diff --git a/index.bs b/index.bs index 5388d6a..a3163e1 100644 --- a/index.bs +++ b/index.bs @@ -301,15 +301,15 @@ The actors are: Note: In this model, the definition of a **credential** shifts to a set of *claims* (attributes) linked to *identifiers* controlled by the user. While credentials represent identities, not all claims within a credential are used for identification. They can describe various characteristics, extending the application of credentials beyond mere identification. The actors exchange: -* **Verifiable Credential (VC)**: When the Issuer sends them to the Holder, who then stores it in their Wallet. Credential is called *Verifiable* because has *technologies, such as digital signatures, makes verifiable credentials more tamper-evident and more trustworthy than their physical counterparts*. - * **Metadata**: of the Credentials. +* **Verifiable Credential (VC)**: When the Issuer sends them to the Holder, who then stores it in their Wallet. The word *Verifiable* refers to the characteristic of a credential (or presentation) as being able to be verified (though cryptographic mechanisms) by a *Verifier*. The addition of technologies, such as digital signatures, makes verifiable credentials more tamper-evident and more trustworthy than their physical counterparts. + * **Metadata**: of the Credentials, to describe properties such as the *Issuer*, the expiry date and time, a representative image, the *Issuer* public key to use for verification purposes, the revocation mechanism, and so on. * **Claim(s)**: one or more assertions where a characteristic of a subject is described (e.g., the subject is a citizen of a certain state, was born in a certain place on a certain day, month, and year, and can drive cars of this type). - * **Proof(s)**: cryptographic proof of the integrity of the credential, typically via a digital signature. + * **Proof(s)**: cryptographic proof of the integrity and the authenticity of the credential, typically via a digital signature. The proof is generated by the Issuer. -* **Verifiable Presentation (VP)**: When the Holder sends a credential to the Verifier, which then verifies it. The basic case is to present the credential as is. However, in many scenarios, the holder may wish to present only a subset of the credential claims to the verifier - called *Selective Disclosure (SD)* - or a combination of information from different credentials. It contains: - * **Metadata**: of the presentation. - * **Credential(s)**: information derived or combined from one or more credentials. - * **Proof(s)**: cryptographic proof of the integrity of the credential(s) and the presentation. +* **Verifiable Presentation (VP)**: When the Holder sends a credential to the Verifier, which then verifies it. VC are used to present claims to a Verifier by proving control over credentials that certify them. The basic case is to present the credential as is. However, in many scenarios, the holder may wish to present only a subset of the credential claims to the verifier - this mechanism is called *Selective Disclosure (SD)* - or a combination of information from different credentials. It may contain: + * **Metadata**: of the Presentation, including the *Issuer* public key to use for verification purposes. + * **Credential(s)**: information derived or combined from one or more credentials. If *Selective Disclosure* is adopted, no credentials are shown, but only a subset of the credential claims. + * **Proof(s)**: cryptographic proof of the integrity and authenticity of the presentation. The proof is generated by the Holder. It consists in a proof of knowledge of a credential certifying the (dislosed) credential claims. If *Selective Disclosure* is adopted, the proof is obtained through the use of a cryptographic zero-knowledge proof. Note: Refer to Ivan Herman’s [W3C Verifiable Credentials Overview](https://www.w3.org/TR/vc-overview/) for a comprehensive overview of Verifiable Credentials.