Specify roles that apply to each usage pattern mitigations.

msporny · msporny · commit 4dc6700220b5 · 2024-04-20T17:28:27.000-04:00
diff --git a/index.html b/index.html
@@ -5837,20 +5837,22 @@ <h3>Usage Patterns</h3>
 
         <ul>
           <li>
-Using a globally-unique identifier as the [=subject=] for any given
-[=credential=] and never re-use that [=credential=].
+The [=holder=] software providing a globally-unique identifier as the
+[=subject=] for any given [=verifiable credential=] and never reusing that
+[=verifiable credential=].
           </li>
           <li>
-If the [=credential=] supports revocation, using a globally-distributed
-service for revocation.
+The [=issuer=] using a globally-distributed service for revocation such that
+it is not contacted when revocation checks are performed.
           </li>
           <li>
-Designing revocation APIs that do not depend on submitting the ID of the
-[=credential=]. For example, use a revocation list instead of a query.
+Specification authors designing revocation mechanisms that do not depend on
+submitting a unique identifier for a [=verifiable credential=]. For example, by
+using a privacy-preserving revocation list instead of a query API.
           </li>
           <li>
-Avoiding the association of personally identifiable information with any
-specific long-lived [=subject=] identifier.
+[=Issuers=] avoiding the association of personally identifiable information with
+any specific long-lived [=subject=] identifier.
           </li>
         </ul>
 
@@ -5876,8 +5878,9 @@ <h3>Usage Patterns</h3>
         </p>
 
         <p>
-Privacy risks of [=credential=] usage occur when unintended or unexpected
-correlation arises from the presentation of [=credentials=].
+Privacy violations of [=verifiable credential=] usage occur when unintended or
+unexpected correlation arises from the presentation of those
+[=verifiable credentials=].
         </p>
       </section>
 
