Re: Authorized Issuer Lists

Eduardo, you are correct that the GLEIF vLEI ecosystem
<https://www.gleif.org/en/vlei/introducing-the-verifiable-lei-vlei>
primarily relies on chained VCs instead of trust registries. However GLEIF
will also maintain a registry of qualified vLEI issuers (QVIs). Whether or
not the GLEIF registry will support a standard trust registry protocol such
as the ToIP Trust Registry Protocol Specification is TBD.

It is also worth noting that due to the chaining and some other
requirements, GLEIF vLEIs are not currently compatible with the Verifiable
Credentials Data Model 1.0 spec. They use a different spec called Authentic
Chained Data Container
<https://trustoverip.github.io/tswg-acdc-specification/draft-ssmith-acdc.html>
(ACDC) that is being submitted to IETF. However the lead author, Sam Smith,
is participating as an invited expert in the new W3C Verifiable Credentials
2.0 Working Group in the hopes that ACDC can become a W3C compatible format.

=Drummond

On Sun, Aug 14, 2022 at 9:56 PM Eduardo A. Chongkan Líos <
e.chongkan@gmail.com> wrote:

> Hi all,
>
> I thought this was going to be handled based on the DID themselves as a
> chain of DIDs and VCs. e.g.
>
> A) An Issues must meet certain criteria to an Issues, like the GLEIF or
> Bloomberg, they designed the standard, and this pretty much relies on data
> integrity and accuracy. They authorize the L2 Agents. Similar to a SSL
> Certificate Authority.
>
> B) a VC Registered by L2 Agents, who submit the data to the L1 Issues and
> so on.
>
> Similar to how the LEI issuance is being handled.
>
> Attached are a lot of use cases with Diagrams for VCs, DIDs and LEIs
>
> --
> Eduardo Chongkan
>
>
>
> On Sun, Aug 14, 2022 at 6:47 PM Reed, Drummond <drummond.reed@avast.com>
> wrote:
>
>> +1 — this is why ToIP uses "trust registry". Also, to another point made
>> on this thread, the ToIP Trust Registry Protocol Specification notes
>> that trust registries and chained credentials are not mutually exclusive
>> approaches to verifying the authority of an issuer. In fact they can be
>> highly complementary; they are just different paths for navigating a trust
>> chain.
>>
>>
>> On Sun, Aug 14, 2022 at 3:29 PM Tobias Looker <tobias.looker@mattr.global>
>> wrote:
>>
>>> This is a great and much needed initiative for the credential space. I
>>> would note that I think language like "authorized issuer lists" does tend
>>> to setup the possible misconception that there is a singular arbiter around
>>> who to trust for a particular credential type when in reality trust is
>>> contextual. Therefore, I think "trust lists" or "trust registries" are
>>> perhaps a better language framing of what we are looking for an
>>> interoperable solution to.
>>>
>>> Thanks,
>>>
>>> [image: Mattr website]
>>> <https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fscanmail.trustwave.com%2F%3Fc%3D15517%26d%3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiW1WeN4boYw%26u%3Dhttps%253a%252f%252fmattr.global%252f&data=04%7C01%7CSteve.Lowes%40mbie.govt.nz%7C5a65fe33c70b41fd8ba908d976f3a2f1%7C78b2bd11e42b47eab0112e04c3af5ec1%7C0%7C0%7C637671611076709977%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=tKqCMzLUQNCeORd908YqfqZoT7tCy%2FMVwXdjpch1sDY%3D&reserved=0>
>>>
>>>
>>>
>>> *Tobias Looker*
>>>
>>> MATTR
>>> CTO
>>>
>>> +64 (0) 27 378 0461
>>> tobias.looker@mattr.global
>>>
>>> [image: Mattr website]
>>> <https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fscanmail.trustwave.com%2F%3Fc%3D15517%26d%3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiW1WeN4boYw%26u%3Dhttps%253a%252f%252fmattr.global%252f&data=04%7C01%7CSteve.Lowes%40mbie.govt.nz%7C5a65fe33c70b41fd8ba908d976f3a2f1%7C78b2bd11e42b47eab0112e04c3af5ec1%7C0%7C0%7C637671611076709977%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=tKqCMzLUQNCeORd908YqfqZoT7tCy%2FMVwXdjpch1sDY%3D&reserved=0>
>>>
>>> [image: Mattr on LinkedIn]
