- From: Markus Sabadello <markus@danubetech.com>
- Date: Tue, 16 Aug 2022 11:29:06 +0400
- To: public-credentials@w3.org
To add to the list of resources in this thread, here is a demonstration of how a DID resolver can verify if a DID's verification methods are bound to existing X.509 trust infrastructure: https://docs.google.com/document/d/1zMYUt8icua5kCyQtaDhjLnpETwfhBDE-cFQKauysk-k/ Note: This doesn't say anything about what credentials an issuer is allowed to issue, it's only about linking DIDs to existing X.509-based PKI. Markus On 14.08.22 19:15, Manu Sporny wrote: > Hi all, > > The topic of "lists of authorized issuers for certain types of > credentials" has been floating around the VC community for a few years > now. We don't seem to have hit a point where implementers and > customers feel they absolutely need the feature, but there has been > enough curiosity around it to perhaps have some exploratory technical > discussions at some of the upcoming conferences. > > The basic concept here is: Can a verifier lean on established trust it > has in some authority, such as an accreditation body, to get a list of > issuers for particular types of credentials? To focus on a use case in > education, how would the American Bar Association publish a list of > all law schools that it has accredited to issue law degree VCs? > > The following paper calls for the exploration of the topic, starting > at the upcoming RWoT in The Hague (end of September): > > https://github.com/WebOfTrustInfo/rwot11-the-hague/blob/master/advance-readings/authorized-issuer-lists.md > > Thoughts, concerns, and identification of similar work, are all welcome. > > -- manu >
Received on Tuesday, 16 August 2022 07:29:24 UTC