Re: DHS Verifier Confidence/Assurance Level Expectation/Treatment of non-publicly defined Vocabulary/Terminology -- by using @vocab

That’s correct Kaliya. And there are rich sets of schemas allowing mapping
of skills, competencies, and so on (e.g. ctdl/ credential engine) — very
ripe for reuse in worker/learner VCs, promoting portability + interop

On Sat, Jan 28, 2023 at 2:41 PM Kaliya Identity Woman <
kaliya@identitywoman.net> wrote:

> My understanding is that the education credentialing community is quite
> into JSON-LD and interoperable vocabularies.
>
> I also believe there is significant work I this area by European folks -
> why? They by default have multiple languages and JSON-LD let’s you move
> between languages - why? Semantics.
>
> Having the model do something substantive for businesses and make what is
> transmitted discernible semantically has value.
>
> - Kaliya
>
> Sent from my iPhone
>
> On Jan 28, 2023, at 2:37 PM, Michael Herman (Trusted Digital Web) <
> mwherman@parallelspace.net> wrote:
>
> 
>
> p.s. As a response to Christopher's issue
> https://github.com/w3c/vc-data-model/issues/1018#issue-1559012080, I'm
> trying figure out if anyone else besides DHS and its partners is driving
> the inclusion of the JSON-LD/RDF extensions in the VCDM specification?
>
> If the true primary goal was to drive wider, deeper, early adoption of
> VCs, the strategy should be to make the VCDM simpler and more compact; not
> more complicated, more niche, and less desirable to use.
>
> The current direction is to make the VCDM more complicated and more niche
> and less desirable to use from the perspective of the silent majority of
> developers that Christopher is referencing.
> ...and indirectly what Sam Smith references here:
> https://github.com/w3c/vc-data-model/issues/982
> ...and myself here:
> https://github.com/w3c/vc-data-model/issues/1008#issuecomment-1407376853
>
> ...maybe DIF or ToIP is a better home for a better, layered VC
> specification: https://youtu.be/7LpVR0u18s0
>
> It's time for real change.
>
> Michael Herman
> Web 7.0
>
>
>
> Get Outlook for Android <https://aka.ms/AAb9ysg>
> ------------------------------
> *From:* Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net>
> *Sent:* Saturday, January 28, 2023 4:01:40 PM
> *To:* Kim Hamilton <kimdhamilton@gmail.com>
> *Cc:* John, Anil <anil.john@hq.dhs.gov>; public-credentials@w3.org <
> public-credentials@w3.org>
> *Subject:* Re: DHS Verifier Confidence/Assurance Level
> Expectation/Treatment of non-publicly defined Vocabulary/Terminology -- by
> using @vocab
>
>
> I don't have access to that information and don't evangelize (at this
> point in the Web 7.0 technology adoption curve) to those audiences.
>
> I thought Anil would be the best person to speak about the level of
> commercial adoption of the DHS VC profile.
>
>
>
> Get Outlook for Android <https://aka.ms/AAb9ysg>
> ------------------------------
> *From:* Kim Hamilton <kimdhamilton@gmail.com>
> *Sent:* Saturday, January 28, 2023 1:30:29 PM
> *To:* Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net>
> *Cc:* John, Anil <anil.john@hq.dhs.gov>; public-credentials@w3.org <
> public-credentials@w3.org>
> *Subject:* Re: DHS Verifier Confidence/Assurance Level
> Expectation/Treatment of non-publicly defined Vocabulary/Terminology -- by
> using @vocab
>
>
> Reminder that it’s a good thing to promote interoperability enabling
> competition in a way that smaller vendors can participate.
>
> Michael, why don’t you start by providing a list of nasdaq 100 or Fortune
> 500 companies who participate in standards groups such as this, and we can
> use that to match against dhs participants.
>
>
> On Sat, Jan 28, 2023 at 2:40 AM Michael Herman (Trusted Digital Web) <
> mwherman@parallelspace.net> wrote:
>
> Anil, aside from the regular group of subcontractors that DHS works with
> and are obligated to the use the DHS VC profile, to the best of your
> knowledge, have any other organizations created their own demonstrations of
> a DHS VC profile-based system? …any organization from the NASDAQ 100 or
> Fortune 500, for example?
>
>
>
> Best regards,
>
