Re: Selective Disclosure of lists from Jeremy Townson on 2021-06-08 (public-credentials@w3.org from June 2021)

From: Jeremy Townson <jeremy.townson@gmail.com>
Date: Tue, 8 Jun 2021 13:01:18 +0100
To: David Chadwick <d.w.chadwick@verifiablecredentials.info>
Cc: W3C Credentials Community Group <public-credentials@w3.org>
Message-ID: <CAAic94GRGbUD=UTSG6+zDfJm23DzYJq_SeNkJQHD-YGKuaMBiw@mail.gmail.com>

Could you give an example, David, I had thought the point of selective
disclosure was that the verifier could make only a binary (not)valid
decision about validity and was not able to infer other properties of the
undisclosed data, such as properties of lists.

On Tue, 8 Jun 2021 at 12:10, David Chadwick <
d.w.chadwick@verifiablecredentials.info> wrote:

> I dont know if anyone has discussed the selective disclosure of lists but
> here are at least some of the issues:
>
> The user's VC has a property with a list of values (e.g. names of role
> holders). The user only wants to disclose n of m of this list to the
> verifier.
>
> How can the verifier determine the difference between
>
> i) a list with only n entries
>
> ii) a list that has more than n entries but the user has withheld some of
> them.
>
> Then we have the case where
>
> iii) the list is genuinely empty because e.g. the role, has not been
> assigned to anyone yet, and
>
> iv) the user does not want to tell the verifier any of the list values.
>
> As far as I am aware the current data model does not have any way of
> differentiating between any of the above in a selectively disclosed VC.
>
> Kind regards
>
> David
>

Received on Tuesday, 8 June 2021 12:02:53 UTC