Skip to content

Update glossary (part 2) #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update glossary (part 2) #9

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 9 additions & 8 deletions DCPvsOID/DCPvsOID.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,17 +71,18 @@ The issuance, presentation and verification of decentralized claims requires a p
*Figure 1 Issuer-Holder-Verifier Model*

### Consent and Trust
- __Consent:__ Organizations must approve the release of their credentials. This is managed through predefined policies.
- __Trust Relationships:__ Trust is established through secure lists of trusted issuers and participating organizations (participants), maintained by the Dataspace Governance Authority (DSGA).
- __Trust__: The willingness of a participant (= the trustor) to engage in a risky behavior that stems from their vulnerability to the behavior of another participant (= the trustee).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Source? We should include the ISO/IEC DIS 20151 definition of Trust and trustworthiness, if required.

- __Consent:__ Participants must approve or allow the exchange of their verifiable credentials. This is managed through their predefined policies and the policies from the Dataspace Governance Authority (DSGA)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the added value of "allow"?

Please clearly indicate relationship to ISO/IEC DIS 20151 multi policies

- __Trust Relationships:__ Trust relationship is established through secure lists of trusted policies, claims and evidences credential issuers, maintained by the Dataspace Governance Authority (DSGA).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This sentence is barely understandable. Consider rephrasing.

### Decentralization
- Each participant manages their own identity tokens and credentials.
- Multiple trust anchors (Credential Issuers) can exist within a dataspace, providing flexibility and resilience.
- Each participant manages their own credentials.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why remove identity/identifieres?

- Multiple trusted credential issuers, also called trust anchors, can be approved and maintained within a dataspace by the DSGA, providing flexibility and resilience.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We do not have a definition for trust anchor.

### Base Protocols
- __Verifiable Presentation Protocol:__ Defines how credentials are stored and presented.
- __Credential Issuance Protocol:__ Defines how credentials are requested and issued.
- __Verifiable Presentation Protocol:__ Defines how verifiable credentials are stored and presented via verifiable presentations
- __Credential Issuance Protocol:__ Defines how verifiable credentials are requested and issued.
### Security Measures
- All participants must communicate securely via HTTPS.
- Credentials and presentations must be tamper-proof and support revocation.
- All credentials exchanges must be done over secure communication channel, like HTTPS.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

- Verifiable Credentials and Verifiable Presentations must be tamper-proof and support revocation.
### Profiles
- Different profiles define specific ways to handle credentials, revocation, and proof mechanisms to ensure interoperability.

Expand Down