Add definition of Issuee #1468
Add definition of Issuee #1468
Conversation
Add issuee and changes due to adding it
David-Chadwick
requested review from
msporny,
iherman,
selfissued and
decentralgabe
as code owners
msporny
requested review from
BigBlueHat,
dlongley,
jandrieu,
longpd,
dmitrizagidulin,
andresuribe87,
Wind4Greg,
TallTed,
brianorwhatever,
brentzundel and
KDean-GS1
| [=claims=], and transmitting the [=verifiable credential=] to the | ||
| [=issuee=]. Example issuers include corporations, non-profit organizations, |
There was a problem hiding this comment.
Hmm, it could be that an issuer hands the credential to some party other than the issuee as the first holder. And that party will / is expected to perform delivery to the issuee. At least, I would expect people to think that the issuee is different from this intermediary. I worry that this change reduces something more general to a specific case where the issuer interacts directly with the "issuee" whereas the previous text allowed for there to be any number of intermediaries.
If an issuer issues into a repository managed by a third party that holds the credentials for later pickup by eventual recipients -- is that third party the issuee ... or are those recipients the issuees?
Issuers may also issue directly onto public lists, where I don't think the "public list" would be considered an "issuee", but it would be a "holder". There may be no "issuee" in this case ... right?
I think we would need different language here around the "issuee" case being a more specific case (even if it happens quite often) of the more general model. So the issuer always issues to a holder, which may / may not be expressed or recognized as an issuee?
There was a problem hiding this comment.
@dlongley — Good questions! Definitely need to be addressed!
(Such questions are part of why I suggested there be an issue [per repo] for this, as comments on an issue will be more visible in the future than inline PR review comments.)
There was a problem hiding this comment.
After submitting this PR, I (privately) raised with Manu the issue of making changes to our multiple documents now and he recommended waiting for this PR to be resolved before making any changes to any other of our documents
| [=claims=], and transmitting the [=verifiable credential=] to the | ||
| [=issuee=]. Example issuers include corporations, non-profit organizations, |
There was a problem hiding this comment.
Is there only one issuee, by definition?
Or could the issuer simultaneously transmit the VC to multiple issuees?
| [=claims=], and transmitting the [=verifiable credential=] to the | |
| [=issuee=]. Example issuers include corporations, non-profit organizations, | |
| [=claims=], and transmitting the [=verifiable credential=] to an | |
| [=issuee=]. Example issuers include corporations, non-profit organizations, |
There was a problem hiding this comment.
I believe that all current protocols are 1 to 1 and not 1 to many
There was a problem hiding this comment.
I believe that all current protocols are 1 to 1 and not 1 to many
But is that a necessary restriction, to be enshrined in this standard? I think one-to-many is, and should be preserved as, a possibility.
| [=verifiable credentials=] from an [=issuer=]. An issuee is a subclass | ||
| of the holder role. |
There was a problem hiding this comment.
| [=verifiable credentials=] from an [=issuer=]. An issuee is a subclass | |
| of the holder role. | |
| [=verifiable credentials=] directly from an [=issuer=]. The issuee | |
| role is a subclass of the [=holder=] role. |
There was a problem hiding this comment.
The word "directly" is not in the current text so I suggest not to make this change.
I accept your changes to the role sentence, thanks.
There was a problem hiding this comment.
I thought that this sentence would be sufficient to tell the reader that all issuees are holders, but not all holders are issuees. That is the meaning of subclassing.
There was a problem hiding this comment.
The word "directly" is what ensures that the issuee does not receive the VC from an intermediary holder ... Or is such a relay possible in your mental model? Is issuee defined simply as "the entity identified as such within the VC", rather than reflecting anything about the VC's passage from issuer to (holder to) issuee??
There was a problem hiding this comment.
Maybe an issuee is one or more entities that an issuer can opt to explicitly identify as intended holders -- and that's all that needs to be said. I don't expect us to come to consensus on any text that reduces the generality we have today around the flow of VCs, but text that identifies some special (and particularly useful) case of holder roles on top of it is probably acceptable.
| <dt><dfn class="export" data-lt="issuee|issuee's">issuee</dfn></dt> | ||
| <dd> | ||
| A role an [=entity=] performs when it receives a [=verifiable credential=] from | ||
| the [=issuer=]. | ||
| </dd> |
There was a problem hiding this comment.
Does this overlap/repeat lines 376-382?
Does the data-lt attribute value (now snigular, plural, and possessive) need to include the (singular) string within the <dfn>?
| <dt><dfn class="export" data-lt="issuee|issuee's">issuee</dfn></dt> | |
| <dd> | |
| A role an [=entity=] performs when it receives a [=verifiable credential=] from | |
| the [=issuer=]. | |
| </dd> | |
| <dt><dfn class="export" data-lt="issue|issuees|issuee's">issuee</dfn></dt> | |
| <dd> | |
| A role an [=entity=] performs when it receives a [=verifiable credential=] directly | |
| from an [=issuer=]. | |
| </dd> |
There was a problem hiding this comment.
