Is there a mechanism to ensure that an issuer is only collecting the information defined in the schema? #11
Comments
|
Why is Faber collecting more data than the transcript? Alice wants to convince Faber of only those attributes that Faber can provide a credential for.
its hard to do in practice unless Alice is sure that Faber is the only one who knows about it.
Alice and Faber can engage in a negotiation protocol where Faber can provide the reference (on the ledger) of the schema and Alice can provide only those attributes to Faber. We do not have such a negotiation documented as of now |
|
Alright - that answers my questions. Thank you. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Using the data from the getting started Alice examples:
Let's say that Faber collects the following data regarding a transcript:
Now the schema definition of transcript is a subset of the fields collected. Furthermore, Faber decides to sell the information to anyone who wants to buy it. Can Alice know that the data Faber collected about her is out on the open market (within the Sovrin ecosystem)? Is there anything in the sovrin foundation protocol regarding being able to trust that the date the issuer collected matches the schema definitions of the credentials they are offering?
The text was updated successfully, but these errors were encountered: