| Table of Contents | ||
|---|---|---|
|
...
- Is this Issuer Authoritative to issue a particular credential type under a governance framework.
- Is a Verifier Authorized to request a presentation under a governance framework.
- Does the answering Trust Registry acknowledge another Trust Registry under a governance framework.
The v2 efforts are exploring:
- Requirements Capture - a loose capture: Trust Registry Protocol v2 - Loose Capture
- Early input deck: https://docs.google.com/presentation/d/1qQiYTzFrLE4xMFQmgTMM_K6Op-cD6TsjDvUtiDqVmr8/edit?usp=sharing
...
In the same W3C CCG thread, Daniel Hardman made this point:
I feel like decentralization is running into a difficult tension here: we want to democratize issuance (anyone can do it), but we want to trust a limited set of issuers (or at least, a limited set on any given topic). Anybody can create a COVID test result credential, but we only want to accept them if they were issued by a lab that we have reason to trust. Etc...
One solution to this problem is registries: list trusted sources and have your software check whether the issuer is on approved/accredited list by querying. Of course this re-centralizes around the oracle.
...