> > Another solution is chaining: have an accreditation authority issue a VC >> to issuers, attesting to the issuer's bona fides; verification = verify >> proximate VC + VC that makes proximate issuer trustworthy. Possibly repeat >> through several levels of indirection. > > If it is discovered, through some arbitrary means, that some intermediary > in a chain should not be considered trustworthy, even though that > intermediary produces credentials that satisfy the specification's > requirements, how can a lack of trust be expressed, communicated, etc? > A chain has to be followed. That means each credential must be verified. And if an intermediate credential in the chain is revoked, the chain gets broken and thus will not validate. So: revoke.
Received on Wednesday, 11 August 2021 07:14:48 UTC