- From: Orie Steele <orie@transmute.industries>
- Date: Thu, 2 Feb 2023 10:24:19 -0600
- To: Oliver Terbu <oliver.terbu@spruceid.com>
- Cc: Credentials Community Group <public-credentials@w3.org>
- Message-ID: <CAN8C-_+OnLXEodEg6eWXF7-aHPWJYjm6rTQfko+azTx7T1Hz2A@mail.gmail.com>
Thanks for this! It seems like a naive interpretation of "holder binding" is ... a credential / claim bound to a specific key. Instead of binding to a "generic subject" the binding is to a specific key (possibly in hardware or software isolation). Is that correct? OS On Thu, Feb 2, 2023 at 10:21 AM Oliver Terbu <oliver.terbu@spruceid.com> wrote: > Dear all, > > Since we had a number of issues and lots of discussions on holder binding > in the last couple of months, we wrote a RWOT paper and it got published > finally. I'm sharing this already since it is relevant to upcoming > discussions on holder binding in W3C. > > IDENTIFIER BINDING: DEFINING THE CORE OF HOLDER BINDING > - > https://github.com/WebOfTrustInfo/rwot11-the-hague/blob/master/final-documents/identifier-binding.pdf > - > https://github.com/WebOfTrustInfo/rwot11-the-hague/blob/master/final-documents/identifier-binding.md > > by Paul Bastian, Rieks Joosten, Zaïda Rivai, Oliver Terbu, Snorre Lothar > von Gohren Edwin, Antonio Antonino, Nikos Fotiou, Stephen Curran, and > Ahamed Azeem > > Lead author: Oliver Terbu > > Over the last year(s), various issues have been raised that revolve around > what has been called 'holder binding'. The term 'holder binding' itself > isn't clearly defined, and is in fact quite contentious. This paper seeks > to come to grips with this discussion. Our first contribution is the > specification of a terminology, which is intended to help readers > understand what we mean to say without requiring them to make assumptions > about such meanings (as is often the case in discussions about 'holder > binding'). Our second contribution is an analysis of a (fictitious) > use-case that suggests that verifiers typically do not need to know who the > holder is (i.e. who has presented the claims to be verified). This analysis > shows that verifiers need capabilities to (a) learn which entity is the > subject of a particular claim, and (b) to know whether or not two subject > identifiers refer to the same entity or to different entities. Also, they > may need assurances regarding the party on whose behalf the component that > has electronically presented the claims, has been using those capabilities. > Our third contribution is a proposal for the syntax and semantics of a new > property that can be used in (different parts of) VCs/VPs, that will > provide verifiers with such capabilities. > > [image: Screenshot 2023-02-02 at 17.17.33.png] > > Thanks, > Oliver > -- *ORIE STEELE* Chief Technical Officer www.transmute.industries <https://www.transmute.industries>
Attachments
- image/png attachment: Screenshot_2023-02-02_at_17.17.33.png
Received on Thursday, 2 February 2023 16:24:46 UTC