Re: Renaming the Verifiable Issuers/Verifiers spec from Steve Capell on 2026-02-25 (public-credentials@w3.org from February 2026)

From: Steve Capell <steve.capell@gmail.com>
Date: Wed, 25 Feb 2026 13:40:35 +1100
To: Manu Sporny <msporny@digitalbazaar.com>
Cc: W3C Credentials CG <public-credentials@w3.org>
Message-Id: <965CB6FB-DB01-417B-8F68-66AA57426DC0@gmail.com>
I’d like to confirm this this draft specification meets the design goals of what we call a DIA (digital identity anchor) in our UN standards - see here https://untp.unece.org/docs/specification/DigitalIdentityAnchor

I think it probably does but I also note a rather fundamental difference in conceptual architecture 

The w3c efforts in this space seem to focus on the idea of a recognised authority publishing “lists” of recognised members.  For example a national education ministry publishing a list of universities - so that a verifier that receives a degree certificate can verify that the issuer is on the list.

BUT - that works nicely when that list of recognised entities is manageable in size and relatively slowly changing.  However consider a business register such our national register in Australia. 2 million members and roughly 1000 changes per day.  And we are only a mid sized economy 

So the UNTP approach to this problem is not to issue lists. Instead we ask the authority to verify that a given member is genuinely the controller of their DID - abs then issue a very light weight credential that only says “the controller of this did is known to us as <authoritative registered ID>.  

Another requirement we have is that the identity verification must be possible without any direct presentation / relationship between the recognised entity and the verifier. Common in trade because an importing regulator needs to verifier that an exporter in another country that issued an invoice really is the business registered by that registrar in the exporting country 

So no lists and no assumption that an authorised member has any direct relationship with a verifier 

I “think” this draft specification might fit our needs - but I’m not sure I see the explicit credential subject ID (members did) and the link to registered identity (as known to the issuer that is the authoritative register) 

Cheers 

Steven Capell
UN/CEFACT Vice-Chair 
Mob: +61 410 437854

> On 25 Feb 2026, at 12:50 pm, Manu Sporny <msporny@digitalbazaar.com> wrote:
> 
> Hi all,
> 
> The group that is working on the specification currently known as
> "Verifiable Issuers and Verifiers" has made significant progress over
> the past several months to the point where the specification feels
> like it has a fairly stable shape. Stable enough to rename the
> specification, anyway.
> 
> The specification has progressed to be able to allow an individual,
> organization, collective, or nation state to:
> 
> 1. Publish a set of recognized entities (identifiers, legal name,
> logo, website, description, etc.)
> 2. For each recognized entity, also include a list of recognized
> actions that the entity is known to perform (such as "issue a college
> degree that matches this JSON Schema").
> 3. For each recognized entity, specify that the entity is also
> recognized in an external "trust list" format such as EU ETSI Trust
> Lists, X509 Certificate Authority lists, or another
> RecognizedEntityCredential.
> 
> You can view some examples of what a recognized entity credential
> looks like here:
> 
> https://w3c-ccg.github.io/verifiable-issuers-verifiers/#example-a-set-of-known-universities-in-a-particular-nation
> 
> We want to rename the specification as it has outgrown the current
> title. We want the new title to quickly convey that the specification
> provides the capabilities to achieve the three things above. We don't
> want to use words like "trust", "authorized", "list", or anything that
> conveys centralization or an uneven power dynamic of any kind. The
> current proposed titles are:
> 
> Recognized Actions
> Verifiable Recognition
> 
> We're going to collect suggestions through the CCG mailing list, and
> then send a ranked choice poll out to the mailing list so that we can
> get some good data before we pick a new name. We want the name to be
> accurate enough, but also resonate with people that are not familiar
> with all of the minutiae of this community.
> 
> With all that said: What other titles do you think we should consider?
> 
> -- manu
> 
> --
> Manu Sporny - https://www.linkedin.com/in/manusporny/
> Founder/CEO - Digital Bazaar, Inc.
> https://www.digitalbazaar.com/
>
Received on Wednesday, 25 February 2026 02:40:53 UTC