Difference between revisions of "Verifiable Claim"
From MgmtWiki
(→Taxonomy from the spec) |
(→Taxonomy from the spec) |
||
Line 42: | Line 42: | ||
Note that the term [[Identifier or Attribute Provider]] is used in this wiki as the distinction between identifiers and attributes is arbitrary and subject to interpretation. | Note that the term [[Identifier or Attribute Provider]] is used in this wiki as the distinction between identifiers and attributes is arbitrary and subject to interpretation. | ||
+ | ===EXAMPLE - A simple verifiable claim=== | ||
+ | <pre> | ||
+ | { | ||
+ | "@context": "https://w3id.org/security/v1", | ||
+ | "id": "http://example.gov/credentials/3732", | ||
+ | "type": ["Credential", "ProofOfAgeCredential"], | ||
+ | "issuer": "https://dmv.example.gov", | ||
+ | "issued": "2010-01-01", | ||
+ | "claim": { | ||
+ | "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", | ||
+ | "ageOver": 21 | ||
+ | }, | ||
+ | "revocation": { | ||
+ | "id": "http://example.gov/revocations/738", | ||
+ | "type": "SimpleRevocationList2017" | ||
+ | }, | ||
+ | "signature": { | ||
+ | "type": "LinkedDataSignature2015", | ||
+ | "created": "2016-06-18T21:19:10Z", | ||
+ | "creator": "https://example.com/jdoe/keys/1", | ||
+ | "domain": "json-ld.org", | ||
+ | "nonce": "598c63d6", | ||
+ | "signatureValue": "BavEll0/I1zpYw8XNi1bgVg/sCneO4Jugez8RwDg/+ | ||
+ | MCRVpjOboDoe4SxxKjkCOvKiCHGDvc4krqi6Z1n0UfqzxGfmatCuFibcC1wps | ||
+ | PRdW+gGsutPTLzvueMWmFhwYmfIFpbBu95t501+rSLHIEuujM/+PXr9Cky6Ed | ||
+ | +W3JT24=" | ||
+ | } | ||
+ | } | ||
+ | </pre> | ||
==References== | ==References== |
Revision as of 10:07, 5 December 2018
Contents
Full Title or Meme
A Verifiable Claim is one that can be Validated by a signed statement from some recognized authority as to the nature of a linkage between Attributes and a Subject.
Context
- The Context in which a validation applies should be made clear by a policy statement from the validating authorities.
- The mission of the Verifiable Claims Working Group (VCWG) is to make expressing and exchanging credentials that have been verified by a third party easier and more secure on the Web.
Problem
Granting a benefit requires proof and verification. Some benefits demand a formal process that includes three parties. In this process, the holder asks for the benefit and the inspector-verifier grants or denies the benefit based on verification of the holder’s qualification from a trusted issuer.
Solution
- A Verifiable Claims Data Model and Representations document is under development by the W3C Verifiable Claims working group on this GitHub site.
Taxonomy from the spec
Name in spec | Name in this wiki | Definition |
entity | in conflict | A thing with distinct and independent existence such as a person, organization, concept, or device. |
subject | subject | An entity about which claims may be made. |
claim | attribute | A statement made by an entity about a subject. |
verifiable claim | Statement | claim that is effectively tamper-proof and whose authorship can be cryptographically verified, expressed in a standard, machine-readable data format which can also be extended with minimal coordination. |
entity credential | in conflict | A set of one or more claims made by the same entity about a subject. (unclear how this is different from a verifiable claim) |
issuer | issuer | An entity that creates a verifiable claim, associates it with a particular subject, and transmits it to a holder. Examples of issuers include corporations, governments, and individuals. |
inspector-verifier | Attribute Provider | An entity that receives one or more verifiable claims for processing. Examples of inspector-verifiers include employers, security personnel, and websites. |
identifier registry | Identifier Provider | Mediates the creation and verification of subject identifiers. Examples of identifier registries include corporate employee databases, government ID databases, and distributed ledgers. |
Entity Profile | Trusted Identifier | information that, together with a subject identifier id, constitute an entity profile. The properties are not claims and are not intended to be verifiable. |
Issued | Date | Prima facie |
Type | Software in use | Determine the location's expected behavior |
revocation | theoretically impossible | The value of this property must be a revocation scheme that provides enough information to determine whether or not the credential has been revoked. (this sounds like an OCSP) |
Note that the term Identifier or Attribute Provider is used in this wiki as the distinction between identifiers and attributes is arbitrary and subject to interpretation.
EXAMPLE - A simple verifiable claim
{ "@context": "https://w3id.org/security/v1", "id": "http://example.gov/credentials/3732", "type": ["Credential", "ProofOfAgeCredential"], "issuer": "https://dmv.example.gov", "issued": "2010-01-01", "claim": { "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", "ageOver": 21 }, "revocation": { "id": "http://example.gov/revocations/738", "type": "SimpleRevocationList2017" }, "signature": { "type": "LinkedDataSignature2015", "created": "2016-06-18T21:19:10Z", "creator": "https://example.com/jdoe/keys/1", "domain": "json-ld.org", "nonce": "598c63d6", "signatureValue": "BavEll0/I1zpYw8XNi1bgVg/sCneO4Jugez8RwDg/+ MCRVpjOboDoe4SxxKjkCOvKiCHGDvc4krqi6Z1n0UfqzxGfmatCuFibcC1wps PRdW+gGsutPTLzvueMWmFhwYmfIFpbBu95t501+rSLHIEuujM/+PXr9Cky6Ed +W3JT24=" } }
References
- Synonyms include: Assurance Attested Corroborated.