RE: PROPOSALs for VC HTTP API call on 2021-06-22 from Michael Herman (Trusted Digital Web) on 2021-06-28 (public-credentials@w3.org from June 2021)

From: Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net>
Date: Mon, 28 Jun 2021 00:46:55 +0000
To: Adrian Gropper <agropper@healthurl.com>, David Chadwick <d.w.chadwick@verifiablecredentials.info>
CC: Ted Thibodeau Jr <tthibodeau@openlinksw.com>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Message-ID: <MWHPR1301MB2094EAF755743DCFF8BBE216C3039@MWHPR1301MB2094.namprd13.prod.outlook.>

RE: Is it because VCs are intended to be accessed _only_ by the subject?

No.  The Subject of a VC can be a Thing (car, boat, house, purchase order, waybill, …).

From: Adrian Gropper <agropper@healthurl.com>
Sent: June 25, 2021 10:47 AM
To: David Chadwick <d.w.chadwick@verifiablecredentials.info>
Cc: Ted Thibodeau Jr <tthibodeau@openlinksw.com>; W3C Credentials CG (Public List) <public-credentials@w3.org>
Subject: Re: PROPOSALs for VC HTTP API call on 2021-06-22

You've lost me.

Why has a discussion of authorization to access a VC come around to the issue of holder vs. subject?

Is it because VCs are intended to be accessed _only_ by the subject?

- Adrian

On Fri, Jun 25, 2021 at 11:47 AM David Chadwick <d.w.chadwick@verifiablecredentials.info<mailto:d.w.chadwick@verifiablecredentials.info>> wrote:

On 25/06/2021 16:14, Ted Thibodeau Jr wrote:

In other words -- it's complicated.

I can drink to that.

And its made more complicated due to the fact that there are no standardised way of transferring VCs, of requesting VCs, of proving possession of VCs, of selectively disclosing properties of VCs, of...<add your own here>

Kind regards

David

Received on Monday, 28 June 2021 00:47:27 UTC