>>> <https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fscanmail.trustwave.com%2F%3Fc%3D15517%26d%3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiW1SbN9fvNg%26u%3Dhttps%253a%252f%252fwww.linkedin.com%252fcompany%252fmattrglobal&data=04%7C01%7CSteve.Lowes%40mbie.govt.nz%7C5a65fe33c70b41fd8ba908d976f3a2f1%7C78b2bd11e42b47eab0112e04c3af5ec1%7C0%7C0%7C637671611076719975%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=t%2BidOI32oaKuTJf1AkcG%2B%2FirIJwbrgzXVZnjOAC52Hs%3D&reserved=0>
>>>
>>> [image: Mattr on Twitter]
>>> <https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fscanmail.trustwave.com%2F%3Fc%3D15517%26d%3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiW1WdMte6ZA%26u%3Dhttps%253a%252f%252ftwitter.com%252fmattrglobal&data=04%7C01%7CSteve.Lowes%40mbie.govt.nz%7C5a65fe33c70b41fd8ba908d976f3a2f1%7C78b2bd11e42b47eab0112e04c3af5ec1%7C0%7C0%7C637671611076729970%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=BD9WWyXEjVGlbpbCja93yW%2FzLJZpe%2Ff8lGooe8V6i7w%3D&reserved=0>
>>>
>>> [image: Mattr on Github]
>>> <https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fscanmail.trustwave.com%2F%3Fc%3D15517%26d%3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiWwGdMoDtMw%26u%3Dhttps%253a%252f%252fgithub.com%252fmattrglobal&data=04%7C01%7CSteve.Lowes%40mbie.govt.nz%7C5a65fe33c70b41fd8ba908d976f3a2f1%7C78b2bd11e42b47eab0112e04c3af5ec1%7C0%7C0%7C637671611076729970%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=4AhRuXZCnU5i3hcngo4H3UiNayYUtXpRcImV4slS1mw%3D&reserved=0>
>>>
>>>
>>> This communication, including any attachments, is confidential. If you
>>> are not the intended recipient, you should not read it - please contact me
>>> immediately, destroy it, and do not copy or use any part of this
>>> communication or disclose anything about it. Thank you. Please note that
>>> this communication does not designate an information system for the
>>> purposes of the Electronic Transactions Act 2002.
>>>
>>> ------------------------------
>>> *From:* Steve Capell <steve.capell@gmail.com>
>>> *Sent:* 15 August 2022 09:39
>>> *To:* Kyano Kashi <kyanokashi2@gmail.com>
>>> *Cc:* Manu Sporny <msporny@digitalbazaar.com>; W3C Credentials CG <
>>> public-credentials@w3.org>
>>> *Subject:* Re: Authorized Issuer Lists
>>>
>>> EXTERNAL EMAIL: This email originated outside of our organisation. Do
>>> not click links or open attachments unless you recognise the sender and
>>> know the content is safe.
>>>
>>> Yes!
>>>
>>> And then the school includes the accreditation vc in their student
>>> credential vc
>>>
>>> Steven Capell
>>> Mob: 0410 437854
>>>
>>> On 15 Aug 2022, at 7:28 am, Kyano Kashi <kyanokashi2@gmail.com> wrote:
>>>
>>> 
>>> Hi Manu,
>>>
>>> Forgive my ignorance, but couldn’t we simply have the American Bar
>>> Association issue VCs to the schools it wishes to accredit for issuing law
>>> VCs?
>>>
>>> Best,
>>>
>>> Kyano
>>>
>>> On Sun, Aug 14, 2022 at 6:19 PM Manu Sporny <msporny@digitalbazaar.com>
>>> wrote:
>>>
>>> Hi all,
>>>
>>> The topic of "lists of authorized issuers for certain types of
>>> credentials" has been floating around the VC community for a few years
>>> now. We don't seem to have hit a point where implementers and
>>> customers feel they absolutely need the feature, but there has been
>>> enough curiosity around it to perhaps have some exploratory technical
>>> discussions at some of the upcoming conferences.
>>>
>>> The basic concept here is: Can a verifier lean on established trust it
>>> has in some authority, such as an accreditation body, to get a list of
>>> issuers for particular types of credentials? To focus on a use case in
>>> education, how would the American Bar Association publish a list of
>>> all law schools that it has accredited to issue law degree VCs?
>>>
>>> The following paper calls for the exploration of the topic, starting
>>> at the upcoming RWoT in The Hague (end of September):
>>>
>>>
>>> https://github.com/WebOfTrustInfo/rwot11-the-hague/blob/master/advance-readings/authorized-issuer-lists.md
>>>
>>> Thoughts, concerns, and identification of similar work, are all welcome.
>>>
>>> -- manu
>>>
>>> --
>>> Manu Sporny - https://www.linkedin.com/in/manusporny/
>>> Founder/CEO - Digital Bazaar, Inc.
>>> News: Digital Bazaar Announces New Case Studies (2021)
>>> https://www.digitalbazaar.com/
>>>
>>>

Received on Monday, 15 August 2022 05:31:22 UTC