Orie Steele

I don't support this proposal, but only because of how its framed. I think people who want to do PE as it exists today, need a name for it, so...

Dropping support for features is a breaking change. If we are going to make breaking changes wrt to PE, we must make it clear which version of PE is supported......

Wallet presents encryption keys along with credentials? Verifier processes presentation, and encrypts confidential response details to the wallet, to protect against platform layer attacker?

It might be wise to disable the "series" feature, until a fix can be deployed.

The strategy link issue is 404. There are solutions for dynamic state, that rely on getting a fresh status from the issuer at some interval, but where the holder requests...

Nick also mentioned threat model here: https://github.com/w3c/strategy/issues/458 I'm generally supportive of revising the threat model, as the API aligns to support protocols and credential formats. Especially because some threats will...

Can you link to the relevant section of the questionnaire? Or an example of similar disconnected document behavior in another API?

Thanks, perhaps we can look at the answers for webauthn, since the API is similar. It seems like disconnecting the document would destroy any unresolved promises, not sure if there...

it would also be nice to have a more precise definition of "credential type" given there are multiple media types, and each media type has a distinct concept of "type"....

Agree that credential type != media type. An issuer creates a "credential type", by picking a media type, and a set of mandatory and optional attributes, and gives the combination...