clarify relationship to the proof property and the specifications defining how to secure VCs

[Sakurann]

from the issue #1285

4.9 Securing Verifiable Credentials

I don't see anywhere that tells a verifier to check the securing mechanism before trusting the content.

Could this section say to look up the proof's type in a registry, and use the specification found there to determine whether the credential was provably provided by a trusted issuer?

This section should mention that the "proof" property is a graph container … except in https://www.w3.org/TR/vc-data-integrity/#verify-proof, I don't see any expectation that there's a graph on either side of the "proof" property, so I'm not sure it actually should be.

Clarifying the relationship to the proof property and the specifications defining how to secure VCs should address these questions.

[Sakurann]

this section should be renamed from 4.9 Securing VCs to 4.9 Proof.

[iherman]

This issue should be covered by #1326: it does give a precise set of statements, in terms of graphs, of what proof covers for VCs and VPs.

[msporny]

PRs #1326, #1338, #1389, #1394, #1403 have been merged. Each PR partially address this issue, but together they fully address the issue. Closing.