- From: David Chadwick <d.w.chadwick@truetrust.co.uk>
- Date: Thu, 17 Jul 2025 14:53:14 +0100
- To: public-credentials@w3.org
- Message-ID: <8b89015b-973e-4429-aae8-855c7d534969@truetrust.co.uk>
Hi Everyone Isaac and myself apologise for missing last week's meeting. Isaac is intending to be at the next meeting on 23 July. Comments on the minutes below On 09/07/2025 23:05, meetings@w3c-ccg.org wrote: > *Verifiable Issuers and Verifiers Specification:* The group discussed > the format and content of the specification, noting that the current > version is not in Verifiable Credential format and may be overly > heavyweight. The latest version does have an example in VC format, albeit that it references a web page where the actual verifiable list is presented. As can be seen from the previous data model examples, the VC would be rather large if it encompassed, say a whole country level list, hence the reason for having an externally referenced list as a VC example. The data model at the moment defines all the list attributes that the authors think can be useful, but as a NOTE already mentions, we want the WG to say which attributes are mandatory and which are optional (and which can be removed if thought to be not needed). We did not want to do this ourselves as we think that a larger consensus on the mandatory attributes is much better. This will ensure that the list is as lightweight as the WG wants it to be. > The group considered a minimum viable example focusing on DID Web > addresses, credential types, and JSON schema. JSON schemas are already part of the data model, as are credential types. > A need to align with existing work on issuer registries (e.g., DCC and > Credential Engine's OIDC-based approach) was identified. We have tried to align with the ongoing ESTI work, since the existing ETSI standard already has a large implementation base, and we expect the new standard will have an even larger following. We think that the W3C model should be an intersection of the ETSI work, eliminating attributes that are not so useful in a global context (the authors have already tried to do this) and adding attributes to make the work global in scope (rather than EU focussed). > The possibility of a more decentralized approach, leveraging > credentials to assert trust rather than a large central list, was also > discussed. The model is already highly decentralised, as it makes no statements about who can be a list owner. This can be a single entity or an entire country. It is a decision of the list user as to who they trust to issue lists. We are familiar with the OIDF Federation model, in which every entity publishes its own information, but this is too decentralised since it is the only option available. Kind regards David
Received on Thursday, 17 July 2025 13:53:22 UTC