vc-data-model
vc-data-model copied to clipboard
w3c
Improve tests for Evidence
See https://www.w3.org/TR/vc-data-model/#evidence
DocumentVerification2018...
this tremendously poorly defined and should be defined for all serializations or removed.
Ideally we would have a test suite that shows how this property supports interoperability, and that suite would cover popular feature such as identity assurance in sufficient detail.
Please do not remove this.
There are some use cases where providing evidence of the pre-issuance DID auth is exceptionally valuable.
This property is meant to be an extension point and we should keep it as such.
@jandrieu can you point to examples of this extension that are being used in the wild today?
I know folks have been considering it, we should gather evidence that it's being used or being considered, and if we can't we should try and remove it to simplify the spec.
I can't, today, speak publicly about either of the two initiatives I know of who are expecting this capability.
What I will say is that without evidence of having performed did-auth embedded in the VC itself, we have no mechanism to verify whether or not the issuer, in fact, proofed control of the DID before issuance. For those subject=holder use cases that rely on the verifier to compare the VP signer to the Subject ID to perform a second step in identity assurance, the evidence property is the only way (within the current spec) that I know of to demonstrate that the first step was completed satisfactorily.
This extension point exists for a reason. Removing it just to "simplify the spec" isn't appropriate here.
I think @selfissued also knows of some folks considering this feature, we should strive to get it covered in the test suite, if it really is being used.