Making explicit the binding of the holder to a VC #794
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR is an attempt to address #789 , adding, where appropriate (at least in my opinion), explicit references to the binding of a the holder (who will often be the subject) of the VC such that in a verifiable presentation the verifier can authenticate that the holder was issued the verifiable credential.
I've tried to follow the use of links to glossary items, but no doubt under- or over-used those links in places. Likewise for where I have tagged JSON properties with the "code" tag. Any guidance on that would be appreciated.
My main concern about this PR comes from the @David-Chadwick comment that
credentialSubject.id
may have become the de facto way to authenticate the holder, rather than usingholder.id
. Starting from scratch, I think it makes far more sense to useholder.id
, but I wonder if it is too late. IMHO, I would much prefer that the VC Data Model had no opinion on the contents of the credential (it's just data) vs. explicitly saying there must be a subject and forcing all use cases to map (sometimes artificially) to the structure. However, I understand that is not appropriate to change in the V1.x context. IMHO the use ofcredentialSubject.id
vs.holder.id
is a by-product of that decision.Preview | Diff