Evidence as a Related Credential #919
Comments
|
Evidence examples in TBD's use cases around KYC: https://github.com/TBD54566975/credentials-working-group/blob/main/work_items/kyc-vcs/vc1-requirements-to-accept-a-kyc-vc.md#3-identity-verification-evidence-vocabulary |
|
cc: @jandrieu |
|
We are also interested in this related to supply chain evidence, such as "Site Inspection Credential" as Evidence for "Sustainability Certificates" for example. Related issue: w3c-ccg/traceability-vocab#374 |
|
There may be different types of Evidence: evidence of identity (EOI) -evidence that provides a degree of confidence that a subject is represented by the identity being claimed authoritative evidence - holds identifying attribute(s) that are managed by an authoritative party corroborative evidence - holds identifying attribute(s) that are not managed by an authoritative party |
|
Definitely different types. It would be good to find or create at least a minimal specification for at least a few of these. |
|
It would also be possible to embed the VC directly. |
brentzundel
added
the
ready for PR
|
The issue was discussed in a meeting on 2022-11-02
View the transcript2.3. Evidence as a Related Credential (issue vc-data-model#919)See github issue vc-data-model#919. Brent Zundel: Can you walk us through status of this issue, Gabe?. Kristina Yasuda: Gabe's not here.. Orie Steele: There are a lot of credentials where you go to an Issuer where you present credential as evidence to receive a new credential. Evidence property supports some of these use cases, optional property of core data model. I believe this question is about making it clear what relationship should be about evidence property where evidence is itself another VC.. Michael Prorock: There are a few use cases we see in practice, two areas -- verification of information on open web and traceability across borders and regulatory compliance across borders. In agriculture case, cross border trade some is digitized, some on paper..
Manu Sporny: There is overlap w/ work that Dmitri and Phil has been doing in this area..
Kerri Lemoie: We had evidence in open badges for a while, could be a test score, transcript, file, video, some kind of media, demonstrate proof of achievement. Part of openbadges 3.0, we decided to reuse evidence field for this purpose. That is being used like that right now, not that commonly, but it's how its been implemented in the open badges standard. Phillip Long: As Manu pointed out and Kerri noted, frequent use of evidence field, why a particular achievement was made, in context of hashlink approach that Dmitri propsoed and used in related development of credential -- linked claims, evidence using hashlink you're providing proof of pathway and object itself, then that is a useful mechanism to maintain or present something w/ same authority as original credential.. Brent Zundel: Good discussion, concrete next steps for this issue?. Manu Sporny: We could suggest raising a PR for the extension spec.. Phillip Long: Myself and Kerri and Dmitri can work on that. Manu's right, there are qualifiers, journalism and journalistic reports -- first person vs. second person to help contextualize the link. We're happy to do that..
Shigeya Suzuki: I'm late to file issue/PR for multilingual discussion, I was talking about how I can externalize some of translation maps to external object. I think there is common structure between what we're discussing now and what I'm going to discuss w/ multilingual objects. Manu Sporny: Totally agree, shigeya. Shigeya Suzuki: Trying to create PR for this, will try to rely on part of spec that talks about this external object. This is a good way to use external object.. Brent Zundel: With that we're at time. Thank you to Oliver and Manu for scribing. Always a pleasure to work with each of you. See you next week. Thank you.. |
|
Can anyone provide a convincing case in which a piece of evidence could NOT be expressed as (a set of) regular claims, which could therefore be placed in the section that contains these claims (rather than in a separate |
|
@RieksJ to flip the question - what in your mind would necessitate a new section? why not put |
|
Evidence can take many forms. It could be simply an example of code written or a paper published relevant to credential. In an education/training use case the credential would be an achievement (a diploma in k12, a degree in HE, etc). In a self-asserted credential it may be a capability that has been learned on-the-job, and evidence, again self-asserted included, or hashlinked to so it can live elsewhere on the web (assuming that 'elsewhere' is a stable location) @jandrieu points out you can have a compound credential, one with another inserted within it. The CLRv2 of 1EdTech is doing just that for a combined representation of courses taken in a program of student, aka a transcript, where each course is a separate single-assertion credential following the OBv3 format, and can be individually signed so that when this compound credential is sent the recipient can make use the individually signed course credentials (the OBv3s') to compose a focused subset of their coursework for an application for employment. The method introduced by @dmitrizagidulin for multibase hashlinks (#952 referenced above) allows the choice between doing embedding, useful to keep things together but which might make the payload bigger than one might want, or putting evidence as simply digital objects in a third-party location, or hashlinking to another credential entirely, that might be in a Verifiable Presentation or again living independently on the web. |
