Update glossary (part 2) #9
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ssteinbuss
reviewed
Jun 13, 2025
| @@ -71,17 +71,18 @@ The issuance, presentation and verification of decentralized claims requires a p | |||
| *Figure 1 Issuer-Holder-Verifier Model* | |||
|
|
|||
| ### Consent and Trust | |||
| - __Consent:__ Organizations must approve the release of their credentials. This is managed through predefined policies. | |||
| - __Trust Relationships:__ Trust is established through secure lists of trusted issuers and participating organizations (participants), maintained by the Dataspace Governance Authority (DSGA). | |||
| - __Trust__: The willingness of a participant (= the trustor) to engage in a risky behavior that stems from their vulnerability to the behavior of another participant (= the trustee). | |||
There was a problem hiding this comment.
Source? We should include the ISO/IEC DIS 20151 definition of Trust and trustworthiness, if required.
ssteinbuss
reviewed
Jun 13, 2025
| - __Trust Relationships:__ Trust is established through secure lists of trusted issuers and participating organizations (participants), maintained by the Dataspace Governance Authority (DSGA). | ||
| - __Trust__: The willingness of a participant (= the trustor) to engage in a risky behavior that stems from their vulnerability to the behavior of another participant (= the trustee). | ||
| - __Consent:__ Participants must approve or allow the exchange of their verifiable credentials. This is managed through their predefined policies and the policies from the Dataspace Governance Authority (DSGA) | ||
| - __Trust Relationships:__ Trust relationship is established through secure lists of trusted policies, claims and evidences credential issuers, maintained by the Dataspace Governance Authority (DSGA). |
There was a problem hiding this comment.
This sentence is barely understandable. Consider rephrasing.
ssteinbuss
reviewed
Jun 13, 2025
| - __Consent:__ Organizations must approve the release of their credentials. This is managed through predefined policies. | ||
| - __Trust Relationships:__ Trust is established through secure lists of trusted issuers and participating organizations (participants), maintained by the Dataspace Governance Authority (DSGA). | ||
| - __Trust__: The willingness of a participant (= the trustor) to engage in a risky behavior that stems from their vulnerability to the behavior of another participant (= the trustee). | ||
| - __Consent:__ Participants must approve or allow the exchange of their verifiable credentials. This is managed through their predefined policies and the policies from the Dataspace Governance Authority (DSGA) |
There was a problem hiding this comment.
What is the added value of "allow"?
Please clearly indicate relationship to ISO/IEC DIS 20151 multi policies
ssteinbuss
reviewed
Jun 13, 2025
| ### Decentralization | ||
| - Each participant manages their own identity tokens and credentials. | ||
| - Multiple trust anchors (Credential Issuers) can exist within a dataspace, providing flexibility and resilience. | ||
| - Each participant manages their own credentials. |
There was a problem hiding this comment.
Why remove identity/identifieres?
ssteinbuss
reviewed
Jun 13, 2025
| - Each participant manages their own identity tokens and credentials. | ||
| - Multiple trust anchors (Credential Issuers) can exist within a dataspace, providing flexibility and resilience. | ||
| - Each participant manages their own credentials. | ||
| - Multiple trusted credential issuers, also called trust anchors, can be approved and maintained within a dataspace by the DSGA, providing flexibility and resilience. |
There was a problem hiding this comment.
We do not have a definition for trust anchor.
ssteinbuss
reviewed
Jun 13, 2025
| ### Security Measures | ||
| - All participants must communicate securely via HTTPS. | ||
| - Credentials and presentations must be tamper-proof and support revocation. | ||
| - All credentials exchanges must be done over secure communication channel, like HTTPS. |
ssteinbuss
requested changes
Jun 13, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In the context of #8:
minor update of the definitions to improve terms usage consistency between, credential/verifiable credential,, presentation/verifiable presentation and issuer/trusted issuer/trust anchors