Closed
Description
VCs are a special case of generalized processors. Because the processor has data about an RO in the clear, they could use it in unauthorized ways. When a processor creates and issues a VC, it might or might not be as a result of a controller's direction or request. An audit mechanism is needed to mitigate the risk of rogue issuers.
For example, a client, probably the RO or data subject, could request that a log entry be made in a public ledger upon issuance and also included in the VC. The subject and verifier would then be able to audit the issue. This is similar to voting schemes that give the voter a coded receipt that they can look up on a registry to ensure their vote was correctly processed.
Metadata
Metadata
Assignees
Labels
No labels