> Michael Herman
>
> Web 7.0
>
>
>
> *From:* John, Anil <anil.john@hq.dhs.gov>
> *Sent:* Thursday, January 26, 2023 1:27 PM
> *To:* public-credentials@w3.org
> *Subject:* DHS Verifier Confidence/Assurance Level Expectation/Treatment
> of non-publicly defined Vocabulary/Terminology -- by using @vocab
>
>
>
> Hello Everyone,
>
>
>
> I wanted to share broadly some of the considerations that we are currently
> working through regarding data quality (as represented by incoming JSON-LD
> formatted VCs) and its impact on good decision making.
>
>
>
> As a refresher, the following is what the current version of our W3C
> VC/DID Implementation Profile notes:
>
>
>
> Verifiable Credentials and Verifiable Presentations, as defined in [VC
> DATA MODEL], SHALL be serialized as [JSON LD] in compacted document form
>
> ·       A Verifiable Credential SHALL define all terms using @context
>
> ·       A Verifiable Presentation SHALL define all terms using @context
>
> o   [JSON LD] SHALL define all types using @type
>
> o   [JSON LD] SHOULD leverage objects instead of strings to refer to
> Issuers and Holders
>
> o   *[JSON LD] MAY rely on @vocab to automatically define terminology*
>
>
>
> I wanted to focus on the last bit; while this does not apply to DHS
> (either CBP or USCIS) as issuers of credentials, given that we clearly and
> publicly define our vocabulary:
>
>    - W3C CCG Citizenship Vocabulary -
>       https://w3c-ccg.github.io/citizenship-vocab/
>       <https://urldefense.us/v3/__https:/w3c-ccg.github.io/citizenship-vocab/__;!!BClRuOV5cvtbuNI!Te6WC0mssBfU3y2-E6vZVPp8nwrFzFh6D4yPWUljTq5owSbuMs_NyqfeD24CvW2sqG4H$>
>       - W3C CCG Supply Chain Traceability Vocabulary -
>       https://w3c-ccg.github.io/traceability-vocab/
>       <https://urldefense.us/v3/__https:/w3c-ccg.github.io/traceability-vocab/__;!!BClRuOV5cvtbuNI!Te6WC0mssBfU3y2-E6vZVPp8nwrFzFh6D4yPWUljTq5owSbuMs_NyqfeD24CvUxluxD2$>
>
>
>
> However it does have a bearing on us when we consume
> credentials/attestations i.e. act as Verifiers.
>
>
>
> My understanding of the anticipated use of @vocab is that it allows for
> the use of  “private attributes” that are agreed upon by parties in some
> out-of-bound manner rather than being openly and publicly defined.
>
>
>
> To date, much of the conversations that we are tracking [1] [2] looks to
> be very much from the perspective of technologists and developers and not
> really from the perspective of an end customer like Us,  so we wanted to
> make sure that we shared our perspective to ensure that it is reflected and
> considered as folks make implementation choices on how they represent
> attributes in credentials/attestations.
>
>
>
> To that end, from the perspective of a VERIFIER (i.e. CBP or USCIS in
> consumption mode), this looks to be something that is clearly falls in the
> following bucket:
>
>
>
> “How much confidence do we have in this data that just came in the door,
> and what manner of out-of-band work do we need to do, or made a
> non-automated decision on, to  treat this data as equivalent to data
> vocabularies that is clearly and openly agreed upon” i.e.
> Confidence/Assurance Level we can place in the data.
>
>
>
> So, where we have landed on in our deliberation is that
> credentials/attestations that utilize vocabularies that are openly/clearly
> defined will be treated as having higher assurance/confidence level than
> data that is coming in via the @vocab route, which may require additional,
> out-of-band and in many cases non-automated processing by the Verifier to
> determine its validity and quality. (This will be something that we add to
> the Informative section of our Profile going forward)
>
>
>
> [1] https://github.com/w3c/vc-data-model/issues/953
> [2] https://github.com/w3c/vc-data-model/pull/1001
>
> Best Regards,
>
>
>
> Anil
>
>
>
> Anil John
>
> Technical Director, Silicon Valley Innovation Program
>
> Science and Technology Directorate
>
> US Department of Homeland Security
>
> Washington, DC, USA
>
>
>
> Email Response Time – 24 Hours
>
>
>
> [image: image001.jpg] <https://www.dhs.gov/science-and-technology>[image:
> image002.jpg]
>
>