Re: Authorized Issuer Lists

Manu - you’ve hit a very significant nerve in the ecosystem.  It has generated a rich set of responses over a period of less than 24 hour! There is a lot to parse as Kerri noted, along with several others. The interests and concerns for formal institutional issuers may overlap with others but in many respects the differences from their interests wrt other use cases are important.

One of the attributes that tends to be overlooked, though I’m very happy to see it was picked up in the richness of the thread here, is the importance of how the uncredentialed can participate and get value from this ecosystem. Here uncredentialied means those who have not been able to or for whatever reasons simply have not participated in a formal training experience culminating in a credential issued to acknowledge their completion of an achievement by a formal institution or organization.

That’s one of the primary use cases for the Verifiable Credential<https://github.com/WebOfTrustInfo/rwot11-the-hague/blob/master/advance-readings/endorsements.md> Dmitri, Kerri, and i have contributed a paper to RWOT, mentioned at the outset by Manu’s kick off message.

Steve Cappell introduced the linked data model leading to trust chains, though the notion that a trust chain will provide the provenance to a initial trust anchor is problematic, at least in the case of modeling this problem within a community seeking corroboration of self-issued claims (supported by different examples of evidence of their performance).  In this case that seems to be more meaningful is the graph of trust ensemble and not a definitive trust anchor.

in order for the formally uncredentialed community to have an entry into this ecosystem some variant of the trust graph of endorsers with their bona fides clearly detailed (perhaps with the endorsers own independence evidence to contribute) is a step toward validating (in Joosten’s terms)  the endorsee’s claim has merit  Illuminating how we might accomplihs this is a crucial step toward inclusion and equity for participants otherwise left out of LER/VC ecosystem.

And +1 to Joosten’s suggestion we consider the idea of Self-Sovereign Trust!

Phil


Orchard - Adaptive Learning Library & LxP Consultant
EdPlus/ASU
https://edplus.asu.edu/what-we-do/orchard-adaptive-learning-experience

e: pdlong2@asu.edu<mailto:pdlong2@asu.edu>
—
LER Network Facilitator
T3 Innovation Network, US Chamber of Commerce Foundation
e:phil@rhzconsulting.com<mailto:phil@rhzconsulting.com>
SNS:  https://www.linkedin.com/in/longpd

—
Phillip Long, Ph.D . Senior Scholar
Center for New Designs in Learning & Scholarship, (CNDLS)
e: pl673@georgetown.edu<mailto:pl673@georgetown.edu>
Twitter/Telegram: @RadHertz
—
ICoBC - International Council on Badges & Credentials
e: plong@icobc.net<mailto:plong@icobc.net>








On Aug 14, 2022, at 8:44 PM, Reed, Drummond <drummond.reed@avast.com<mailto:drummond.reed@avast.com>> wrote:

+1 — this is why ToIP uses "trust registry". Also, to another point made on this thread, the ToIP Trust Registry Protocol Specification notes that trust registries and chained credentials are not mutually exclusive approaches to verifying the authority of an issuer. In fact they can be highly complementary; they are just different paths for navigating a trust chain.


On Sun, Aug 14, 2022 at 3:29 PM Tobias Looker <tobias.looker@mattr.global<mailto:tobias.looker@mattr.global>> wrote:
This is a great and much needed initiative for the credential space. I would note that I think language like "authorized issuer lists" does tend to setup the possible misconception that there is a singular arbiter around who to trust for a particular credential type when in reality trust is contextual. Therefore, I think "trust lists" or "trust registries" are perhaps a better language framing of what we are looking for an interoperable solution to.

