- From: Timothy Holborn <timothy.holborn@gmail.com>
- Date: Mon, 26 Jun 2017 17:28:18 +0000
- To: W3C Credentials Community Group <public-credentials@w3.org>
- Message-ID: <CAM1Sok0bw3-+OOFXP3ejuek2oZweGeqmqAdi-hdyje7H=08Tow@mail.gmail.com>
Maybe the documentation narrative could be solved using more of an explanatory means of vcwg vocab, use cases and tools as a documentation method; theory being, What goes into one of these things can come in all sorts of different ways. Some may be considered "self soverign", some may be considered "institutional", "academic", "government", part of a "free service", commercial, unreliable, etc & et.al. Fundermentally, it's an RDF document with some cryptographic rigor to improve support for relations and trust of the RDF statements made (by a 3rd party). Mandatorily, there is an encoding element. This could be extended to enable some sort of means where the document is countersigned or indeed, it may only be signed / controlled by a singular document author. A storage element (not necessarily centrally, and not necessarily by the "subject" of a claim who may not even be aware of it). The use of HTTP URIs could support same origin, or other means to ensure the person presenting the claim controls the address / account it's being supplied from, yet not necessarily and certainly not in a manner that would exclude the use of language in any document to preclude the use of documents to a be authored about someone who may have no knowledge of the documents existance. Indeed a constituent of privacy principles. Yet, regardless, a "decoding" element, which essentially means a bunch of tests can be done to the document (that is in itself machine readable) so that it can be evaluated and/or ideally relied upon (to a level of a probability // confidence)) for the intended purpose of the signed document. Documents may be controlled, made tamper evident and / or trusted in different ways, by different forms of actors who may be equipped and/or capable of understanding or interpreting the contents of the document in different ways, correctly, incorrectly or otherwise. Gets more interesting with a plurality of actors and a bunch of semantics. Does the decoder optionally notify the encoder of its identity? Can a requirement be put upon the use of a document to require a log of who's used it. Once it's been decoded, it's kinda hard to ensure the knowledge hasn't been stored by the inspector / reviewer... Tim.h.
Received on Monday, 26 June 2017 17:29:02 UTC