- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Tue, 20 Feb 2024 09:17:29 -0500
- To: ステファニー タン(SBIホールディングス) <tstefan@sbigroup.co.jp>
- Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
On Tue, Feb 20, 2024 at 3:23 AM ステファニー タン(SBIホールディングス) <tstefan@sbigroup.co.jp> wrote: > Thank you to Manu and Dave from Digital Bazaar for this presentation! I forwarded the material to our technical team to get their thoughts. The meeting and video presentation is in 3 hours. The video presentation might be useful as well. That will be sent to the mailing list soon after the meeting (this week). > What does the semantics of the bit sequence mean: if it is 1, is it revoked, if it is 0, is it revoked, or if it is 0, is it not revoked? The "statusPurpose" lets you know what the semantics of the bit are: https://w3c.github.io/vc-bitstring-status-list/#bitstringstatuslistentry For example, "revocation" means that the semantics of the bit is about revocation. 1 means "revoked", 0 means "not revoked". There is also a "statusPurpose" of "message", which is used to convey an arbitrary human-readable message related to the status of the credential. > Who guarantees that data cannot be created with a different ListIndex? (Is credentialStatus subject to VC signature?) Yes, credentialStatus is protected by the VC signature. In fact, both the VC and the status list VC is digitally signed by the issuer, so only the issuer of each credential can change any of the information. If someone else tries to change the information, the signature will show that the information has been tampered with and verification will fail. > I think the gain is reducing the amount of information. When using a bit string and there is one data object, my understanding is that write cannot be executed concurrently. Is that correct? (Wouldn't this be a challenge, especially if you put a Data Registry on the blockchain?) You can't write to the same bitstring concurrently, no, but remember that you can have many parallel bitstrings, which you CAN write to concurrently. Also note that you don't have to write to the status list every time there is an update, it is expected that updates would be batched and released once per day or once per week... in all of those cases, the updates would effectively be concurrent (because the issuer would batch up all the changes and write a new status list VC once to whatever storage medium they're using -- website or blockchain or something else). > What do you think about the governance of the bit index (who can rewrite it)? Ideally, there would be a key pair when adding a single Bit string, and it would be organised in such a way that it cannot be rewritten without the key pair (private key). Is that understanding correct? Yes, you can't publish or update the status list w/o the private key. It is possible for others authorized parties to manage the bitstring entry by using something like the VC API that allows you to change status information as long as the authorized party is using an access token or capability to provide access to the status changing service: https://w3c-ccg.github.io/vc-api/#update-status One way this has been implemented is that the issuer provides an access token to change the status information associated with a particular credential or set of credentials. The entity changing the status information would then call the API above to flip the bits accordingly. The issuer would then re-publish the list during the next scheduled update cycle (once per day, once per week, etc.). Does that answer all of your questions, Stefannie? -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. https://www.digitalbazaar.com/
Received on Tuesday, 20 February 2024 14:18:09 UTC