Vaccinator Registry Use-Case + Letter of Recommendation Credential

The verifier is presented with a vaccination credential equivalent to the
paper travel and school document.

Postulate a vaccinator registry that issues a registration number and stamp
to certified vaccinators. The registration number is effectively public
because every patient sees it in the clear. Note that it is not a
vaccination registry because it has no notion of a particular patient /
subject.

The patient wants to prove vaccination without disclosing the actual
identity of the vaccinator. It's none of the verifier's business. The
vaccinator also has a privacy interest in not letting them be tracked by
unknown verifiers.

The patient and/or vaccinator enlist a notary to verify the credential of
the vaccinator and of the patient. Banks typically provide this low-cost
service as part of a broader customer relationship.

The notary effectively replaces the vaccinator's registration number with
their own and creates an auditable log of the transaction. The log is
accessible to the verifier under court order or other expense. The log is
accessible for sampling by other independent auditors who might revoke
either the vaccinator or the notary registration.

+

The subject is not allowed to see the contents of the verifiable
credential. Imagine it's a letter of recommendation instead of a
vaccination.

The school does not want to release the contents of the letter of
recommendation to just anyone. The school has policies that require the
verifier to be credentialed and registered somewhere (e.g. Fortune 500, or
D&B) and to have a public encryption key associated with their
registration.

The VC is encrypted with the verifier's public key by either the issuer or
a notary as an intermediary that has checked the verifier's credential and
keeps an audit log.

=

These two use-cases are also economically important because the issuer does
not want to bear the risk of dealing with the verifier and the verifier
does not want to bear the risk of dealing with the issuer. A notary limits
the risk of both parties by checking the (deduplicated) identity of the VC
subject and any registered credentials of the issuer or verifier. The
economy comes because whether it's vaccination or voting, a sample audit
can suffice to keep the bonded participants honest.

Adrian

Received on Tuesday, 15 December 2020 21:26:50 UTC