├── .github └── ISSUE_TEMPLATE │ ├── extant-use-case.md │ ├── focal-use-case.md │ └── short-use-case.md ├── .pr-preview.json ├── CODEOWNERS ├── CONTRIBUTING.md ├── LICENSE.md ├── README.md ├── VerifiableCredentialsProblemDomains.png ├── VerifiableCredentialsUserRoles.png ├── VerifiableCredentialsUserTasks.png ├── example.pml ├── example.svg ├── focal ├── 1_citizenship_by_parentage.html ├── 2_expert_dive_instructor.html ├── 3_international_travel_with_minor_and_upgrade.html ├── 3_international_travel_with_minor_and_upgrade_examples.html ├── 4_gs1_identification.html └── 4_gs1_identification_examples.html ├── index.html ├── payments.html ├── publication-snapshots ├── CGFR-2017-05-01 │ ├── example.svg │ ├── index.html │ ├── uc-issuing-claims.svg │ ├── user-needs.svg │ ├── user-roles.svg │ └── user-tasks.svg ├── NOTE-2017-06-08 │ ├── Overview.html │ ├── example.svg │ ├── uc-issuing-claims.svg │ ├── user-needs.svg │ ├── user-roles.svg │ └── user-tasks.svg └── NOTE-2019-09-24 │ ├── Overview.html │ ├── VerifiableCredentialsProblemDomains.png │ ├── VerifiableCredentialsUserRoles.png │ ├── VerifiableCredentialsUserTasks.png │ ├── diff.html │ ├── example.svg │ ├── uc-issuing-claims.svg │ ├── user-needs.svg │ ├── user-roles.svg │ └── user-tasks.svg ├── refs.js ├── short ├── c1_find_a_doctor.html ├── c2_busy_doctor.html ├── c3_bad_university.html ├── c4_new_employer.html ├── c5_social_authority.html ├── c6_job_applicant.html ├── d1_devices_during_manufacturing.html ├── d2_devices_during_delivery.html ├── d3_devices_setup_for_operating_autonomously.html ├── e1_digital_transcript.html ├── e2_taking_a_test.html ├── e3_transferring_schools.html ├── e4_online_classes.html ├── f1_reuse_know_your_customer.html ├── f2_money_transfer.html ├── f3_closing_account.html ├── f4_trying_out_a_new_service.html ├── f5_new_bank_account_from_home.html ├── h1_prescribing.html ├── h2_online_pharmacy.html ├── h3_insurance_claim.html ├── h4_traveling_illness.html ├── h5_proving_legal_disability_status.html ├── l1_digital_driving_license.html ├── l2_seamless_immigration.html ├── l3_speedy_air_travel.html ├── l4_refugee_crisis.html ├── r1_address-verification.html ├── r2_adult_beverages.html ├── r3_fraud_detection.html └── r4_bona_fide_shopper.html ├── terms.html ├── uc-issuing-claims.pml ├── uc-issuing-claims.svg ├── user-needs.svg ├── user-roles.svg ├── user-tasks.svg └── w3c.json /.github/ISSUE_TEMPLATE/extant-use-case.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Extant Use Case 3 | about: Use this template to submit an extant use case. 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | Put very short (single sentence) description here. 11 | 12 | [Put text describing link here](https://www.example.org/put_link_here) 13 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/focal-use-case.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Focal Use Case 3 | about: Use this template to submit a focal use case. 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | # Background 11 | 12 | Provide some background for those unfamiliar with the use case domain. 13 | 14 | # Distinction 15 | 16 | How does this differ from other focal use cases? 17 | 18 | # Actors 19 | 20 | Explain who the actors are and how they relate to the use case. 21 | 22 | ## Issuer 23 | 24 | Who issues the credential? 25 | 26 | ## Subject 27 | 28 | Who is the subject of the credential? 29 | 30 | ## Holder 31 | 32 | Who holds the credential? 33 | 34 | ## Verifier 35 | 36 | Who verifies the credential? 37 | 38 | # Validation Requirements 39 | 40 | How does the verifier know that the credential is valid? Are there any relationships with or dependencies on other Verifiable Credentials? 41 | 42 | # Example Artefacts 43 | 44 | Repeat each sub-heading (Verifiable Credential, Verifiable Presentation) as necessary. 45 | 46 | ## Verifiable Credential - Put simple description here 47 | 48 | Put detailed description here. 49 | 50 | ```json 51 | { 52 | 53 | } 54 | ``` 55 | 56 | ## Verifiable Presentations - Put simple description here 57 | 58 | Put detailed description here. 59 | 60 | ```json 61 | { 62 | 63 | } 64 | ``` 65 | 66 | # Trust Hierarchy 67 | 68 | Describe the trust hierarchy (liabilities) here. 69 | 70 | # Threat Model 71 | 72 | Repeat sub-heading (Risk) as necessary. 73 | 74 | ## Risk - Put simple description here 75 | 76 | Put detailed description here, including and especially the response(s) to the risk. 77 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/short-use-case.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Short Use Case 3 | about: Use this template to submit a short use case. 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | Put short (one paragraph) description here. 11 | -------------------------------------------------------------------------------- /.pr-preview.json: -------------------------------------------------------------------------------- 1 | { 2 | "src_file": "index.html", 3 | "type": "respec" 4 | } 5 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | # These owners will be the default owners for everything in the repo. 2 | # Unless a later match takes precedence, these people will be requested for 3 | # review when someone opens a pull request. 4 | * @jandrieu 5 | * @KDean-GS1 6 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Verifiable Claims Task Force 2 | 3 | Contributions to this repository are intended to become part of Recommendation-track documents 4 | governed by the [W3C Patent Policy](https://www.w3.org/Consortium/Patent-Policy-20040205/) and 5 | [Document License](https://www.w3.org/Consortium/Legal/copyright-documents). To contribute, you must 6 | either participate in the relevant W3C Working Group or make a non-member patent licensing 7 | commitment. 8 | 9 | If you are not the sole contributor to a contribution (pull request), please identify all 10 | contributors in the pull request's body or in subsequent comments. 11 | 12 | To add a contributor (other than yourself, that's automatic), mark them one per line as follows: 13 | 14 | ``` 15 | +@github_username 16 | ``` 17 | 18 | If you added a contributor by mistake, you can remove them in a comment with: 19 | 20 | ``` 21 | -@github_username 22 | ``` 23 | 24 | If you are making a pull request on behalf of someone else but you had no part in designing the 25 | feature, you can remove yourself with the above syntax. 26 | -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | All documents in this Repository are licensed by contributors under the [W3C Document 2 | License](https://www.w3.org/Consortium/Legal/copyright-documents). 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Verifiable Credentials Use Cases 2 | 3 | This describes the use cases supported by the Verifiable Credentials Data Model. 4 | 5 | We encourage contributions meeting the [Contribution 6 | Guidelines](CONTRIBUTING.md). While we prefer the creation of issues 7 | and Pull Requests in the GitHub repository, discussions often occur 8 | on the 9 | [public-vc-wg](http://lists.w3.org/Archives/Public/public-vc-wg/) 10 | mailing list as well. 11 | 12 | ## Use Cases (this document) editor's draft: 13 | * [Use Cases](https://w3c.github.io/vc-use-cases/) 14 | 15 | ## Verifiable Credentials Working Group 16 | * Group page: [https://www.w3.org/2017/vc/WG/](https://www.w3.org/2017/vc/WG/) 17 | * Charter: [https://www.w3.org/2022/06/verifiable-credentials-wg-charter.html](https://www.w3.org/2017/vc/WG/charter.html) 18 | 19 | ## Other useful links 20 | * [Public group email archive](https://lists.w3.org/Archives/Public/public-vc-wg/) 21 | -------------------------------------------------------------------------------- /VerifiableCredentialsProblemDomains.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w3c/vc-use-cases/eb53b1e1cc588c87e9c7ef1c5611772e57749913/VerifiableCredentialsProblemDomains.png -------------------------------------------------------------------------------- /VerifiableCredentialsUserRoles.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w3c/vc-use-cases/eb53b1e1cc588c87e9c7ef1c5611772e57749913/VerifiableCredentialsUserRoles.png -------------------------------------------------------------------------------- /VerifiableCredentialsUserTasks.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w3c/vc-use-cases/eb53b1e1cc588c87e9c7ef1c5611772e57749913/VerifiableCredentialsUserTasks.png -------------------------------------------------------------------------------- /example.pml: -------------------------------------------------------------------------------- 1 | @startuml 2 | ' bringing this in from the master branch 3 | !includeurl https://raw.githubusercontent.com/w3c/webpayments-ig/master/VCTF/common/skin.pml 4 | !ifndef SKIN_INCLUDED 5 | skinparam { 6 | backgroundColor transparent 7 | defaultFontName Lucida Sans 8 | shadowing false 9 | } 10 | skinparam sequence { 11 | DividerBackgroundColor transparent 12 | LifeLineBackgroundColor transparent 13 | } 14 | !endif 15 | 16 | Autonumber 17 | 18 | Actor Jane 19 | Participant "Credential Repository" as CV 20 | Participant "User Agent" as UA 21 | Participant "Credential Consumer" as merchant 22 | 23 | Jane->merchant: Navigate to web site 24 | 25 | Note right 26 | Merchant requires that 27 | web site users be at 28 | least 21 years of age 29 | End note 30 | 31 | merchant->UA: Request proof of age 32 | UA->CV: Need proof of age 33 | CV->Jane: Displays relevant credentials 34 | Jane->CV: Selects a credential 35 | CV->merchant: Use this credential as proof of age 36 | merchant->merchant: Verify 37 | merchant->UA: Redirect to web site 38 | 39 | title Example age verification flow 40 | 41 | @enduml 42 | -------------------------------------------------------------------------------- /example.svg: -------------------------------------------------------------------------------- 1 | Example age verification flowJaneJaneCredential RepositoryCredential RepositoryUser AgentUser AgentCredential ConsumerCredential Consumer1Navigate to web siteMerchant requires thatweb site users be atleast 21 years of age2Request proof of age3Need proof of age4Displays relevant credentials5Selects a credential6Use this credential as proof of age7Verify8Redirect to web site -------------------------------------------------------------------------------- /focal/1_citizenship_by_parentage.html: -------------------------------------------------------------------------------- 1 |
2 |

