Verifiable Claim
From MgmtWiki
Contents
Full Title or Meme
A Verifiable Claim is one that can be Validated by a signed statement from some recognized authority as to the nature of a linkage between Attributes and a Subject.
Context
- The Context in which a validation applies should be made clear by a policy statement from the validating authorities.
- The mission of the Verifiable Claims Working Group (VCWG) is to make expressing and exchanging credentials that have been verified by a third party easier and more secure on the Web.
Problem
Granting a benefit requires proof and verification. Some benefits demand a formal process that includes three parties. In this process, the holder asks for the benefit and the inspector-verifier grants or denies the benefit based on verification of the holder’s qualification from a trusted issuer.
Solution
- A Verifiable Claims Data Model and Representations document is under development by the W3C Verifiable Claims working group on this GitHub site.
Taxonomy from the spec
| Name in spec | Name in this wiki | Definition |
| entity | in conflict | A thing with distinct and independent existence such as a person, organization, concept, or device. |
| subject | subject | An entity about which claims may be made. |
| claim | attribute | A statement made by an entity about a subject. |
| verifiable claim | Statement | claim that is effectively tamper-proof and whose authorship can be cryptographically verified, expressed in a standard, machine-readable data format which can also be extended with minimal coordination. |
| entity credential | in conflict | A set of one or more claims made by the same entity about a subject. (unclear how this is different from a verifiable claim) |
| issuer | issuer | An entity that creates a verifiable claim, associates it with a particular subject, and transmits it to a holder. Examples of issuers include corporations, governments, and individuals. |
| inspector-verifier | Attribute Provider | An entity that receives one or more verifiable claims for processing. Examples of inspector-verifiers include employers, security personnel, and websites. |
| identifier registry | Identifier Provider | Mediates the creation and verification of subject identifiers. Examples of identifier registries include corporate employee databases, government ID databases, and distributed ledgers. |
| Entity Profile | Trusted Identifier | information that, together with a subject identifier id, constitute an entity profile. The properties are not claims and are not intended to be verifiable. |
| Issued | Date | Prima facie |
| Type | Software in use | Determine the location's expected behavior |
| revocation | theoretically impossible | The value of this property must be a revocation scheme that provides enough information to determine whether or not the credential has been revoked. (this sounds like an OCSP) |
Note that the term Identifier or Attribute Provider is used in this wiki as the distinction between identifiers and attributes is arbitrary and subject to interpretation.
EXAMPLE - A simple verifiable claim
{
"@context": "https://w3id.org/security/v1",
"id": "http://example.gov/credentials/3732",
"type": ["Credential", "ProofOfAgeCredential"],
"issuer": "https://dmv.example.gov",
"issued": "2010-01-01",
"claim": {
"id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
"ageOver": 21
},
"revocation": {
"id": "http://example.gov/revocations/738",
"type": "SimpleRevocationList2017"
},
"signature": {
"type": "LinkedDataSignature2015",
"created": "2016-06-18T21:19:10Z",
"creator": "https://example.com/jdoe/keys/1",
"domain": "json-ld.org",
"nonce": "598c63d6",
"signatureValue": "BavEll0/I1zpYw8XNi1bgVg/sCneO4Jugez8RwDg/+
MCRVpjOboDoe4SxxKjkCOvKiCHGDvc4krqi6Z1n0UfqzxGfmatCuFibcC1wps
PRdW+gGsutPTLzvueMWmFhwYmfIFpbBu95t501+rSLHIEuujM/+PXr9Cky6Ed
+W3JT24="
}
}
References
- Synonyms include: Assurance Attested Corroborated.
