Ciao Tom,
Forgive the delay in replying to you, I rarely find pleasure in discussion
as in moments of sharing with you.
I feel every responsibility for not being able to describe its purposes in
the introduction of the specification, this is clear to me from your
comment below.
> That's far worse
Hi Denis,
sorry for the delay, below by points.
> A *digital credential* may be presented to a verifier long after it has
been issued.
In the abstract we say what's the status attestation. Probably it's an
editorial suggestion from you to say what's the substantial difference
between the digital
That's far worse than I ever imagined. It seems like it's bloody well
useless. ..tom
On Tue, Jan 23, 2024 at 5:48 AM Orie Steele
wrote:
> There are at least 2 kinds of vp.
>
> W3C has them and they can be secured or not.
>
> SD-JWT has them, and they can have key binding or not.
>
> An sd-jwt w
There are at least 2 kinds of vp.
W3C has them and they can be secured or not.
SD-JWT has them, and they can have key binding or not.
An sd-jwt without key binding is indistinguishable from a credential except
for looking at the unprotected disclosures.
SD-JWT has a section on forwarding presen
VPs are not reused AFAIK.
thx ..Tom (mobile)
On Mon, Jan 22, 2024, 4:41 PM Watson Ladd wrote:
> It could be a resused one obtained from a different context. Does that
> matter? Depends on application. There's also a question of what it
> means the subject processed it: people don't process VCs,
It could be a resused one obtained from a different context. Does that
matter? Depends on application. There's also a question of what it
means the subject processed it: people don't process VCs, their
computers do. (Hence the terminology of User Agent, not user, in the
W3C)
On Sun, Jan 21, 2024
I should have added - if you get a verifiable presentation from a wallet
with a verifiable credential - it is my understanding that the VP is proof
possession - in the sense that the VC has been processed by the subject to
create the VP.
I started to collect some information about that here - but
Technically oauth is about authorization not authentication. And
technically attestation is provided by rats and not oauth. So if you think
that you are confused, so is everyone else at this point.
thx ..Tom (mobile)
On Sun, Jan 21, 2024, 11:51 AM wrote:
> Hi Tom et al.
>
> Earlier this or last
yes - i see that's what you are doing and think it is not only wrong, but
misleading.
Somehow words like trust and proof are given technological definitions by
technologists that do not reflect the words existing meaning, but seek to
gain reflected credence by their use in technological contexts. .
Great question.
I will give my 2 cents:
proof -> a cryptographic ability that is verifiable
signature -> proof of control of a private key.
presentation -> proof of control of a private key that is bound to a
signature (SD-JWT Presentation with key binding)
presentation -> also just forwarding
Proof seems to be yet another term for which we already have other terms.
Can anyone explain the difference between:
proof
presentation
evidence.
..tom
On Fri, Jan 19, 2024 at 4:28 AM Denis wrote:
> Hi Giuseppe,
>
> Ciao Denis,
>
> Thank you! By points.
>
> First, I still have a vocabulary pro
Hi Giuseppe,
Ciao Denis,
Thank you! By points.
First, I still have a vocabulary problem. The text states:
A *digital credential* may be presented to a verifier long after it
has been issued.
It should rather say: A *digital proof *(derived from a digital
credential) may be presented t
12 matches
Mail list logo