|
I don't think this issue is ready for PR. |
I would say that anything within a So: anything that someone considers 'evidence' would be part of a claim (i.e. the specific `credentialSubject-element) if AND ONLY if the evidence proves something about the subject of the claim. Reverting to your original post: IMHO, you should not be looking for ways to make the 'evidence'-property meaningful. Rather, do it the other way around: find a problem to solve and solve it. If it happens to make use of the 'evidence'-property, that's good. If it does not, that's ok too. Otherwise you're looking for aledged solutions for which there may not be a problem. I'd rather see someone suggest to remove the 'evidence' section if there are no real use-cases for it, and only reinstating it if such use-cases come along. |
This is where I disagree. Evidence is not part of the claim itself, it is auxiliary to the claim and can provide information on the claim's issuance and why it should be considered trustworthy. To give a concrete example we are considering credentials around KYC. Depending on the jurisdiction and compliance regulations under which these checks are done there are certain types of evidence that may need to be collected (i.e. a drivers license, selfie, etc.). The evidence leads to the issuance of a KYC claim but is not a part of the claim itself. In fact, in some cases, disclosing the specifics of the evidence that led to the claim's issuance can be highly sensitive. This requires a specific type of evidence that preserves the privacy of both the subject and issuer while providing information to the verifier that a proper evaluation process was observed. |
|
Gabe: Isn’t that what selective disclosure cryptography is intended to address? What gets revealed in a set of ‘claims’ whatever evidence it might include can be withheld from the recipient if it is signed by cryptographic methods that support selective disclosure. That may be a technical step that isn’t currently supported among the individuals of your use case, but that’s the situation that it is intended to address.
Phil
Phillip Long, Ph.D . Senior Scholar
Center for New Designs in Learning & Scholarship, (CNDLS)
http://cndls.georgtown.edu <http://cndls.georgtown.edu/>
e: ***@***.*** ***@***.***>
Telegram: @radhertz
Signal: 5129691774
—
LER Network Facilitator
T3 Innovation Network
US Chamber of Commerce Foundation
***@***.*** ***@***.***>
—
ICoBC - International Council on Badges & Credentials
https://icobc.net <https://iocbc.net/>
e: ***@***.*** ***@***.***/>
… On Jan 3, 2023, at 3:29 PM, Gabe ***@***.***> wrote:
@RieksJ <https://github.com/RieksJ>
So: anything that someone considers 'evidence' would be part of a claim (i.e. the specific `credentialSubject-element) if AND ONLY if the evidence proves something about the subject of the claim.
This is where I disagree. Evidence is not part of the claim itself, it is auxiliary to the claim and can provide information on the claim's issuance and why it should be considered trustworthy.
To give a concrete example we are considering credentials around KYC. Depending on the jurisdiction and compliance regulations under which these checks are done there are certain types of evidence that may need to be collected (i.e. a drivers license, selfie, etc.). The evidence leads to the issuance of a KYC claim but is not a part of the claim itself. In fact, in some cases, disclosing the specifics of the evidence that led to the claim's issuance can be highly sensitive. This requires a specific type of evidence that preserves the privacy of both the subject and issuer while providing information to the verifier that a proper evaluation process was observed.
—
Reply to this email directly, view it on GitHub <#919 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AADYBFFQQ6V422YVAAHF5N3WQSD2JANCNFSM57QEHF2Q>.
You are receiving this because you were assigned.
|
|
@longpd selective disclosure cryptography may very well be an implementation choice that works for the scenario I described. Still, it would be applied to an evidence property, not the claims itself...because it's fundamentally not a claim about the subject, just evidence that led to the claim's issuance. |
|
For reference, this is the working copy of the draft Evidence property that we have proposed to the CCG as a new work item https://docs.google.com/document/d/1htujrb-_1kh8tkV4MXYRmZ44m_D7yFrY09aFJkAz7io But the authors are equally amenable to this being a work item within the VCDM instead |
|
Closing, seems to have been solved by the identity assurance conversation cc: @jandrieu |
|
The issue was discussed in a meeting on 2022-09-15
View the transcript5.7. (issue vc-data-model#919)See github issue vc-data-model#919. Kristina Yasuda: What's the status of this, Gabe?. Gabe Cohen: I don't think there's consensus. I can close it.. Joe Andrieu: I think this has been taken over by the assurance conversation.. |
Looking into how to best make use of the evidence property.
For our use cases at Block, it's common that pieces of evidence are credentials themselves. We are considering how to represent evidence, some thoughts:
Wondering what ways folks have used evidence thus far, and any solutions they may have. Also interested in the best way to formalize some of these concepts/practices for using evidence.
The text was updated successfully, but these errors were encountered: