Skip to content
This repository has been archived by the owner. It is now read-only.
Permalink
Browse files

Add John Tibbett's comments on Verifiable Claims charter.

  • Loading branch information...
msporny committed Mar 12, 2016
1 parent 8835107 commit 50a53d3f40ee17b69ac2a850dc60ac1c0f938af0
Showing with 20 additions and 13 deletions.
  1. +20 −13 VCTF/charter/vcwg-draft.html
@@ -154,6 +154,13 @@ <h2 id="goals">Goals</h2>
result of a common set of technology for expressing and verifying claims.
</li>
<li>
Ensuring that the machine-readable language that expresses verifiable
claims (aka vocabularies) are 1) reusable, so that a single vocabulary
may suit the needs of a broad set of stakeholders, and 2) extensible, so
that particular industry verticals may build extensions on top of
existing vocabularies to suit their needs.
</li>
<li>
Enhancing some aspects of privacy and unlinkability for the subject of a
verifiable claim.
</li>
@@ -205,25 +212,25 @@ <h3 id="definitions">Definitions</h3>
<dd>A set of verifiable claims that refer to a qualification, achievement, personal quality, aspect of an identity such as a name, government ID, preferred payment processor, home address, or university degree typically used to indicate suitability.</dd>
</dl>

<h3 id="security">Security and Privacy Considerations</h3>
<h3 id="security">Security and Privacy Considerations</h3>

<p>Security is obviously critical for verifiable claims.</p>
<p>Security is critical for verifiable claims.</p>

<p>The Working Group will work with the organizations
listed in the liaisons section of the charter to help ensure data model and
document security.</p>

<p>Protection of the privacy of all participants in a credentials
ecosystem
is essential to maintaining the trust that credential systems are
dependent upon to function. A credential format defined by this group
should not disclose private details of the participants' identity or
other sensitive information unless
required for operational purposes, by legal or jurisdictional rules, or when
deliberately consented to (e.g. as part of a loyalty program) by the
owner of the information. The design of any data model and format should
guard against the unwanted leakage of such data through exploitation
of the API.</p>
<p>
Protection of the privacy of participants in a credentials ecosystem
is important to maintaining the trust that credential systems are
dependent upon to function. A credential format defined by this group
should not disclose private details of the participants' identity or
other sensitive information unless required for operational purposes,
by legal or jurisdictional rules, or when deliberately consented to
(e.g. as part of a request for information) by the owner of the
information. The design of any data model and format should guard against
the unwanted leakage of such data.
</p>

</div>
<div>

0 comments on commit 50a53d3

Please sign in to comment.
You can’t perform that action at this time.