Skip to content

Making explicit the binding of the holder to a VC #794

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from

Conversation

swcurran
Copy link

@swcurran swcurran commented Aug 17, 2021

This PR is an attempt to address #789 , adding, where appropriate (at least in my opinion), explicit references to the binding of a the holder (who will often be the subject) of the VC such that in a verifiable presentation the verifier can authenticate that the holder was issued the verifiable credential.

I've tried to follow the use of links to glossary items, but no doubt under- or over-used those links in places. Likewise for where I have tagged JSON properties with the "code" tag. Any guidance on that would be appreciated.

My main concern about this PR comes from the @David-Chadwick comment that credentialSubject.id may have become the de facto way to authenticate the holder, rather than using holder.id. Starting from scratch, I think it makes far more sense to use holder.id, but I wonder if it is too late. IMHO, I would much prefer that the VC Data Model had no opinion on the contents of the credential (it's just data) vs. explicitly saying there must be a subject and forcing all use cases to map (sometimes artificially) to the structure. However, I understand that is not appropriate to change in the V1.x context. IMHO the use of credentialSubject.id vs. holder.id is a by-product of that decision.


Preview | Diff

@swcurran
Copy link
Author

I've linked my W3C and GitHub accounts. Do I need to submit a new PR? @msporny

@swcurran swcurran closed this Aug 17, 2021
@agropper
Copy link

agropper commented Aug 17, 2021 via email

@swcurran
Copy link
Author

This is a PR not the issue #789. I closed this and opened #795 to try to address the IPR issue in this PR, but I still have that problem. I'm contacting @msporny (via email) for help.

@w3c w3c deleted a comment from agropper Aug 17, 2021
@David-Chadwick
Copy link
Contributor

I would like this PR to add a credentialHolder property with identical syntax to the credentialSubject property i.e. the credentialHolder can contain an optional id and optional holder properties. In this way the issuer can identify the holder by either an id (linked to cryptographic material) or via human readable properties (e.g. name, address, passport number) or both.

@msporny
Copy link
Member

msporny commented Aug 17, 2021

I would like this PR to add a credentialHolder property with identical syntax to the credentialSubject property i.e. the credentialHolder can contain an optional id and optional holder properties. In this way the issuer can identify the holder by either an id (linked to cryptographic material) or via human readable properties (e.g. name, address, passport number) or both.

Can of worms: Opened. :)

Wouldn't this cause all of the fields in credentialSubject to be duplicated in credentialHolder? How does this interact with the existing holder property? What about the evidence property?

@David-Chadwick, also note that this PR is closed, and you might want to comment here: #795

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants