Manu,
I guess I am missing your point. My point is that "selective redaction" spuriously implies that the holder has any control over what it selectively discloses or redacts during an electronic exchange with a verifier-machine.
I agree that my suggestion has its issues as well. However, if we are going to change a term that has been widely-used in the W3C-CCG community, then let's make sure that we get it right.
Oskar
-----Original Message-----
From: Manu Sporny <msporny@digitalbazaar.com>
Sent: maandag 24 februari 2025 16:00
To: public-credentials@w3.org
Cc: Calvin Cheng <Calvin_cheng@hive.tech.gov.sg>; Steve Capell <steve.capell@gmail.com>; Leonard Rosenthol <lrosenth@adobe.com>; Andrea D'Intino <andrea@dyne.org>; Shannon Appelcline <shannon.appelcline@gmail.com>; Wolf McNally <wolf@wolfmcnally.com>; Christopher Allen <ChristopherA@lifewithalacrity.com>; Daniel Hardman <daniel.hardman@gmail.com>; Deventer, M.O. (Oskar) van <oskar.vandeventer@tno.nl>
Subject: Re: Selective Redaction - docs and examples?
On Mon, Feb 24, 2025 at 9:50 AM Deventer, M.O. (Oskar) van <oskar.vandeventer@tno.nl<mailto:oskar.vandeventer@tno.nl>> wrote:
> “Redaction” applies to the holder blacking-out parts of the information. Take redacted government responses for Freedom-of-Information-Act requests, for example.
Yes, and I think that's kinda what's happening here... except that you can't see what was "blacked out". The term isn't perfect, sure, and elision might be more accurate.
> In case of Verifiable Credentials, it is the verifier who determines what information is needed. An overzealous verifier may decide to requests the full credential: cf hotels or Facebook requesting a full (non-redacted) copy of your passport. The holder has only two options: coerced compliance or walk away. “Selective redaction” is not an option.
Hmm, not really, not in trade documents. The Verifier is going to ask for a bill of lading or a document that is similar in functionality...
they're not going to ask for very specific line items. It's true that they might, but I'll also note that it'll be up to the trade community that is participating in the UN, WCO, CCG, and other bodies to establish expected norms... and I doubt the norm will be to be overly specific beyond what the Verifier needs to progress the transaction.
It's true that you have to give the Verifier what they need to progress the transaction, but some Verifiers that are too demanding might find that supply chain participants might take their business elsewhere if they're asking for information that the Holder feels they don't need to convey.
> Technically, a benevolent verifier would be making a “VC-fragment
> request”. Perhaps less sexy than “selective redaction”, but also less
> misleading
... but isn't that what Verifiers always do? At least in the VP Request case, the Verifier is always asking for a specific set of claims made by the Issuer... they're always asking for a "VC fragment".
-- manu
--
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
https://www.digitalbazaar.com/
-- This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. TNO accepts no liability for the content of this e-mail, for the manner in which you use it and for damage of any kind resulting from the risks inherent to the electronic transmission of messages.