Citizenship by Parentage

3 |

Background

4 |

5 | Sam wants to claim US citizenship because his mother is American. Sam has a 6 | digital birth certificate from Kenya, where he was born while his Mother was 7 | in the Peace corps. He also has a digital version of his mother's US passport. 8 | Because his mother’s name changed between his birth and the issuance of the 9 | passport, Sam also has a marriage license with her maiden and married names. 10 | Sam is applying for a new passport from the US Secretary of State. 11 |

12 |

Distinction

13 |

14 | This use case is challenging because the mother’s name changed, by marriage, 15 | between the issuance of the birth certificate and passport. 16 |

17 |

Scenario

18 |

19 | Sam’s mother emailed him the certificate, license, and passport as independent 20 | Verifiable Credentials. He then creates a verifiable presentation 21 | which includes those credentials, a statement of their relationship to each 22 | other and his relationship to his mother. He then visits the US Secretary of 23 | State website, creates an account, starts the application for a passport, and 24 | uploads his new verifiable presentation as supporting evidence. After 25 | processing the application, Sam is issued both a traditional passport and a 26 | new digital passport. 27 |

28 |

Verifiable Credentials

29 |
30 |
31 | Birth Certificate 32 |
33 |
34 | Establishes relationship to mother with maiden name 35 |
36 | 37 |
38 | Marriage License 39 |
40 |
41 | Establishes mother's name change 42 |
43 | 44 |
45 | Mother’s Passport 46 |
47 |
48 | Establishes mother's US citizenship 49 |
50 | 51 |
52 | Sam’s Passport 53 |
54 |
55 | Establishes Sam is the child in the birth certificate 56 |
57 |
58 | 59 |

Verifiable Presentation

60 |

61 | A verifiable presentation which includes those three credentials, 62 | adds his name, photo, and demographic data along with the assertions that — 63 |

64 | 73 |

Trust Hierarchy

74 |

75 | Sam is legally liable for his claim to the rights of citizenship. The state 76 | department is on the hook for verifying the underlying credentials and Sam’s 77 | claims, including correlating against any additional data they might 78 | already have. 79 |

80 |

Threat model

81 | 131 |
132 | -------------------------------------------------------------------------------- /focal/2_expert_dive_instructor.html: -------------------------------------------------------------------------------- 1 |
2 |

Expert Dive Instructor

3 |

Background

4 |

5 | Pat earned multiple diving credentials while living and working in Fiji and 6 | Australia. Later, Pat is hired by NOAA as a Dive Instructor, which requires 7 | that they maintain certification as an instructor with additional specialist 8 | diver certifications in dry suit, night diving, and search and recovery. The 9 | dive instructor certification is public record, but the additional specialist 10 | certifications are private because they are for personal diving, not acting 11 | as an instructor. 12 |

13 |

14 | Part of Pat's job is logging the certifications of fellow divers during NOAA 15 | sanctioned dives. 16 |

17 |

Distinction

18 |

This use case is difficult because: 19 |

40 |

41 |

Scenario

42 |

43 | When Pat applied for his job at NOAA, he provided verifiable credentials 44 | issued by different dive schools licensed by PADI to do so. NOAA verifies 45 | cryptographically that the certifications were issued by PADI-approved dive 46 | schools and that the credentials were still in good standing by checking both 47 | the certifications' *and* the dive schools' revocation services. 48 |

49 |

50 | Upon accepting the job, Pat issues NOAA a revocable token that allows NOAA to 51 | check the current status of all of his certifications — not just the 52 | status of a single verifiable credential. After any specific 53 | certification expires — and Pat renews it — NOAA's next check of 54 | Pat's certifications returns the status of the renewed certification, not just 55 | the status of the (now expired) verifiable credential. 56 |

57 |

58 | When Pat takes a group of divers on NOAA sanctioned dives, he records the 59 | verifiable credentials for each diver (which demonstrate their diving 60 | certifications), creates a verifiable credential including those 61 | credentials; he signs and archives it on his laptop. 62 |

63 |

64 | When Pat retires from NOAA, he revokes that token and NOAA staff is no longer 65 | able to monitor his non-public certification status. 66 |

67 |

Verifiable Credentials

68 | 91 |

Verifiable Presentation

92 | 97 |

Trust Hierarchy

98 | 124 |

Threat model

125 | 306 |
307 | -------------------------------------------------------------------------------- /focal/3_international_travel_with_minor_and_upgrade.html: -------------------------------------------------------------------------------- 1 |
2 |

International Travel with Minor and Upgrade

3 |

Background

4 |

5 | Malathi is traveling internationally with her 8-month-old son, Anand. His 6 | father, Rajesh, is staying home. Malathi has enough frequent flyer miles to 7 | upgrade the ticket to first class. 8 |