I am not sure the proposed change to the data-lt is correct. Lets discuss at a WG meeting.
Again, "directly" is not in the current text, so I prefer not to make this change.
There was a problem hiding this comment.
I am not sure the proposed change to the data-lt is correct. Lets discuss at a WG meeting.
Fine.
Again, "directly" is not in the current text, so I prefer not to make this change.
This (something which the WG needs to decide) seems more important to discuss in a WG call than the data-lt change (which is strictly a question of the technicalities of that attribute, and can be answered by anyone more versed in the finer points of ReSpec magic.)
There was a problem hiding this comment.
-1 to "directly" -- the meaning is vague.
Is the use of a proxy to receive the credential "directly"? Is the use of a browser to receive it into a digital wallet "directly"? Is the use of a hold-and-pickup-later service "directly"? ... and if we explain what "directly" means, does it add value to the understand-ability of the text?
There was a problem hiding this comment.
OK. So, issuee is a role assigned to an entity (not performed by that entity, as no action on that entity's part is required), which assignment, made by the issuer of a VC, is achieved by including a claim that sets (a? the?) value of the issuee property to an identifier of that entity.
By that definition, transmission of the VC to that entity isn't required, which means that the issuee is not necessarily a holder.
(And there's enough hashing out happening through suggestions on this PR that the discussion should probably be moved to an issue or a non-suggestion thread, because the suggestions will vanish if merged, and become hard to see if resolved.)
| <dt><dfn class="export" data-lt="issuers|issuer's">issuer</dfn></dt> | ||
| <dd> | ||
| A role an [=entity=] can perform by asserting [=claims=] about one or | ||
| more [=subjects=], creating a [=verifiable credential=] from these |
There was a problem hiding this comment.
As above, does this echo/repeat lines 369-372?
Does the data-lt attribute value (now singular, plural, and possessive) need to include the (singular) string within the <dfn>?
| <dt><dfn class="export" data-lt="issuers|issuer's">issuer</dfn></dt> | |
| <dd> | |
| A role an [=entity=] can perform by asserting [=claims=] about one or | |
| more [=subjects=], creating a [=verifiable credential=] from these | |
| <dt><dfn class="export" data-lt="issuer|issuers|issuer's">issuer</dfn></dt> | |
| <dd> | |
| A role an [=entity=] can perform by asserting [=claims=] about one or | |
| more [=subjects=], creating a [=verifiable credential=] from these |
There was a problem hiding this comment.
I have not made any edits to this text, so this should be a separate PR on the current CR.
| [=claims=], and transmitting the [=verifiable credential=] to the | ||
| [=issuee=]. | ||
| </dd> |
There was a problem hiding this comment.
As above, does this echo/repeat lines 373-376?
| [=claims=], and transmitting the [=verifiable credential=] to the | |
| [=issuee=]. | |
| </dd> | |
| [=claims=], and transmitting the [=verifiable credential=] to an | |
| [=issuee=]. | |
| </dd> |
There was a problem hiding this comment.
See discussion above
|
This PR only addresses the VCDM, not any of the connected documents. Again, I recommend opening one issue (and associated PR) per repo, and cross linking those issues. |
That (inaccurate) comment shows that such language is definitely needed. An accurate version of that statement would be "All issuees are holders, but many holders are not issuees" (a la "all squares are rectangles, but many rectangles are not squares"). Something like this might be a start -- |
In my understanding, one can be an issuee without being a holder. I can create a credential as an issuer about someone (issuee) and not give it to them. Holder speaks to possession. Issuee speaks to intention (whether the party is identified or not). |
In that scenario, you, as an issuer, have created a credential about someone (who is a/the subject of that credential). Since you haven't given it to them, I don't think they're an issuee. I'm not sure whether you, as the issuer of the VC, can also be the issuee, or are just a holder, until you pass that VC to someone else, who (I think) would need to be identified as issuee within the VC for others to usefully and reliably treat them as such.
I don't quite understand your use-case/user-story. I can't imagine a scenario where discussing an unidentified issuee is useful. There is always an issuee, who receives the VC from the issuer, but I think that an issuee who is not identified as such within the VC cannot be usefully referenced as the issuee by anyone other than the issuer, and even their reference seems questionably useful to me. Perhaps you could offer a concrete change to my suggested paragraph? And/or discuss issuee with @David-Chadwick, hopefully in a public space, so we can all benefit from that conversation? |
| [=verifiable credentials=] from an [=issuer=]. An issuee is a subclass | ||
| of the holder role. |
There was a problem hiding this comment.
The word "directly" is not in the current text so I suggest not to make this change.
I accept your changes to the role sentence, thanks.
| @@ -420,6 +426,8 @@ <h3>Ecosystem Overview</h3> | |||
| </figcaption> | |||
| </figure> | |||
|
|
|||
| [PR NOTE. Figure 1 will need updating to replace Holder with Issuee/Holder] | |||
|
|
|||
There was a problem hiding this comment.
This note can be removed now, as Figure 1 has been updated.
There was a problem hiding this comment.
I'm a strong -1 to updating the diagram to introduce two terms for a single block in the diagram. This will confuse readers -- "Well, which one is it... 'holder' or 'issuee', or is it both?"
Note: This doesn't mean I'm averse to defining the term, but introducing it as a top-level term will harm more than it helps.
| <dt><dfn class="export" data-lt="issuee|issuee's">issuee</dfn></dt> | ||
| <dd> | ||
| A role an [=entity=] performs when it receives a [=verifiable credential=] from | ||
| the [=issuer=]. | ||
| </dd> |
There was a problem hiding this comment.
I am not sure the proposed change to the data-lt is correct. Lets discuss at a WG meeting.
Again, "directly" is not in the current text, so I prefer not to make this change.
| <dt><dfn class="export" data-lt="issuers|issuer's">issuer</dfn></dt> | ||
| <dd> | ||
| A role an [=entity=] can perform by asserting [=claims=] about one or | ||
| more [=subjects=], creating a [=verifiable credential=] from these |
There was a problem hiding this comment.
I have not made any edits to this text, so this should be a separate PR on the current CR.
| [=claims=], and transmitting the [=verifiable credential=] to the | ||
| [=issuee=]. | ||
| </dd> |
There was a problem hiding this comment.
See discussion above
There was a problem hiding this comment.
I'm currently a -1 to the definition of "issuee". Just because we can subclass new terms doesn't mean we should, especially when we only use the term in a handful of places in the specification.
The mistake that many communities make is defining LOTS of terminology and acronyms and then insisting that those on the periphery of the community learn those terms as well. The more special terminology we have, the harder it becomes to grok the ecosystem we're describing.
I suggest that "issuee" falls into this category of a subclass term that does not add much value. IOW, I don't know what problem defining "issuee" is solving, but I can certainly see what problem it is creating.
The use in the specification is minimal, and when used, it doesn't really clarify much.
There was a problem hiding this comment.
We should not change the holder definition in this way.
We have a considerable legacy of a three-party model. Issuees are already covered by holders as a role. Adding this additional language, IMO, does not clarify. It only obfuscates, as you can see with the extended conversation about what the term means, its multiplicity, whether the issuee is the first recipient or intended initial recipient, etc.
We should not make these changes.
|
As an alternative I would propose clarifying what "holder" means in different scenarios. A holder is...
|
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
This might be a good avenue to help clear up confusion, but I'm not sure your language hits the mark.
Agreed. This is the current definition.
Unfortunately, we cryptography can't prove who a credential was issued to. All it can prove is that a current party has access to a cryptographic secret that can prove control over the identifier used for one of the subjects. WHO the initial VC is "issued to" in the sense of "issuee" is the hard problem of confidenceMethod. We can't blithely assert that the secret holder is the issuee. Because, in fact, the controller of an identifier may not be involved in the issuance of a VC using that identifier. Presuming that they are is beyond the guarantees of the spec.
This is a subject who is a holder. Jamming two nouns together and pretending its a new noun most likely doesn't help with the confusion. The subject may not be the controller of the identifier. They may not be the holder. We have to be exceptionally careful about the implied guarantees. If you are making a statement about the subject, use "subject". If making a statement about the holder, use "holder". At no point, to my consideration, does it seem better to say "subject holder" rather than just "subject". I have the same stylistic take on using the term "presenter" and "recipient" to describe the momentary role of a holder when performing those tasks. We could say "presenter holder" or "recipient holder" but since "holder" is well-defined, referring to the "presenter" or the "recipient" simply highlights the action taken by that role, without confusion, IMO. The extra words certainly don't make it easier to read. In fact, I think it makes it more confusing. Concise language is good language. IMO, confidenceMethod dealt with this appropriately, given issuers a standard way to tell verifiers how they might establish confidence that the presenter of a VC is, in fact, one of the subjects of that VC. |
|
Please continue this discussion in the issue |
|
The issue was discussed in a meeting on 2024-04-03
View the transcript2.3. Add definition of Issuee (pr vc-data-model#1468)See github pull request vc-data-model#1468. David Chadwick: Heads up. The PR exists for the issuee property, but Ted asked to move the discussion back to the issue. Ivan Herman: can you add the issue reference in the minutes? David Chadwick: 1467. See github issue vc-data-model#1467. Gabe Cohen: might be useful to add a comment to the PR stating that. David Chadwick: It's there, but it's buried in the middle. Ted Thibodeau Jr.: let's talk about in the issue, then we implement it in the PR (or in a new PR), which likely would be different. Gabe Cohen: David would you like to discuss this? |
|
Please see #1467 (comment) |
|
The issue was discussed in a meeting on 2024-04-10
View the transcript2.6. Add issuee definition (issue vc-data-model#1467)See github issue vc-data-model#1467. See github pull request vc-data-model#1468. Brent Zundel: ok, we're at time, thanks everyone. |
|
7 days marked as pending close with no objections, closing. |
Add issuee and changes due to adding it
Preview | Diff