Thanks,
[Mattr website]<https://urldefense.com/v3/__https://aus01.safelinks.protection.outlook.com/?url=https*3A*2F*2Fscanmail.trustwave.com*2F*3Fc*3D15517*26d*3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiW1WeN4boYw*26u*3Dhttps*253a*252f*252fmattr.global*252f&data=04*7C01*7CSteve.Lowes*40mbie.govt.nz*7C5a65fe33c70b41fd8ba908d976f3a2f1*7C78b2bd11e42b47eab0112e04c3af5ec1*7C0*7C0*7C637671611076709977*7CUnknown*7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0*3D*7C1000&sdata=tKqCMzLUQNCeORd908YqfqZoT7tCy*2FMVwXdjpch1sDY*3D&reserved=0__;JSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJQ!!IKRxdwAv5BmarQ!bb5xHfCDMOhD0QhUSA_1hY-K6vHFYtLs9R0I6t39UEfdjRqGqXZV-HoE4rCLxO0iJ5nAO4ve2QbBq3iS56hH_pg$>



Tobias Looker
MATTR
CTO
+64 (0) 27 378 0461
tobias.looker@mattr.global<mailto:tobias.looker@mattr.global>
[Mattr website]<https://urldefense.com/v3/__https://aus01.safelinks.protection.outlook.com/?url=https*3A*2F*2Fscanmail.trustwave.com*2F*3Fc*3D15517*26d*3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiW1WeN4boYw*26u*3Dhttps*253a*252f*252fmattr.global*252f&data=04*7C01*7CSteve.Lowes*40mbie.govt.nz*7C5a65fe33c70b41fd8ba908d976f3a2f1*7C78b2bd11e42b47eab0112e04c3af5ec1*7C0*7C0*7C637671611076709977*7CUnknown*7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0*3D*7C1000&sdata=tKqCMzLUQNCeORd908YqfqZoT7tCy*2FMVwXdjpch1sDY*3D&reserved=0__;JSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJQ!!IKRxdwAv5BmarQ!bb5xHfCDMOhD0QhUSA_1hY-K6vHFYtLs9R0I6t39UEfdjRqGqXZV-HoE4rCLxO0iJ5nAO4ve2QbBq3iS56hH_pg$>
[Mattr on LinkedIn]<https://urldefense.com/v3/__https://aus01.safelinks.protection.outlook.com/?url=https*3A*2F*2Fscanmail.trustwave.com*2F*3Fc*3D15517*26d*3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiW1SbN9fvNg*26u*3Dhttps*253a*252f*252fwww.linkedin.com*252fcompany*252fmattrglobal&data=04*7C01*7CSteve.Lowes*40mbie.govt.nz*7C5a65fe33c70b41fd8ba908d976f3a2f1*7C78b2bd11e42b47eab0112e04c3af5ec1*7C0*7C0*7C637671611076719975*7CUnknown*7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0*3D*7C1000&sdata=t*2BidOI32oaKuTJf1AkcG*2B*2FirIJwbrgzXVZnjOAC52Hs*3D&reserved=0__;JSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJQ!!IKRxdwAv5BmarQ!bb5xHfCDMOhD0QhUSA_1hY-K6vHFYtLs9R0I6t39UEfdjRqGqXZV-HoE4rCLxO0iJ5nAO4ve2QbBq3iSM0eBDkY$>
[Mattr on Twitter]<https://urldefense.com/v3/__https://aus01.safelinks.protection.outlook.com/?url=https*3A*2F*2Fscanmail.trustwave.com*2F*3Fc*3D15517*26d*3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiW1WdMte6ZA*26u*3Dhttps*253a*252f*252ftwitter.com*252fmattrglobal&data=04*7C01*7CSteve.Lowes*40mbie.govt.nz*7C5a65fe33c70b41fd8ba908d976f3a2f1*7C78b2bd11e42b47eab0112e04c3af5ec1*7C0*7C0*7C637671611076729970*7CUnknown*7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0*3D*7C1000&sdata=BD9WWyXEjVGlbpbCja93yW*2FzLJZpe*2Ff8lGooe8V6i7w*3D&reserved=0__;JSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSU!!IKRxdwAv5BmarQ!bb5xHfCDMOhD0QhUSA_1hY-K6vHFYtLs9R0I6t39UEfdjRqGqXZV-HoE4rCLxO0iJ5nAO4ve2QbBq3iSxO4cadM$>
[Mattr on Github]<https://urldefense.com/v3/__https://aus01.safelinks.protection.outlook.com/?url=https*3A*2F*2Fscanmail.trustwave.com*2F*3Fc*3D15517*26d*3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiWwGdMoDtMw*26u*3Dhttps*253a*252f*252fgithub.com*252fmattrglobal&data=04*7C01*7CSteve.Lowes*40mbie.govt.nz*7C5a65fe33c70b41fd8ba908d976f3a2f1*7C78b2bd11e42b47eab0112e04c3af5ec1*7C0*7C0*7C637671611076729970*7CUnknown*7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0*3D*7C1000&sdata=4AhRuXZCnU5i3hcngo4H3UiNayYUtXpRcImV4slS1mw*3D&reserved=0__;JSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUl!!IKRxdwAv5BmarQ!bb5xHfCDMOhD0QhUSA_1hY-K6vHFYtLs9R0I6t39UEfdjRqGqXZV-HoE4rCLxO0iJ5nAO4ve2QbBq3iSG1OROXM$>

This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank you. Please note that this communication does not designate an information system for the purposes of the Electronic Transactions Act 2002.

________________________________
From: Steve Capell <steve.capell@gmail.com<mailto:steve.capell@gmail.com>>
Sent: 15 August 2022 09:39
To: Kyano Kashi <kyanokashi2@gmail.com<mailto:kyanokashi2@gmail.com>>
Cc: Manu Sporny <msporny@digitalbazaar.com<mailto:msporny@digitalbazaar.com>>; W3C Credentials CG <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: Re: Authorized Issuer Lists

EXTERNAL EMAIL: This email originated outside of our organisation. Do not click links or open attachments unless you recognise the sender and know the content is safe.

Yes!

And then the school includes the accreditation vc in their student credential vc

Steven Capell
Mob: 0410 437854

On 15 Aug 2022, at 7:28 am, Kyano Kashi <kyanokashi2@gmail.com<mailto:kyanokashi2@gmail.com>> wrote:


Hi Manu,

Forgive my ignorance, but couldn’t we simply have the American Bar Association issue VCs to the schools it wishes to accredit for issuing law VCs?

Best,

Kyano

On Sun, Aug 14, 2022 at 6:19 PM Manu Sporny <msporny@digitalbazaar.com<mailto:msporny@digitalbazaar.com>> wrote:
Hi all,

The topic of "lists of authorized issuers for certain types of
credentials" has been floating around the VC community for a few years
now. We don't seem to have hit a point where implementers and
customers feel they absolutely need the feature, but there has been
enough curiosity around it to perhaps have some exploratory technical
discussions at some of the upcoming conferences.

The basic concept here is: Can a verifier lean on established trust it
has in some authority, such as an accreditation body, to get a list of
issuers for particular types of credentials? To focus on a use case in
education, how would the American Bar Association publish a list of
all law schools that it has accredited to issue law degree VCs?

The following paper calls for the exploration of the topic, starting
at the upcoming RWoT in The Hague (end of September):

https://github.com/WebOfTrustInfo/rwot11-the-hague/blob/master/advance-readings/authorized-issuer-lists.md<https://urldefense.com/v3/__https://github.com/WebOfTrustInfo/rwot11-the-hague/blob/master/advance-readings/authorized-issuer-lists.md__;!!IKRxdwAv5BmarQ!bb5xHfCDMOhD0QhUSA_1hY-K6vHFYtLs9R0I6t39UEfdjRqGqXZV-HoE4rCLxO0iJ5nAO4ve2QbBq3iSE9a6gno$>

Thoughts, concerns, and identification of similar work, are all welcome.

-- manu

--
Manu Sporny - https://www.linkedin.com/in/manusporny/<https://urldefense.com/v3/__https://www.linkedin.com/in/manusporny/__;!!IKRxdwAv5BmarQ!bb5xHfCDMOhD0QhUSA_1hY-K6vHFYtLs9R0I6t39UEfdjRqGqXZV-HoE4rCLxO0iJ5nAO4ve2QbBq3iS0Hv2GUQ$>
Founder/CEO - Digital Bazaar, Inc.
News: Digital Bazaar Announces New Case Studies (2021)
https://www.digitalbazaar.com/<https://urldefense.com/v3/__https://www.digitalbazaar.com/__;!!IKRxdwAv5BmarQ!bb5xHfCDMOhD0QhUSA_1hY-K6vHFYtLs9R0I6t39UEfdjRqGqXZV-HoE4rCLxO0iJ5nAO4ve2QbBq3iS4arbvGQ$>