Re: Authorized Issuer Lists from Gabe Cohen on 2022-08-15 (public-credentials@w3.org from August 2022)

From: Gabe Cohen <gcohen@squareup.com>
Date: Mon, 15 Aug 2022 08:43:20 -0700
To: Daniel Buchner <dbuchner@squareup.com>
Cc: W3C Credentials CG <public-credentials@w3.org>, Manu Sporny <msporny@digitalbazaar.com>
Message-ID: <CAPPN6pgDYtWoyOAeruxz6rODV-t=u395aP9whrV_8m9VdmtvmQ@mail.gmail.com>

 Just to add on, the spec is in pre-draft
<https://identity.foundation/trust-establishment> and we’re looking for
additional contributors. We at Block have been working with the folks at
Indicio on this the past month or so. Calls in DIF are every Monday at 10
PM Pacific. We think we’ve come up with a fairly robust way to capture most
types of trust-relations that could exist inside of a Verifiable Credential
or other integrity-wrapper.

Interestingly, the spec can be used for publishing ’sentiment’ for a given
DID-party, or a list of schemas/credential types that are accepted for/by
specific DID-parties.

Block is committed to an open source code implementation for the spec in
the coming months.

Gabe

On Aug 14, 2022 at 9:19:08 AM, Daniel Buchner <dbuchner@squareup.com> wrote:

> Great to see folks thinking about this! We have a work item underway in
> DIF that aims to address this called Trust Establishment - here's an early
> spec draft on how such a thing could be used to support this aspect of
> establishing trust (among other types):
> https://identity.foundation/trust-establishment/#trust-establishment-using-the-.
> Perhaps we can all triangulate on something, would love to get your
> collective thoughts.
>
> - Daniel
>
> On Sun, Aug 14, 2022, 10:19 AM Manu Sporny <msporny@digitalbazaar.com>
> wrote:
>
>> Hi all,
>>
>> The topic of "lists of authorized issuers for certain types of
>> credentials" has been floating around the VC community for a few years
>> now. We don't seem to have hit a point where implementers and
>> customers feel they absolutely need the feature, but there has been
>> enough curiosity around it to perhaps have some exploratory technical
>> discussions at some of the upcoming conferences.
>>
>> The basic concept here is: Can a verifier lean on established trust it
>> has in some authority, such as an accreditation body, to get a list of
>> issuers for particular types of credentials? To focus on a use case in
>> education, how would the American Bar Association publish a list of
>> all law schools that it has accredited to issue law degree VCs?
>>
>> The following paper calls for the exploration of the topic, starting
>> at the upcoming RWoT in The Hague (end of September):
>>
>>
>> https://github.com/WebOfTrustInfo/rwot11-the-hague/blob/master/advance-readings/authorized-issuer-lists.md
>>
>> Thoughts, concerns, and identification of similar work, are all welcome.
>>
>> -- manu
>>
>> --
>> Manu Sporny - https://www.linkedin.com/in/manusporny/
>> Founder/CEO - Digital Bazaar, Inc.
>> News: Digital Bazaar Announces New Case Studies (2021)
>> https://www.digitalbazaar.com/
>>
>>

Received on Monday, 15 August 2022 15:44:02 UTC