 3 is Publishing, which is a large industry that is
>> undergoing a revolution as it moves online. To some degree it's included
>> under "Professional Credentials -> Social Authority"  (or it used to be, in
>> the previous version), but I think this doesn't give it enough status
>> relative to its  social prominence. Publishing would include professionals
>> writing books, journalists, fiction authors, music publishers, bloggers,
>> and so on. I guess it's sort of a cross between the categories you have of
>> "Retail" and "Social Authority", and IMO it's something that could
>> explosively expand -- particularly if the combination of Web Payments and
>> Credentials are worked out as a universal standard that supports it.
> Thanks - that's good input.  It is unlikely that I can do anything
> significant about it for this version, but I expect a revision or two
> before handing off to a potential Working Group later this year.  So that's
> the right time to increase the profile of other verticals.
>> Second, it would be nice if there could be prominent links in the
>> document to the other documents in the suite. For example, I wanted to jump
>> to the data model to check something (from the Use Cases), and couldn't
>> find a way and ended up searching through emails for the last announcement,
>> and found:
>> w3c.github.io/webpayments-ig/VCTF/
>> and got there that way. Perhaps that address could be given at the top of
>> each of the documents, so they can be navigated-between easily?
> Hmm.  That's an interesting idea.  Normally it would be handled through
> informative references at the end, with links from obvious places in the
> text.  But maybe there is room for some boilerplate.... Manu?
> --
> Shane McCarron
> Projects Manager, Spec-Ops

Shane McCarron
Projects Manager, Spec-Ops
Received on Wednesday, 22 June 2016 16:48:15 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:17:53 UTC