9 |

Distinction

10 |

11 | This use case is difficult because: 12 |

13 | 40 | 41 |

Scenario

42 |

43 | Malathi obtains permission from Rajesh stating she is allowed to take the baby 44 | out of the country. 45 |

46 |

47 | Prior to booking the trips, Malathi visits HappyAir.com to request an upgrade 48 | to first class. HappyAir issues a verifiable credential redeemable for 49 | a first class upgrade on an international flight. 50 |

51 |

52 | She books the plane tickets through her travel agent who adds the lap child 53 | to the ticket. 54 |

55 |

56 | HappyAir verifies that Malathi has a signed statement from Anand’s other 57 | parent stating that she may exit the country with him. 58 |

59 | 60 |

Verifiable Credentials

61 |
62 |
63 | Malathi's passport 64 |
65 |
66 | Establishes identity of the traveling parent 67 |
68 | 69 |
70 | Anand's passport 71 |
72 |
73 | Establishes identity of the minor 74 |
75 | 76 |
77 | Anand's Birth Certificate 78 |
79 |
80 | Establishes relationship to parents and provides link from Rajesh to Anand that 81 | qualifies the permission to travel 82 |
83 | 84 |
85 | Permission to travel from Rajesh 86 |
87 |
88 |
    89 |
  • 90 | Grants permission from non-traveling parent for minor to travel. 91 |
    • 92 |
  • 93 | Identity matches identity of the parent in the birth certificate, establishing 94 | relevance. 95 |
    • 96 |
97 |
98 | 99 |
100 | Upgrade coupon for first class ticket 101 |
102 |
103 | Introduces commercial value in a verifiable credential 104 |
105 |
106 |

107 | For details, refer to 108 | Example Verifiable Credentials 109 | in Appendix 110 |

111 | 112 |

Verifiable Presentation

113 |

114 | Submitted to HappyAir, includes Malathi and Anand's passport, assertion of 115 | permission, birth certificate and Frequent Flyer coupon. 116 |

117 | 118 |

Trust Hierarchy

119 | 152 | 153 |

Threat model

154 | 234 |
235 | -------------------------------------------------------------------------------- /focal/3_international_travel_with_minor_and_upgrade_examples.html: -------------------------------------------------------------------------------- 1 |
2 |

Focal Use Case: International Travel with Minor and Upgrade

3 | 4 | 
  5 | {
  6 |       "@context": [
  7 |             "https://w3id.org/credentials/v1",
  8 |             "https://example.com/travel-vocab/v1"
  9 |       ],
 10 |       "id": "urn:uuid:9f6878c8-73c7-11e8-ab37-23a1a3504fd0",
 11 |       "type": ["VerifiableCredential", "PassportCredential"],
 12 |       /* gov't DID */
 13 |       "issuer": "did:example:CCnF3zFaXkPN4zB94XaomRdvw2zX3XHPVX3aExcgo6PV",
 14 |       "expires": "2028-01-01T00:00:00Z",
 15 |       "claim": {
 16 |             "id": "did:example:BcRisGnqV4QPb6bRmDCqEjyuubBarS1Y1nhDwxBMTXY4",
 17 |             "givenName": "Malathi",
 18 |             "familyName": "Hamal",
 19 |             "citizenship": "US",
 20 |             /* any other claims made by gov't */
 21 |       },
 22 |       "proof": {/* signature by gov't */}
 23 | }
 24 |
25 | 26 | 
 27 | {
 28 |       "@context": [
 29 |             "https://w3id.org/credentials/v1",
 30 |             "https://example.com/travel-vocab/v1"
 31 |       ],
 32 |       "id": "urn:uuid:9f6878c8-73c7-11e8-ab37-23a1a3504fd0",
 33 |       "type": ["VerifiableCredential", "PassportCredential"],
 34 |       /* gov't DID */
 35 |       "issuer": "did:example:CCnF3zFaXkPN4zB94XaomRdvw2zX3XHPVX3aExcgo6PV",
 36 |       "expires": "2028-01-01T00:00:00Z",
 37 |       "claim": {
 38 |             "id": "did:example:BcRisGnqV4QPb6bRmDCqEjyuubBarS1Y1nhDwxBMTXY4",
 39 |             "passport": {
 40 |                   "id": "urn:uuid:79c181dc-73c7-11e8-8c1f-2bb1fd2d268a",
 41 |                   "type": "Passport",
 42 |                   "traveler": {
 43 |                         "id": "did:example:BcRisGnqV4QPb6bRmDCqEjyuubBarS1Y1nhDwxBMTXY4",
 44 |                         "givenName": "Malathi",
 45 |                         "familyName": "Hamal",
 46 |                         "citizenship": "US"
 47 |                   },
 48 |                   /* any other passport fields */
 49 |             }
 50 |       },
 51 |       "proof": {/* signature by gov't */}
 52 | }
 53 |
54 | 55 | 
 56 | {
 57 |       "@context": [
 58 |             "https://w3id.org/credentials/v1",
 59 |             "https://example.com/travel-vocab/v1"
 60 |       ],
 61 |       "id": "urn:uuid:b306614c-73c7-11e8-b596-47e8c5ce9144",
 62 |       "type": ["VerifiableCredential", "PassportCredential"],
 63 |       /* gov't DID */
 64 |       "issuer": "did:example:CCnF3zFaXkPN4zB94XaomRdvw2zX3XHPVX3aExcgo6PV",
 65 |       "expires": "2020-01-01T00:00:00Z",
 66 |       "claim": {
 67 |             "id": "did:example:8vFBbPrhBUyG6DEzVncBZpzBNsmRrbfsQKXQKPLskBCu",
 68 |             "givenName": "Anand",
 69 |             "familyName": "Hamal"
 70 |             "citizenship": "US",
 71 |             /* any other claims made by gov't */
 72 |       },
 73 |       "proof": {/* signature by gov't */}
 74 | }
 75 |
76 | 77 | 
 78 | {
 79 |       "@context": [
 80 |             "https://w3id.org/credentials/v1",
 81 |             "https://example.com/travel-vocab/v1"
 82 |       ],
 83 |       "id": "urn:uuid:05a47fe2-73c8-11e8-ac1e-7fe0051a1d75",
 84 |       "type": ["VerifiableCredential", "BirthCertificate"],
 85 |       "issuer": "did:example:CCnF3zFaXkPN4zB94XaomRdvw2zX3XHPVX3aExcgo6PV",
 86 |       "expires": "2020-01-01T00:00:00Z",
 87 |       "claim": {
 88 |             "id": "did:example:8vFBbPrhBUyG6DEzVncBZpzBNsmRrbfsQKXQKPLskBCu",
 89 |             "citizenship": "US",
 90 |             "birthDate": "2017-10-01T00:00:00Z",
 91 |             "birthPlace": {
 92 |                   "type": "Hospital",
 93 |                   "address": {
 94 |                         "type": "US address",
 95 |                         "addressLocality": "Denver",
 96 |                         "addressRegion": "CO",
 97 |                         "postalCode": "80209",
 98 |                         "streetAddress": "123 Main St."
 99 |                   }
100 |             },
101 |             "givenName": "Anand",
102 |             "familyName": "Hamal",
103 |             "parent": [{
104 |                   "id": "did:example:BcRisGnqV4QPb6bRmDCqEjyuubBarS1Y1nhDwxBMTXY4",
105 |                   "type": "Person",
106 |                   "givenName": "Malathi",
107 |                   "familyName": "Hamal",
108 |                   "maidenName": "Holla"
109 |                   }, {
110 |                   "id": "did:example:BgXRjB4RPrrsUVoVNaYNwzfznKsWep7AWrZkiyVcorEN",
111 |                   "type": "Person",
112 |                   "givenName": "Rajesh",
113 |                   "familyName": "Hamal"
114 |             }]
115 |       },
116 |       "proof": {/* signature by gov't */}
117 | }
118 |
119 | 120 | 
122 | {
123 |       "@context": [
124 |             "https://w3id.org/credentials/v1",
125 |             "https://example.com/travel-vocab/v1"
126 |       ],
127 |       "id": "urn:uuid:58c08196-73c6-11e8-b030-3bd8a829a356",
128 |       "type": ["VerifiableCredential", "ChildTravelPass"],
129 |       "issuer": "did:example:BgXRjB4RPrrsUVoVNaYNwzfznKsWep7AWrZkiyVcorEN",
130 |       "expires": "2018-07-01T00:00:00Z",
131 |       "claim": {
132 |             "id": "did:example:8vFBbPrhBUyG6DEzVncBZpzBNsmRrbfsQKXQKPLskBCu",
133 |             "potentialAction": {
134 |                   "type": "TravelAction",
135 |                   "agent": "did:example:8vFBbPrhBUyG6DEzVncBZpzBNsmRrbfsQKXQKPLskBCu",
136 |                   "participant": "did:example:BcRisGnqV4QPb6bRmDCqEjyuubBarS1Y1nhDwxBMTXY4",
137 |                   "location": {
138 |                         "type": "Country",
139 |                         "address": {
140 |                               "addressCountry": "CA"
141 |                         }
142 |                   }
143 |             }
144 |       },
145 |       "proof": {/* signature by Rajesh proving control of DID */}
146 | }
147 |
148 | -------------------------------------------------------------------------------- /focal/4_gs1_identification_examples.html: -------------------------------------------------------------------------------- 1 |
2 |

