New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
termsOfUse
is insufficiently specified
#1010
Comments
We had meant |
ODRL is not the only technology that uses this type of processing. Access control systems such as XACML also have similar concepts and machinery that automatically process obligations and prohibitions. But in the VCDM we should not be expected to define any machine processable language. This will be done by applications that use the VCDM. Rather the VCDM should document the generic intention of this property. I think the current text expresses this generic intention rather well, but we can wordsmith it if the general intention is not articulated well enough for some of us. |
The issue was discussed in a meeting on 2023-04-04
View the transcript1.10.
|
Hello everyone, Was there any decision taken based on the usage of termsOfUse. Because in the v1 VC Data model it is stated that this attribute is at risk. Because in Gaia-X Trust Concept for Federations, it has been proposed to verify the trust of federations. And TRAIN Infrastructure has also demonstrated how this can be used to verify the institutional trust of the Issuer. So it would be good to keep this attribute both for VC and VP. |
Its marked at risk...
Its also in the extensions list... It should be removed from the spec, if there is no provable interop on it. |
The issue was discussed in a meeting on 2023-06-28
View the transcript2.3.
|
The issue was discussed in a meeting on 2023-07-26
View the transcript3.1.
|
In gaia-x it has been used to establish trust across cross-domains and also in ebsi it has also been used to reference the trust of the issuer. So we have two potential implementations on it. |
Direct link to @hendersonweb — It would be great if you could help with a pointer to the gaia-x implementation! |
@hendersonweb -- That page is troubling.
The Terms of Use property was never required by the VCDM1.0, nor did it specify "DNS names of trust frameworks" as values. Do you have contacts in that group? It would likely benefit all of them and us if someone from that group could join in our work, here. |
@TallTed ya your right exactly. VCDM1.0 doesn't specify that termsofUse have to be used to specify dns names. But TRAIN based on this paper provides details how trust can be established using termsofUse object. Since gaia-x federation services is planning to use TRAIN as trust implementation model it is required to include DNS names on termsOfUse. Does this help? I'm also a contributor in gaia-x icam working group but i can also inform some other colleagues so they could also plan to join the discussion. |
Lets be careful claiming "termsOfUse" aka "https://www.w3.org/2018/credentials#termsOfUse" is being used in an interoperable manner ... What kinds of tests will we need to add to ensure that "VerifiableAccreditation" is interpreted consistently? Is "VerifiableAccreditation" a type like "JsonSchema" or "StatusList2021Entry" which is understood in an interoperable way today? Should we bundle it in the v2 context? like we are doing for |
Regrettably, "that paper", "A novel approach to establish trust in verifiable credential issuers in Self-sovereign identity ecosystems using TRAIN", was written to use a property which was defined and designed differently in the VCDM than the definition and use set out in that paper. The VCDM was built with extensibility in mind, but this extensibility is designed to use both WG predefined extension points (typically, reserved property names) in specific ways and implementer-defined properties in less-specific ways. It is not meant to repurpose defined properties to hold values that are entirely distinct from the values we have defined those properties to hold. Certainly, Unexpected things will happen if that paper's designs are put into broad use, and its users run into users of the VCDM as designed and specified. I can make no predictions of those things, aside from hoping there will be a lot of processes flagging errors and aborting their activities when unexpected values are found in |
@TallTed Perhaps you should re-read the definition of ToU from the v1 DM. I have copied it here for you "Terms of use can be utilized by an issuer or a holder to communicate the terms under which a verifiable credential or verifiable presentation was issued." In the TRAIN case, the issuer is stating the trust framework terms and conditions under which the VC was issued, by referring to the trusted authority by its DNS name. And again from the v1 DM: "The value of the termsOfUse property MUST specify one or more terms of use policies under which the creator issued the credential or presentation. If the recipient (a holder or verifier) is not willing to adhere to the specified terms of use, then they do so on their own responsibility and might incur legal liability if they violate the stated terms of use. Each termsOfUse value MUST specify its type, for example, IssuerPolicy, and MAY specify its instance id. The precise contents of each term of use is determined by the specific termsOfUse type definition. " In the TRAIN case, the issuer issued the VC under the policy specified by the trust scheme operator according to the type "https://train.trust-scheme.de/info". You need to consult the TRAIN documentation to understand the precise semantics of this URL. No unexpected things will happen, because a verifier will either understand the type "https://train.trust-scheme.de/info" and know how to proceed, or will not understand the type and therefore will not know the semantics of this particular terms of use. This is the case for all ToUs (and indeed for all extension points - the verifier must understand the type of the extension point or it cannot process the extension). |
@David-Chadwick -- Please explain how a recipient of a VC with a Remember -- The |
The information about the trust scheme, its policies and procedures, are pointed to from the ETSI standard trust list created by the trusted authority of the particular domain name. And the URL of this trust list can be automatically obtained from the DNS. (And there are possibly open source libraries that know how to process ETSI standard trust lists since they are well used in Europe, being part of the EIDAS standards). Of course there is a certain amount of background knowledge that is needed in order to understand what is an ETSI standard trust list, and how TRAIN uses this. (In the same way that anyone receiving a VC needs to have a certain amount of background knowledge about JSON-LD, the VC-DM, cryptographic proofs etc.). But once an implementation has this knowledge built into it, then it can look at the ToU type, see that it understands it, then obtain the DNS name of the trust scheme operator, and see if it trusts this particular operator. If it does it can then automatically determine if the VC issuer is trusted or not. We have successfully implemented the entire scheme, so that a verifier that has TRAIN built into it, can determine globally which issuers are trusted. |
"Anyone receiving a (JSON-LD) VC" should be able to "follow their nose" through standard exploration of self-documenting RDF. I do not see this being possible for the ETSI, EIDAS, TRAIN setup discussed here.
Your suggestion is actually that I start by researching what those papers are, and then seek out where I may be able to freely read and/or download them, and then read them. I submit that requiring me (or any recipient of a TRAIN-based VC) to do all that is in itself an argument in support of my prior points. |
Getting back to the nub of this issue, it is about having a ToU that is machine processable. The current TRAIN ToU is precisely that. The verifier code for a verifier that supports TRAIN simply needs to do the following:
|
The issue was discussed in a meeting on 2023-08-30
View the transcript4.7.
|
Sorry for interrupting to discussion. I am the maintainer of "Precondition Policy" and added spec to the Specification of TermOfUse. As my understanding, currently we are debating whether the ToU should be removed. In addition, if ToU is deleted, how should a requirement like the Precondition Policy (a requirement to Verifiy VCs with unclear precondition and stipulate liability for problems caused by them) be realized? |
The first paragraph of terms of use is OK as is, namely Terms of use can be utilized by an issuer or a holder to communicate the terms under which a verifiable credential or verifiable presentation was issued. The issuer places their terms of use inside the verifiable credential . The holder places their terms of use inside a verifiable presentation . This specification defines a termsOfUse property for expressing terms of use information. It is suggested that following paragraph is modified along the following lines to better agree with the initial paragraph. Examples for the value of the termsOfUse property may be to tell the verifier: |
The issue was discussed in a meeting on 2023-09-14
View the transcript5.3.
|
I agree
As a suggestion i) what actions it is required to perform (an obligation ) |
@MizukiSonoko I don't think that disclaimers can be automatically processed by verifiers, although they could be displayed to a human user as information. Given that my proposed revised text is only giving examples of terms of use, we do not need to elaborate it any further (unless you have a different class of example that could be added to the list) |
Sorry, the name (disclaimer) was not good word. |
The issue was discussed in a meeting on 2023-09-26
View the transcript2.2.
|
@msporny I would like to have clarification on two independent implementations. Does it mean TRAIN with termsofUse being used in different use cases and projects? or termsofUse being used in TRAIN and another implmentation like EBSI? |
The latter. |
This has been addressed in PR #1295 |
p.s. there are 3 independent implementations of the EBSI TOU, by walt.id, igrant.io, bc gov. |
Note that there are more usecases than ESSPASS and diploma (Labour cards) that uses it today. Also all EBSI wallets, i believe support it. Full list is here: https://ec.europa.eu/digital-building-blocks/wikis/display/EBSI/Conformant+wallets |
it was pointed out in #1285.
|
I would not be comfortable closing this issue without addressing this question. |
Suggestion to edit the AT RISK notice: https://w3c.github.io/vc-data-model/#terms-of-use Existing text:
Suggested edit: |
Concerning the term 'delegating', it occurred twice in the VCDMv2, once in the ToU text and once in the trust model section. I have now removed it from the ToU section so that it only occurs in the trust model section. |
Hi. With two other projects, we're discussing demonstrating the use of termsOfUse. Is there a deadline? |
@alenhorvat wrote:
The "deadline" is "by the end of the Candidate Recommendation period", which we haven't even entered yet... but plan to enter before the end of the year. We expect the Candidate Recommendation period to last until March/April 2024. |
I think at some point(s) processing should abort if the type of termsOfUse is not recognized; since no one can agree to terms of use without understanding them. I am not sure if such processing (understanding/agreement/use – "consent") is part of algorithms/processes in this specification (I guess not comparison/validation/verification of credentials, or determination of holder/subject relationship/identity) but it is implied in this section that use limits are expected to apply to verifiers and holders.
(my comment/opinion as implementer and former invited expert)
|
I think this falls into business logic, and is thus out of scope for these documents. That said, we could probably include such an advisory to verifiers. I would ask for draft text to help speed that along, but I guess you're no longer appropriately affiliated as "implementer and former invited expert". |
The issue was discussed in a meeting on 2023-11-01
View the transcript2.6.
|
PR #1295 has been merged, which addresses the original issue, and which removed the "delegation" language concern raised in #1010 (comment). Closing. |
@TallTed wrote:
Originally posted by @TallTed in #1004 (comment)
The text was updated successfully, but these errors were encountered: