[Terminology] claim

[RieksJ]

The current definition of claim reads:

An assertion made about a subject.

I have the following concerns regarding this definition:

1. It is (indirectly) defined in terms of itself (because the term subject is defined as A thing about which claims are made. That is generally considered a bad practice for definitions.
2. There are lots of examples where the subject of a claim is not a thing, but a person, or organization. It would be better to replace subject with entity, which is defined as A thing with distinct and independent existence, such as a person, organization, or device that performs one or more roles in the ecosystem..
3. It is relevant that every claim can be attributed to the party that has uttered (authored) it. After all, it is this party that is, in the end, the authority of what the claim actually means.
4. The current definition can be interpreted in different ways. One is that it refers to the meaning of what is asserted. Another that it refers to the data (as it appears in VCs and VPs) that represents it. Leaving the ambiguity intact obfuscates discussions as to the semantics of (parts of) the claim.

Based on the above, I propose to change the definition into:

A digital representation of an assertion made about an entity by a specific party.

Clarifying texts may be added, e.g.:

The entity is called the subject of the claim. The party is referred to as the author of the claim. What the claim actually means (its semantics) is decided on by its author.

[mwherman2000]

A digital representation of an assertion made about an entity by a specific party.

This is a "loaded" definition. We need to keep our terminology - our definitions - simple.

"Assertion" is the loaded word. "Representation" is completely vague. A claim doesn't have to be "by a specific party". The latter is only true if the claim is embedded or contexted inside something like a VC.

Let's start here:

A claim is a name-value property (associated with an entity)

The parenthetical remark isn't technically necessary.

Here's an example of a list or collection of 3 claims (plain and simple):

{
    "red": "255",
    "green": "0",
    "blue": "0"
}

[chaals]

I'm not so sure "assertion" is loaded, but you could use "statement" instead. I think "name-value property" is too much jargon by itself.

Given that the claim, subject, property, etc are all actually connected, it's hard to avoid definitions that don't rely on each other. More to the point, I am not sure it is helpful. Understanding the relationship between a claim and its subject seems like something the definition should help with.

Maybe this is a helpful suggestion:

A claim is a statement made about something (called a "subject"). It is in the form of a named "property" that is asserted apply to the subject. For example, a statement such as "the earth is big" makes the claim the the property "big" applies to a subject that is called "the earth".

as a starting point.

[mwherman2000]

Maybe this is a helpful suggestion:

A claim is a statement made about something (called a "subject"). It is in the form of a named "property" that is asserted apply to the subject. For example, a statement such as "the earth is big" makes the claim the the property "big" applies to a subject that is called "the earth".

as a starting point.

Now you're no longer talking about a claim. Once you associate a claim or collection of claims with a specific entity (e.g. via an association with the entity's identifier), it's now a credential ...it's no longer a claim nor a collection of claims. The following is now a credential:

{
    "id": "did:color:red",
    "claims": {
        "red": "255",
        "green": "0",
        "blue": "0"
    }
}

[Sakurann]

Suggest to

1. clarify that claim is a characteristic or property of an entity
2. potentially rename to attribute

[jandrieu]

I would say a claim is an attestation about a subject. An attribute would presume that some truth is objectively determinable, which goes against the grain of what VCs actually do: enable anyone to say anything about anything.

When someone asserts a characteristic or property, it does not make that characteristic or property a fact.

@mwherman2000's statement that

Now you're no longer talking about a claim. Once you associate a claim or collection of claims with a specific entity (e.g. via an association with the entity's identifier), it's now a credential ...it's no longer a claim nor a collection of claims.

Is incorrect. A claim has always been about a subject. A collection of claims is a credential, just as a paragraph is a collection of sentences. It is not the association of a subject that makes it a credential. The subject is what makes the claim as assertion about something: a sentence made by an issuer, instead of a noun asserted as independent fact.

[Sakurann]

characteristic or property of an entity is from ISO/IEC 24760-1 IT Security and Privacy — A framework for identity management — Part 1: Terminology and concepts

[David-Chadwick]

I would say that if the issuer is trusted, then the claim they make should be taken to be a statement of fact from the issuer's perspective, otherwise the issuer is a liar and why would anyone trust a liar? Some facts are later proven to be false e.g. the earth was believed to be flat thousands of years ago. But at that time it was regarded to be a fact. So objectivity is not a mandatory feature of facts is it? Rather a fact is what the common belief or predominant belief is. (Also consider a judge and jury having to determine the facts in a trial).

[RieksJ]

I would like to go back to the original post in this issue, which is not about what a claim is, or should be. It is about making sure that the concept that the term stands for is something we all have the same idea about, and doesn't have concerns as stated in that post.

So let's get some proposals for criteria that are inspired by what you understand a 'claim' to be, and such that we can all evaluate that criteria in the same way (I proposed one myself in the first post). The discussion should not be whether or not the criteria are 'right' or 'true', but whether or not we have the same understanding of it, i.e. whether or not, in a particular situation, we have the same judgement about what does, and what does not fulfill the criteria. If that turns out to be the case (and we think the distinction made by the criteria is relevant for VCDM purposes), we can talk about what the correct name for that distinction is.

So if we were to start with the suggestion I gave, i.e. "A digital representation of an assertion made about an entity by a specific party", then we would need to establish whether or not each of the following satisfy this criterion:

1. a JSON-element in the credentialSubject section of a VC,
2. the name, date of birth, place of birth and similar stuff in a passport,
3. a passport
4. a coffeecup
5. ... (please come up with suggestions of your own - perhaps something with JWTs or so, but remember we are just trying to figure out whether or not we evaluate the given criterion in the same way, and we're not making any other judgements if I can help it)

The idea of this exercise is to demonstrate that we all have (or: can get) the same understanding of the concept (by showing that we all make the same judgements based on the criteria), which to me is key if we want to collaborate effectively.

Note that the criteria I suggested is only one; I expect others to have different ones. Let's see them, and before doing anything else see if we make the same judgements, e.g. by throwing the same use-cases 1-5 at them.

[selfissued]

As discussed on the 11-Apr-23 special topic call, if we touch this definition, we should align with industry usage of the term, such as the definition in https://www.rfc-editor.org/rfc/rfc7519#section-2 and/or ISO specifications.

[iherman]

The issue was discussed in a meeting on 2023-04-11

• no resolutions were taken

View the transcript

1.4. [Terminology] claim (issue vc-data-model#995)

See github issue vc-data-model#995.

Kristina Yasuda: "[Terminology] claim" - this is about what does a "claim" mean, is the definition clear and precise to what the WG means.

Orie Steele: is "claim" what we used to call "credential"?.

Kristina Yasuda: Orie, I think so - "An assertion made about a subject.".

Orie Steele: See https://www.rfc-editor.org/rfc/rfc4949 for "claim" and "credential"..

Michael Jones: the term claim has industry definitions in RFC4949 and OIDC (possibly borrowed from ISO) - if we are going to tweak, we should align with industry usage.

Michael Prorock: +1.

Michael Prorock: I cannot echo a strong enough plus-whatever to whatever Mike said - there are industry meanings for "claims" and "credentials", we should align our stuff with that, because it causes severe confusion when we're looking at discussions w/ NIST and put profiles/guidance around this..
… Anyone providing guidance around use cases, the word used in VC WG doesn't match definitions in other places... let's try to align with IETF, then ISO, then others..

Ted Thibodeau Jr.: to answer orie's question in the chat - claims are not what we used to call credentials.
… claims are sometimes called assertions and vice versa.
… and a credential is one or more claims grouped together.

Kristina Yasuda: clarification needed potentially since it is such an important topic.

Michael Jones: reluctantly volunteers.

[iherman]

The issue was discussed in a meeting on 2023-04-11

• no resolutions were taken

View the transcript

1.4. [Terminology] claim (issue vc-data-model#995)

See github issue vc-data-model#995.

Kristina Yasuda: "[Terminology] claim" - this is about what does a "claim" mean, is the definition clear and precise to what the WG means.

Orie Steele: is "claim" what we used to call "credential"?.

Kristina Yasuda: Orie, I think so - "An assertion made about a subject.".

Orie Steele: See https://www.rfc-editor.org/rfc/rfc4949 for "claim" and "credential"..

Michael Jones: the term claim has industry definitions in RFC4949 and OIDC (possibly borrowed from ISO) - if we are going to tweak, we should align with industry usage.

Michael Prorock: +1.

Michael Prorock: I cannot echo a strong enough plus-whatever to whatever Mike said - there are industry meanings for "claims" and "credentials", we should align our stuff with that, because it causes severe confusion when we're looking at discussions w/ NIST and put profiles/guidance around this..
… Anyone providing guidance around use cases, the word used in VC WG doesn't match definitions in other places... let's try to align with IETF, then ISO, then others..

Ted Thibodeau Jr.: to answer orie's question in the chat - claims are not what we used to call credentials.
… claims are sometimes called assertions and vice versa.
… and a credential is one or more claims grouped together.

Kristina Yasuda: clarification needed potentially since it is such an important topic.

Michael Jones: reluctantly volunteers.

[RieksJ]

As discussed on the 11-Apr-23 special topic call, if we touch this definition, we should align with industry usage of the term, such as the definition in https://www.rfc-editor.org/rfc/rfc7519#section-2 and/or ISO specifications.

While I think this is worthwhile to strive for, it may not be appropriate and it certainly is not the most important aspect (see also this comment on issue 1047). Let's see what it would mean if we were to consider the suggestions of rfc7519 or that of ISO 24760.

RFC7519 defines 'claim' as "A piece of information asserted about a subject. A claim is represented as a name/value pair consisting of a Claim Name and a Claim Value.". Remember that every element in the credentialSubject field of a VC (which are currently called 'claims') consists of a list of name/value pairs, and hence satisfy the definition of rfc7519. Is that what we want and/or need?

ISO 24760 defines 'claim' as "A statement made by a party about an entity or resource." Typically, statements are texts that may or may not be machine interpretable. Is that what we want and/or need?

The most important aspect of any term in any standard is that it enables its users to (a) determine whether or not something is an instance/example of the concept to which the term refers, and (b) enable authors to write texts that refer to such concepts in an unambiguous fashion. So, the question is more about the concepts we want to use within the context of VCDM (and how we can make sure everyone has the same understanding of that concept) than about which term we should be using for that.

Currently, discussions focus about the term, not the concept that the term refers to. It's like people not properly distinguishing between a pointer and the object a pointer points to. Any (C-)programmer would know what mess this can cause.

[Sakurann]

pending close - good point, but no consensus nor time

[RieksJ]

I object to closing this issue. As becomes clear from reading the transcripts, it is (a) considered an important topic and (b) there are strong opinions to align the term with industry standards. We should sort this out rather than sticking our head in the sand.

I can see why there is no consensus: there are simply too many definitions (which include those of industry standards) to choose from. However, consensus should NOT be about what is the 'right' definition of 'claim'. It should be about the (possibly different) definitions that we need to have such that readers of the VCDM can understand the texts in there, and relate them to their practice. That is a different matter, and it is a criterion that VCDM editors can use to distinguish between comments that are acceptable to take into account. This would mean that the suggestion to align the definition with existing standards is acceptable, and comments like this one might be disregarded in this discussion (it may be appropriate elsewhere). So please discuss this with a focus on the purpose that you want definitions to have.

I do not see at all why there would not be time. Lots of time already went into (fruitless) discussions, and for consensus, that's what it takes. Saying there is no time (which is distinct from deferring it because of some odd deadline or so) thus seems to mean that (the leadership of) the group is incapable of getting issues addressed that are considered 'good points'. That's not very satisfactory for a group that aims to produce a standard.

[iherman]

The issue was discussed in a meeting on 2023-06-21

• no resolutions were taken

View the transcript

2.1. [Terminology] claim (issue vc-data-model#995)

See github issue vc-data-model#995.

Kristina Yasuda: 995 questions the definition of "claim".
… Do we want to redefine it?
… If no, I'm ok marking pending close and keeping as is.

Manu Sporny: Ok to mark is as pending close.
… Unfortunately, we don't have the time to take this right now.
… That said, the author is making a really good point.

pl asu: +1 pending close.

Manu Sporny: Some would say the current definitions aren't harming us that much.

Shigeya Suzuki: https://csrc.nist.gov/glossary/term/credential.

Kristina Yasuda: Any objections?
… Marking.

[TallTed]

I do not see at all why there would not be time

The Working Group has a chartered end date, from which various required time boxes must be subtracted to find where we must finish our work on a Candidate Recommendation (CR) and put a final snapshot out for wide review with a call for implementations.

Whether this is what you call "some odd deadline" is left for you to decide.

I am unable to tell whether you are a participant in the VC WG, though I can see there is no-one listed as @RieksJ nor Rieks. I would suggest that given your apparent strong feelings, you should endeavor to be enrolled as participant, and then move forward as such.

[brentzundel]

@RieksJ
The WG has determined that, although you make some good points, the current definition of claim is not sufficiently bad that we can prioritize fixing it over other things.

Personally, I do not have a problem with the definition of claim, and have no time to draft a PR to change it.

In the 6 months since this issue was raised, no one has taken the time to suggest a change via PR. We are striving as a working group to respond to every open issue by the end of September 2023, with the goal of entering Candidate Recommendation by then.

It is regretful that the working group does not have more time. Perhaps what you say is true, that the leadership of the group are incapable of getting issues addressed that are considered good points. The trouble is, being a good point alone is not sufficient. Someone needs to agree with the good point strongly enough to act. That no one has done so indicates that though this issue may be a priority for you, and though some members of the group may agree with you, changing this non-normative definition into one that may be somewhat more precise is not our top priority.

In deference to your desire that this issue remain open, I will mark it as post-CR, which will leave open the opportunity for anyone to act on it. If no action is taking by the time the VC Data Model v2.0 approaches Proposed Recommendation, this issue will be closed.

[RieksJ]

Being a non-programmer I had to spend real time trying to get a PR in: it was not self-evident to me (actually quite difficult) to find out where everything is. Installing some editing/runtime rendering tools turned out helpful so in the end I found that the terminology section has a file of its own.

So I did the pull request #1172. As you can see there is a problem, that seems related to the fact that I'm not allowed to do that, apparently because I'm not on the W3C members list. That's a pity - as members of TNO's SSI-Lab (which are only a handful people) we have learned some time ago that we would be charged fees as if we are an organization of some 4000 people. I have no trouble with signing some IPR waiver thing, but the membership fees make no sense for TNO and are prohibitive for our small lab budget.

I have an idea now why relatively few people do actual pull requests. I'm curious to find out what will happen with the one I raised, which is likely to influence my future activities/contributions.

[brentzundel]

reopening until disposition of PR #1172 is clear

[iherman]

The issue was discussed in a meeting on 2023-08-15

• no resolutions were taken

View the transcript

1.1. Add "author" and "party" to terminology, rewrite "claim" terminology (pr vc-data-model#1172)

See github pull request vc-data-model#1172.

Brent Zundel: beginning with PR 1172.
… many comments; not closer to consensus...chairs have had a conversation and the recommendation is to give it a week and if no consensus then we close it and continue the conversation in an issue.

Manu Sporny: not objecting to that approach. one of the challenges with changing the terminology--the original terminology was intended to be a couple sentences. this PR makes each def into a paragraph. hard to keep in one's head. suggested that Rieks link out to other sections in the spec for more detail.
… a viable way to add the terminology detail without paragraphs. fine to close PR and move to an issue.

Phillip Long: +1 to using linked data to add more verbose descriptions but otherwise no objection to closing in a week.

See github issue vc-data-model#995.

Michael Jones: fine to just close it, but waiting a week is probably polite.

Brent Zundel: we will wait a week, issue linked will continue the conversation. marking the PR as pending close and adding a note.

[iherman]

The issue was discussed in a meeting on 2024-01-24

• no resolutions were taken

View the transcript

2.6. [Terminology] claim (issue vc-data-model#995)

See github issue vc-data-model#995.

Brent Zundel: Current definition of claim.
… There was a decently long conversation last year. It was ultimately assigned to Mike Jones.
… I don't believe ... I'm not sure what to do here. I'm not sure if there is appetite with mucking about with our current definition of claim.
… This was on our list of "if we have time and still care then then we can think about doing something".

Manu Sporny: I don't know if we care at this point. We had a very long discussion and debate in the PR.

Ted Thibodeau Jr.: JoeAndrieu -- as I recall, the key bit relevant to 1176 is that Verification is crypto/technological which we can specify, while Validation is business logic which we cannot specify.

Manu Sporny: I believe Joe raised another PR that modified other things that did get in. This also had to do with adding more roles to the ecosystem like author and party -- and the PR just kept growing and changing core roles we didn't feel comfortable with. Personally, I think the spec is fine as-is.
… I don't think we need to modify it at this point.

Brent Zundel: Currently our terminology says: "claim: an assertion made about a subject".

Michael Jones: It being assigned to me and having written the definition of in the JWT spec -- I will look into a change to match the understanding in the community or I will close it.

Ivan Herman: More formally, the issue was closed on June 27 -- and then it was reopened by you referring to a PR ... and then there was a discussion on the 15th of August which says "Fine to just to close it, waiting a week is probably polite.".
… That was Mike's last comment, I have the impression that this has already been discussed and decided to be closed and fell between the cracks.

Brent Zundel: We were waiting on closing PR 1172 so the conversation could continue in this issue.
… If folks just want to close this ... I think right now Mike is going to look at this now vs. JOSE's and maybe recommend closing the issue.

Dave Longley: A claim is importantly a triple in the VCDM, not just a property+value -- which might not be exactly like other specs.

Ted Thibodeau Jr.: We resolved to close 1172 because we didn't find consensus there.
… Which also says to just close the issue because we didn't find consensus.

Michael Jones: I should look at it because the claim definition is different than JWT. If I don't get to it, if I don't get to it in a couple of weeks I won't stand in the way.

Brent Zundel: If this one rolls around in the queue again we will close it.

[selfissued]

The current definition is close enough to the one from https://www.rfc-editor.org/rfc/rfc7519.html#section-2 as to not cause a conflict:

Claim
A piece of information asserted about a subject. A claim is represented as a name/value pair consisting of a Claim Name and a Claim Value.

I agree that we should close this issue with no action.

[iherman]

The issue was discussed in a meeting on 2024-02-21

• no resolutions were taken

View the transcript

4.4. [Terminology] claim (issue vc-data-model#995)

See github issue vc-data-model#995.

Manu Sporny: I am against continuing this discussion.

Brent Zundel: Marking "pending close", per the previous minutes.
… If we are pretty sure we're not going to get to something, we should close it.
… I don't have confidence that a future group will pick up on leftovers we leave them.

---

[brentzundel]

No objections raised since being marked pending close closing.