Focal Use Case: Chain of GS1 Credentials to Identify a Trade Item

3 | 4 |

5 | These examples are based on the document "GS1 Verifiable Credentials - Data Model and Validations". The examples use Verifiable Credentials Data Model 2.0. 6 |

7 |

8 | The key artefact is the last one; it declares the existence of a GTIN, around which other Verifiable Credentials may be issued to declare data about the trade item (brand, size and unit of measure, ingredients, dimensions and weights, etc.). Validation of the artefact requires validating all the credentials that come before it, identified in each case by "extendsCredential". 9 |

10 | 11 | 
12 | {
13 |       "@context": [
14 |             "https://www.w3.org/ns/credentials/v2",
15 |             "https://ref.gs1.org/gs1/vc/license-context/"
16 |       ],
17 |       "id": "did:example:079713e6-9646-4de1-a89d-573dfbd77968",
18 |       "type": [
19 |             "VerifiableCredential",
20 |             "GS1PrefixLicenseCredential"
21 |       ],
22 |       "issuer": "did:web:id.gs1.org",
23 |       "validFrom": "2005-01-01T00:00:00Z",
24 |       "credentialSubject": {
25 |             "id": "did:web:www.gs1utopia.example",
26 |             "organization": {
27 |             "gs1:partyGLN": "9521230000000",
28 |             "gs1:organizationName": "GS1 Utopia",
29 |             ...
30 |             },
31 |             "licenseValue": "952"
32 |       },
33 |       "credentialStatus": {
34 |             "id": "https://id.gs1.org/vc/license/status/079713e6-9646-4de1-a89d-573dfbd77968",
35 |             "type": "StatusList2021Entry"
36 |       },
37 |       "proof": { ... }
38 | }
39 |
40 | 
41 | {
42 |       "@context": [
43 |             "https://www.w3.org/ns/credentials/v2",
44 |             "https://ref.gs1.org/gs1/vc/license-context/"
45 |       ],
46 |       "id": "did:example:b6d13abe-464d-4bb9-a568-b6d81efd57e3",
47 |       "type": [
48 |             "VerifiableCredential",
49 |             "GS1CompanyPrefixLicenseCredential"
50 |       ],
51 |       "issuer": "did:web:www.gs1utopia.example",
52 |       "validFrom": "2023-11-19T14:56:37Z",
53 |       "credentialSubject": {
54 |             "id": "did:web:www.healthytots.example",
55 |             "organization": {
56 |             "gs1:partyGLN": "9521234000006",
57 |             "gs1:organizationName": "Healthy Tots",
58 |             ...
59 |             },
60 |             "extendsCredential": "did:example:079713e6-9646-4de1-a89d-573dfbd77968",
61 |             "licenseValue": "9521234"
62 |       },
63 |       "credentialStatus": {
64 |             "id": "https://www.gs1utopia.example/credentials/gcp/status/b6d13abe-464d-4bb9-a568-b6d81efd57e3",
65 |             "type": "StatusList2021Entry"
66 |       },
67 |       "proof": { ... }
68 | }
69 |
70 | 
71 | {
72 |       "@context": [
73 |             "https://www.w3.org/ns/credentials/v2",
74 |             "https://ref.gs1.org/gs1/vc/declaration-context/"
75 |       ],
76 |       "id": "did:example:60cda318-a0a7-4e39-b600-ea38bf68a31f",
77 |       "type": [
78 |             "VerifiableCredential",
79 |             "KeyCredential"
80 |       ],
81 |       "issuer": "did:web:www.healthytots.example",
82 |       "validFrom": "2023-12-02T09:48:11Z",
83 |       "credentialSubject": {
84 |             "id": "https://id.gs1.org/01/09521234555551",
85 |             "extendsCredential": "did:example:b6d13abe-464d-4bb9-a568-b6d81efd57e3"
86 |       },
87 |       "credentialStatus": {
88 |             "id": "https://www.example.com/mycreds/status/60cda318-a0a7-4e39-b600-ea38bf68a31f",
89 |             "type": "StatusList2021Entry"
90 |       },
91 |       "proof": { ... }
92 | }
93 |
94 |
-------------------------------------------------------------------------------- /publication-snapshots/CGFR-2017-05-01/example.svg: -------------------------------------------------------------------------------- 1 | Example age verification flowJaneJaneCredential RepositoryCredential RepositoryUser AgentUser AgentCredential ConsumerCredential Consumer1Navigate to web siteMerchant requires thatweb site users be atleast 21 years of age2Request proof of age3Need proof of age4Displays relevant credentials5Selects a credential6Use this credential as proof of age7Verify8Redirect to web site -------------------------------------------------------------------------------- /publication-snapshots/CGFR-2017-05-01/uc-issuing-claims.svg: -------------------------------------------------------------------------------- 1 | Example credential creation flowJaneJaneUser AgentUser AgentCredential RepositoryCredential RepositoryIssuerIssuer1Navigate toweb site2Request Credential3Verifyidentity4Generate credential5Issue credential6Display credential7Save credential8Store credential9List of credentials10Show credential list -------------------------------------------------------------------------------- /publication-snapshots/CGFR-2017-05-01/user-roles.svg: -------------------------------------------------------------------------------- 1 | User RolesVerifiable ClaimsUser RolesIssuerInspectorHolderSubject -------------------------------------------------------------------------------- /publication-snapshots/CGFR-2017-05-01/user-tasks.svg: -------------------------------------------------------------------------------- 1 | User TasksVerifiable ClaimsUser TasksIssuerInspectorHolderSubject1. IssueClaim2. AssertClaim7. RevokeClaim3. VerifyClaim4. StoreClaim5. RetrieveClaim6. MoveClaim8. AmendClaim -------------------------------------------------------------------------------- /publication-snapshots/NOTE-2017-06-08/example.svg: -------------------------------------------------------------------------------- 1 | Example age verification flowJaneJaneCredential RepositoryCredential RepositoryUser AgentUser AgentCredential ConsumerCredential Consumer1Navigate to web siteMerchant requires thatweb site users be atleast 21 years of age2Request proof of age3Need proof of age4Displays relevant credentials5Selects a credential6Use this credential as proof of age7Verify8Redirect to web site -------------------------------------------------------------------------------- /publication-snapshots/NOTE-2017-06-08/uc-issuing-claims.svg: -------------------------------------------------------------------------------- 1 | Example credential creation flowJaneJaneUser AgentUser AgentCredential RepositoryCredential RepositoryIssuerIssuer1Navigate toweb site2Request Credential3Verifyidentity4Generate credential5Issue credential6Display credential7Save credential8Store credential9List of credentials10Show credential list -------------------------------------------------------------------------------- /publication-snapshots/NOTE-2017-06-08/user-roles.svg: -------------------------------------------------------------------------------- 1 | User RolesVerifiable ClaimsUser RolesIssuerInspectorHolderSubject -------------------------------------------------------------------------------- /publication-snapshots/NOTE-2017-06-08/user-tasks.svg: -------------------------------------------------------------------------------- 1 | User TasksVerifiable ClaimsUser TasksIssuerInspectorHolderSubject1. IssueClaim2. AssertClaim7. RevokeClaim3. VerifyClaim4. StoreClaim5. RetrieveClaim6. MoveClaim8. AmendClaim -------------------------------------------------------------------------------- /publication-snapshots/NOTE-2019-09-24/VerifiableCredentialsProblemDomains.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w3c/vc-use-cases/eb53b1e1cc588c87e9c7ef1c5611772e57749913/publication-snapshots/NOTE-2019-09-24/VerifiableCredentialsProblemDomains.png -------------------------------------------------------------------------------- /publication-snapshots/NOTE-2019-09-24/VerifiableCredentialsUserRoles.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w3c/vc-use-cases/eb53b1e1cc588c87e9c7ef1c5611772e57749913/publication-snapshots/NOTE-2019-09-24/VerifiableCredentialsUserRoles.png -------------------------------------------------------------------------------- /publication-snapshots/NOTE-2019-09-24/VerifiableCredentialsUserTasks.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w3c/vc-use-cases/eb53b1e1cc588c87e9c7ef1c5611772e57749913/publication-snapshots/NOTE-2019-09-24/VerifiableCredentialsUserTasks.png -------------------------------------------------------------------------------- /publication-snapshots/NOTE-2019-09-24/example.svg: -------------------------------------------------------------------------------- 1 | Example age verification flowJaneJaneCredential RepositoryCredential RepositoryUser AgentUser AgentCredential ConsumerCredential Consumer1Navigate to web siteMerchant requires thatweb site users be atleast 21 years of age2Request proof of age3Need proof of age4Displays relevant credentials5Selects a credential6Use this credential as proof of age7Verify8Redirect to web site -------------------------------------------------------------------------------- /publication-snapshots/NOTE-2019-09-24/uc-issuing-claims.svg: -------------------------------------------------------------------------------- 1 | Example credential creation flowJaneJaneUser AgentUser AgentCredential RepositoryCredential RepositoryIssuerIssuer1Navigate toweb site2Request Credential3Verifyidentity4Generate credential5Issue credential6Display credential7Save credential8Store credential9List of credentials10Show credential list -------------------------------------------------------------------------------- /refs.js: -------------------------------------------------------------------------------- 1 | /* globals respecConfig, $, localRoleInfo, roleInfo, require */ 2 | /* exported linkCrossReferences, restrictReferences, fixIncludes */ 3 | 4 | // add a handler to come in after all the definitions are resolved 5 | // 6 | 7 | require(["core/pubsubhub"], function( respecEvents ) { 8 | 9 | respecEvents.sub('end', function(message) { 10 | var needs = {} ; 11 | 12 | if (message === 'core/link-to-dfn') { 13 | $.each(document.querySelectorAll("udef"), function(i, item) { 14 | var container = item.parentNode; 15 | var content = item.innerHTML; 16 | var sp = document.createElement("span"); 17 | var title = item.getAttribute("title"); 18 | if (!title) { 19 | title = content; 20 | } 21 | 22 | var name = title.replace(/ .*$/, ''); 23 | name = name.replace(/\./, "_"); 24 | var id = "uneed_" + name; 25 | sp.id = id; 26 | sp.className = "userneed-name"; 27 | sp.title = title; 28 | 29 | sp.innerHTML = content; 30 | container.replaceChild(sp, item); 31 | needs[id] = content; 32 | }); 33 | 34 | $("uref").each(function() { 35 | var p = this.parentNode; 36 | var item = this.innerHTML; 37 | var id = item.replace(/\./, "_"); 38 | id = "uneed_"+id; 39 | 40 | if (needs[id]) { 41 | var ref = document.createElement("a"); 42 | ref.href = "#"+id; 43 | ref.innerHTML = needs[id]; 44 | p.replaceChild(ref, this); 45 | } 46 | }); 47 | } 48 | }); 49 | 50 | }); 51 | -------------------------------------------------------------------------------- /short/c1_find_a_doctor.html: -------------------------------------------------------------------------------- 1 |
2 | C.1 Find a doctor 3 |
4 |
5 | Jason is looking for a new primary care physician. His health 6 | provider 7 | includes information on their web site about the physicians they 8 | have on 9 | staff, including verifiable credentials about 10 | their 11 | education, board certification, and continuing education. Jason can 12 | verify 13 | these credentials and be confident that his new physician satisfies 14 | his 15 | requirements. 16 |
-------------------------------------------------------------------------------- /short/c2_busy_doctor.html: -------------------------------------------------------------------------------- 1 |
2 | C.2 Busy doctor 3 |
4 |
5 | Barney was a board-certified physician, but he ran out of time to 6 | complete 7 | his continuing education requirements and his certification lapsed. 8 | Since the 9 | board can revoke his certification, credential verifiers will 10 | automatically be aware that he can no longer issue prescriptions or 11 | perform 12 | medical procedures. 13 |
-------------------------------------------------------------------------------- /short/c3_bad_university.html: -------------------------------------------------------------------------------- 1 |
2 | C.3 Bad university 3 |
4 |
5 | Jane was issued a certificate by BigTraining Co., indicating that 6 | she was a 7 | trained Project Manager. It was later discovered that BigTraining 8 | Co. was not 9 | actually training anyone, and their organization's certificate was 10 | revoked via 11 | the US Department of Education's Accreditation Database. Jane's 12 | credential is 13 | therefore invalid, and prospective employers will be aware of this 14 | when they 15 | check her certifications. 16 |
-------------------------------------------------------------------------------- /short/c4_new_employer.html: -------------------------------------------------------------------------------- 1 |
2 | C.4 New employer 3 |
4 |
5 | Jessica is a medical doctor practicing in the United States. She has 6 | a variety 7 | of digital claims that explain her qualifications, schooling, 8 | continuing 9 | education achievements, and board certifications. These are all 10 | stored in the 11 | credential repository provided by her employer. When she is 12 | offered a 13 | position with another health provider network, she can automatically 14 | transfer 15 | all of these claims to her new employer. 16 |
-------------------------------------------------------------------------------- /short/c5_social_authority.html: -------------------------------------------------------------------------------- 1 |
2 | C.5 Social authority 3 |
4 |
5 | Josie is a healthcare worker that has created a profile on a 6 | professional 7 | social network to make herself readily available for new 8 | opportunities in the 9 | workforce. She lists her employment history and credentials 10 | including degrees, 11 | certificates, and digital badges. The website requests verification 12 | of her 13 | credential claims in order for her credentials to be visible 14 | when she 15 | posts messages. Josie authorizes the sharing of the relevant 16 | claims with 17 | the website, and the site verifies them before allowing Josie to 18 | expose them. 19 |
20 |
21 | "Freedom?" is an online forum that encourages free discussion about 22 | issues 23 | controversial in Freedonia. The forum allows users to register 24 | anonymous 25 | accounts, but it also allows users to obtain badges based upon 26 | real-world 27 | certifications. Paula has been certified as an aid worker, and 28 | wishes that 29 | information to be marked on her posts. She shares her certificate 30 | with the 31 | forum, but limits it to only verifying that she is the holder 32 | of the 33 | certificate, that she is the subject of it, and that she is 34 | an aid 35 | worker. In this way she maintains her anonymity in this 36 | controversial forum 37 | while still being able to assist her fellow countrymen. 38 |
-------------------------------------------------------------------------------- /short/c6_job_applicant.html: -------------------------------------------------------------------------------- 1 |
2 | C.6 Job applicant 3 |
4 |
5 | Software Co. has posted an open position online and they are 6 | receiving 7 | thousands of applications. Cindy has applied for the job. Unlike 8 | many 9 | applicants, she has attached her education credentials—college 10 | degree, 11 | additional specific software training, etc. Software Co. evaluates 12 | these 13 | credentials automatically as they receive her application. Because 14 | her 15 | materials are verifiable and verified, her application is 16 | immediately 17 | forwarded as a viable candidate. 18 |
-------------------------------------------------------------------------------- /short/d1_devices_during_manufacturing.html: -------------------------------------------------------------------------------- 1 |
2 | D.1 Devices during manufacturing 3 |
4 |
5 |

6 | Bob, the director of production at HVAC Manufacturing, issues a 7 | device-identifying verifiable credential (e.g. IDevID, IAK) 8 | at the 9 | factory for an energy-saving fan controller IoT device. 10 |

11 |

12 | Carol, senior quality engineer at Certifications Testing Lab, 13 | issues a 14 | certification of specification-compliance verifiable 15 | credential to the 16 | fan-controller device at the certification lab during the 17 | manufacturing 18 | process. 19 |

20 |

21 | When the fan controller is installed at the customer's office at 22 | Modern Office 23 | Spaces, the controller's identifying credential can be 24 | verified by Sam, 25 | IT technician, to establish the identity of the controller as part 26 | of the 27 | on-boarding of the new controller. The controller's 28 | specification-compliance 29 | credential is verified to demonstrate the controller's 30 | Energy-Star 31 | compliance. 32 |

33 |
-------------------------------------------------------------------------------- /short/d2_devices_during_delivery.html: -------------------------------------------------------------------------------- 1 |
2 | D.2 Devices during delivery 3 |
4 |
5 |

6 | As the fan controller leaves the factory, additional 7 | verifiable credentials are issued by Vince, a systems 8 | engineer at VAR 9 | Resellers, as he verifies the manufacturer's configuration matches 10 | the 11 | verifiable credentials accompanying the device. He then 12 | installs a 13 | software package specific to Modern Office Spaces needs and issues 14 | verifiable credentials that establish evidence of 15 | possession by VAR 16 | Resellers and the software additions Vince made to the device. 17 |

18 |

19 | Finally, upon delivery to Sam, the end customer, the 20 | verifiable credentials show that the fan controller has 21 | been securely 22 | handled and contains the correct features and certifications. 23 |

24 |
-------------------------------------------------------------------------------- /short/d3_devices_setup_for_operating_autonomously.html: -------------------------------------------------------------------------------- 1 |
2 | D.3 Devices setup for operating autonomously 3 |
4 |
5 |

6 | Sam, the new device owner, needs to trust the device originated 7 | from HVAC 8 | Manufacturing and was handled correctly at Certifications Testing 9 | Lab and 10 | installed with the correct software package at VAR Resellers. 11 | After Sam 12 | verifies each of the verifiable credentials, he issues 13 | another 14 | verifiable credential for fan controller #37 which includes 15 | assertions 16 | relating to trust: device manufacturer model/version, software 17 | manufacturer 18 | model/version, security versions of components TCB, and associated 19 | devices the 20 | fan controller is authorized to interact with including 21 | thermostat-board-room. 22 |

23 |

24 | The thermostat-board-room monitors room temperature. When the 25 | temperature is 26 | too hot it switches the fan controller #37 on and later when the 27 | temperature 28 | reaches a comfortable level, off. The device makes sure the 29 | control signals 30 | from thermostat-board-room are authorized (namely, that Sam 31 | intended for 32 | thermostat-board-room to control the fan controller). 33 |

34 |

35 | Sam is concerned about the security of the smart board room. He 36 | configures 37 | the autonomously interacting devices to re-verify device 38 | trustworthiness 39 | attributes periodically by re-checking that the device originated 40 | from HVAC 41 | Manufacturing and was handled correctly by Certifications Testing 42 | Lab and 43 | installed with the correct software package by VAR Resellers. 44 |

45 |

46 | Sam may update the device’s software occasionally during its 47 | lifetime. Even 48 | though Sam is applying the update, VAR Resellers supplies the 49 | correct update. 50 | The device ensures that only VAR Resellers is able to supply the 51 | updated 52 | software image and that only Sam is able to apply the update. 53 |

54 |
-------------------------------------------------------------------------------- /short/e1_digital_transcript.html: -------------------------------------------------------------------------------- 1 |
2 | E.1 Digital transcript 3 |
4 |
5 | Joleene is the registrar of Mega University and, by virtue of her 6 | office, is 7 | responsible for the integrity, accuracy, and security of academic 8 | records. 9 | Joleen has been a pioneering registrar in advocating an "extended 10 | transcript" 11 | that includes not only the standard set of course grades but also 12 | adds 13 | supplementary information on learner competencies. These might 14 | include work 15 | experiences and non-educational but marketable skills. Upon the 16 | request of her 17 | students, Joleen issues a digital credential that includes an 18 | extended 19 | transcript. 20 |
-------------------------------------------------------------------------------- /short/e2_taking_a_test.html: -------------------------------------------------------------------------------- 1 |
2 | E.2 Taking a test 3 |
4 |
5 | Eunice is about to take her ACT (a test used to evaluate her 6 | readiness for 7 | college). When she arrives at the testing center, she is required to 8 | present 9 | identification. Her government-issued identity certificate is 10 | acceptable, as 11 | the verifiable credentials contained in it reflect all of the 12 | required 13 | attributes and it is difficult to counterfeit. 14 |
-------------------------------------------------------------------------------- /short/e3_transferring_schools.html: -------------------------------------------------------------------------------- 1 |
2 | E.3 Transferring schools 3 |
4 |
5 | Rocky is an undergraduate student at Wossamotta U. His school 6 | provides a 7 | credential repository service to all students and alumni, so 8 | he chooses 9 | to use it. In his third year, Rocky decides to transfer to 10 | Moosylvania Tech. 11 | They do not offer a service, but he does not want to continue to use 12 | the 13 | service of his old (and now rival school) so he moves his 14 | claims to the 15 | service offered by his bank without needing to have them reissued. 16 |
-------------------------------------------------------------------------------- /short/e4_online_classes.html: -------------------------------------------------------------------------------- 1 |
2 | E.4 Online classes 3 |
4 |
5 | In MOOC and other online learning systems, being able to reliably 6 | identify 7 | participants is vital to ensure the individual evaluation and 8 | certification. 9 | Nick is participating in a course online and takes a test. He is 10 | required to 11 | provide his credentials to prove his identity before the test, and 12 | then to 13 | allow the system to issue a verifiable credential regarding 14 | the 15 | results of his test. 16 |
-------------------------------------------------------------------------------- /short/f1_reuse_know_your_customer.html: -------------------------------------------------------------------------------- 1 |
2 | F.1 Reuse know your customer 3 |
4 |
5 | Jane is opening an account at MidBank in Finland. As part of that 6 | process, 7 | the bank asks her to provide two from a variety of possible sources 8 | to confirm 9 | her identity — a so-called "Know Your Customer" 10 | check. She 11 | selects government-supplied verifiable credentials that 12 | confirm she 13 | receives postal mail at a certain address and that she has a 14 | national ID card. 15 | Confirming these allows the bank to open her account and be 16 | confident in her 17 | identity when she conducts transactions. 18 |
19 |
20 | Now that the account is open, Jane is issued a digitally-signed 21 | credential for her checking account at MidBank. This 22 | credential 23 | verifies that Jane has an account at MidBank and has access to her 24 | associated checking account. It is issued to a controlled 25 | identifier over which Jane has demonstrated proof-of-control. 26 | When presented, Jane again demonstrates proof-of-control over that 27 | identifier to give the verifier confidence that the current holder 28 | presenting the credential, is in fact, the original recipient of 29 | the credential. Since MidBank (and all banks in Finland) are 30 | required to perform "Know Your Customer" checks on 31 | accounts, this credential can also be treated as sufficient 32 | verification by other financial institutions. This helps Jane 33 | assure destination banks that she is verified, thereby 34 | allaying concerns about misdirected transactions and money 35 | laundering. 36 |
37 | -------------------------------------------------------------------------------- /short/f2_money_transfer.html: -------------------------------------------------------------------------------- 1 |
2 | F.2 Money transfer 3 |
4 |
5 | Susan wants to send funds to her family in another country via a 6 | popular money 7 | transfer service. She has verifiable credentials in her 8 | credential repository that can be used to share her 9 | identity profile. She has also been sent a credential from 10 | her 11 | family verifying their banking information. By sharing these with 12 | the money 13 | transfer service, they can automatically verify the source and 14 | destination of 15 | funds, thus being confident in the delivery of those funds and 16 | satisfying 17 | various regulations regarding prevention of money laundering. 18 |
-------------------------------------------------------------------------------- /short/f3_closing_account.html: -------------------------------------------------------------------------------- 1 |
2 | F.3 Closing account 3 |
4 |
5 | John opens a checking account at Big Bank Co and is issued a 6 | verifiable credential indicating that the account exists, 7 | that the bank 8 | verified John's identity, and that John has access to the account. 9 | Some time 10 | later, John is moving to a new city and decides to close that 11 | account. Big 12 | Bank Co needs to revoke that claim as part of their normal account 13 | closing 14 | process. 15 |
-------------------------------------------------------------------------------- /short/f4_trying_out_a_new_service.html: -------------------------------------------------------------------------------- 1 |
2 | F.4 Trying out a new service 3 |
4 |
5 | Nikita has several accounts with BigBank, as well as a brokerage 6 | account with 7 | WallStreetCo. She had placed all of her claims in a 8 | credential repository at BigBank that came free when she 9 | opened her 10 | accounts. WallStreetCo is now offering a new repository that 11 | has an 12 | interface she thinks she will prefer. Nikita copies her 13 | claims from 14 | BigBank into the repository at WallStreetCo to experiment with their 15 | service, 16 | but continues to use the service from BigBank while she is testing. 17 |
-------------------------------------------------------------------------------- /short/f5_new_bank_account_from_home.html: -------------------------------------------------------------------------------- 1 |
2 | F.5 New bank account from home 3 |
4 |
5 | Alice wants to open a new bank account. BigOnlineBank offers the 6 | ability to 7 | do this from home if she can provide electronic credentials. She 8 | offers 9 | government-issued certificates that verify her identity (address, 10 | national 11 | identity number, etc.), and opens her new account from her couch. 12 |
-------------------------------------------------------------------------------- /short/h1_prescribing.html: -------------------------------------------------------------------------------- 1 |
2 | H.1 Prescribing 3 |
4 |
5 | Barney is a physician, and has recently become board certified in 6 | his state. 7 | The state's board issues Barney a digital certificate confirming 8 | that he is 9 | certified to practice medicine in that state. Barney can now use 10 | this 11 | certificate when writing prescriptions and referrals, thereby 12 | improving 13 | accountability and verifiability. 14 |
-------------------------------------------------------------------------------- /short/h2_online_pharmacy.html: -------------------------------------------------------------------------------- 1 |
2 | H.2 Online pharmacy 3 |
4 |
5 | iPharmacy receives a prescription for Bob electronically from a 6 | local clinic. 7 | It includes a certificate about the physician that issued the 8 | prescription as 9 | well as one about Bob. iPharmacy's system automatically verifies the 10 | ability 11 | of the physician to write prescriptions, as well as Bob's insurance 12 | coverage. 13 | When Bob arrives to pick up his medication, iPharmacy further 14 | correlates his 15 | identity with the certificate, thereby improving the end-to-end 16 | accountability 17 | of their system. 18 |
-------------------------------------------------------------------------------- /short/h3_insurance_claim.html: -------------------------------------------------------------------------------- 1 |
2 | H.3 Insurance claim 3 |
4 |
5 | Tracy has a sore throat soon after moving to a new town. She finds a 6 | physician 7 | through her health care network and goes in for treatment. She is a 8 | new 9 | patient, so the clinic needs to know who she is and how she will be 10 | paying. 11 | When checking in, she presents her verifiable credential that 12 | demonstrates her identity and her proof of insurance. When the 13 | clinic submits 14 | this to the insurance company, they can automatically ascertain that 15 | she 16 | submitted her proof of identity and insurance to the provider and 17 | granted the 18 | physician the ability to submit the claim for payment. 19 |
-------------------------------------------------------------------------------- /short/h4_traveling_illness.html: -------------------------------------------------------------------------------- 1 |
2 | H.4 Traveling illness 3 |
4 |
5 | John is on the vacation of a lifetime, travelling the world. Falling 6 | ill, he 7 | visits a health clinic in a country in which he does not live. At 8 | the clinic, 9 | he is asked for proof of identity. He provides a credential that 10 | verifies his 11 | name and address, but elects not to disclose his marital status nor 12 | his social 13 | security number, as those are neither requested nor required at this 14 | clinic. 15 | He further marks the disclosure as expiring in 30 days—he does 16 | not want 17 | his information verifiable after that time. 18 |
-------------------------------------------------------------------------------- /short/h5_proving_legal_disability_status.html: -------------------------------------------------------------------------------- 1 |
2 | H.5 Proving Legal Disability Status 3 |
4 |
5 | Trina, who is legally blind, is currently unemployed, and needs to 6 | use the 7 | local free disability ride service to get to the employment office. 8 | To use 9 | this service, she is required to verify that she maintains legal 10 | disability 11 | status. Trina provides her government-issued disability credential 12 | to sign up 13 | for the ride service, and is not required to disclose her specific 14 | disability 15 | to the ride service, as this could put her at personal risk. 16 |
-------------------------------------------------------------------------------- /short/l1_digital_driving_license.html: -------------------------------------------------------------------------------- 1 |
2 | L.1 Digital driving license 3 |
4 |
5 | Asako just passed the final test to receive a drivers license. As 6 | she is still 7 | a new driver, and may be pulled over for a traffic violation, she 8 | would like 9 | to receive a credential that asserts a claim that she 10 | has right 11 | to drive a car. She requests a credential from the certifying 12 | authority 13 | (issuer) that she can use to prove to the officer 14 | (credential verifier) that her claim is valid. 15 |
-------------------------------------------------------------------------------- /short/l2_seamless_immigration.html: -------------------------------------------------------------------------------- 1 |
2 | L.2 Seamless immigration 3 |
4 |
5 | Tom is a frequent international traveler. In order to speed 6 | processing 7 | through immigration check points, he applies for a digital passport 8 | from his 9 | governmental authority. After satisfying background check 10 | requirements, the 11 | authority issues Tom an electronic version of his passport. This 12 | version is 13 | verifiable and retains a history of all the places he visits so that 14 | immigration officials can quickly and easily evaluate his 15 | suitability as a 16 | visitor to their country. Once they are satisfied, they will 17 | automatically 18 | add the details of this new visit to Tom's passport. 19 |
-------------------------------------------------------------------------------- /short/l3_speedy_air_travel.html: -------------------------------------------------------------------------------- 1 |
2 | L.3 Speedy air travel 3 |
4 |
5 | Security for air travel is more and more rigorous, requiring more 6 | and more 7 | time to validate each passenger. Ivan has a collection of 8 | verifiable credentials that are assembled into his air travel 9 | Identity Profile. When Ivan needs to pass through a 10 | security 11 | checkpoint at his airport, he presents this profile before entering 12 | the 13 | line. Because his identification can be immediately and 14 | automatically 15 | verified, he is permitted to skip the long line and go straight to 16 | the 17 | metal detector. 18 |
-------------------------------------------------------------------------------- /short/l4_refugee_crisis.html: -------------------------------------------------------------------------------- 1 |
2 | L.4 Refugee crisis 3 |
4 |
5 | Thousands of people each year are displaced because of man-made and 6 | natural 7 | disasters. Anoushka is one such, having been forced to flee her 8 | village along 9 | with her mother and younger brother. They reach an IFRC center just 10 | across 11 | the border in a relatively safe area, but with no documentation. 12 | Since the 13 | government of her homeland is in turmoil, there is no way for the 14 | IFRC staff 15 | to easily establish their identities. Fortunately, Anoushka had been 16 | issued 17 | a self-sovereign proof of birth, attached to which is the proof of 18 | birth and 19 | marriage for her parents. She is able to retrieve this because it is 20 | available 21 | from many places often the Internet. Since it is verifiable, the 22 | IFRC is 23 | comfortable vouching for them and resettling them in a safer area 24 | for the 25 | duration of the conflict. 26 |
-------------------------------------------------------------------------------- /short/r1_address-verification.html: -------------------------------------------------------------------------------- 1 |
2 | R.1 Address verification 3 |
4 |
5 | Francis has found the perfect pair of shoes. When processing orders, 6 | Giant Shoe 7 | Company wants to be certain that his shipping address is accurate 8 | (inaccurate 9 | addresses are very expensive in terms of customer service). They 10 | offer a 11 | discount for customers who make verifiable addresses available as 12 | part of the 13 | checkout process. Francis offers his certificate and gets the 14 | perfect shoes for 15 | even less than he expected. 16 |
-------------------------------------------------------------------------------- /short/r2_adult_beverages.html: -------------------------------------------------------------------------------- 1 |
2 | R.2 Adult beverages 3 |
4 |
5 | June goes to her local beer and wine store to buy a bottle of wine. 6 | She submits 7 | her identity credential that lets the liquor store owner know that 8 | she is over 9 | 21 without having to reveal her actual date of birth, her address, 10 | or her state 11 | ID number. 12 |
-------------------------------------------------------------------------------- /short/r3_fraud_detection.html: -------------------------------------------------------------------------------- 1 |
2 | R.3 Fraud detection 3 |
4 |
5 | On a bright Sunday, Oskar remembers that he still needs to buy his 6 | wife a 7 | precious gift for their wedding anniversary. However, he is acutely 8 | aware that 9 | it is precisely in weekends that gangs set up fraudulent web shops 10 | that claim 11 | to sell such gifts, while in fact they only take the cash, and 12 | disappear on 13 | Mondays. So before actually purchasing a gift from the web shop of 14 | his choice, 15 | he requests the shop to provide a credential issued by the chamber 16 | of commerce, 17 | that contains proof of legitimacy. After having verified that the 18 | shop is 19 | legit, he can purchase his gift. 20 |
-------------------------------------------------------------------------------- /short/r4_bona_fide_shopper.html: -------------------------------------------------------------------------------- 1 |
2 | R.4 Bona-fide shopper 3 |
4 |
5 | David owns a restaurant and has registered with a low cost wholesaler to purchase provisions in bulk. The wholesaler has 6 | issued a credential to David, to prove that he is entitled to enter the warehouse in order to purchase goods that are 7 | not available to the general public. The credential is marked "non-transferable" to stop David passing the credential to 8 | his friends to allow them to purchase low cost provisions. 9 |
-------------------------------------------------------------------------------- /terms.html: -------------------------------------------------------------------------------- 1 |

2 | The following terms are used to describe concepts in this specification. 3 |

4 | 5 |
6 |
claim
7 |
8 | An assertion made about a subject. 9 |
10 |
credential
11 |
12 | A set of one or more claims made by an issuer. A 13 | verifiable credential is a 14 | tamper-evident credential that has authorship that can be cryptographically 15 | verified. Verifiable credentials can be used to build 16 | verifiable presentations, which can also be cryptographically verified. 17 | The claims in a credential can be about different subjects. 18 |
19 |
data minimization
20 |
21 | The act of limiting the amount of shared data strictly to the minimum 22 | necessary to successfully accomplish a task or goal. 23 |
24 |
decentralized identifier
25 |
26 | A portable URL-based identifier, also known as a DID, 27 | associated with an entity. These identifiers are most often used in a 28 | verifiable credential and are associated with subjects such that a 29 | verifiable credential itself can be easily ported from one 30 | repository to another without the need to reissue the credential. 31 | An example of a DID is did:example:123456abcdef. 32 |
33 |
decentralized identifier document
34 |
35 | Also referred to as a DID document, this is a document 36 | that is accessible using a verifiable data registry and contains 37 | information related to a specific decentralized identifier, such as the 38 | associated repository and public key information. 39 |
40 |
derived predicate
41 |
42 | A verifiable, boolean assertion about the value of another attribute in a 43 | verifiable credential. These are useful in zero-knowledge-proof-style 44 | verifiable presentations because they can limit information disclosure. 45 | For example, if a verifiable credential contains an attribute 46 | for expressing a specific height in centimeters, a derived predicate 47 | might reference the height attribute in the verifiable credential 48 | demonstrating that the issuer attests to a height value meeting the 49 | minimum height requirement, without actually disclosing the specific height 50 | value. For example, the subject is taller than 150 centimeters. 51 |
52 |
digital signature
53 |
54 | A mathematical scheme for demonstrating the authenticity of a digital message. 55 |
56 |
entity
57 |
58 | A thing with distinct and independent existence, such as a person, 59 | organization, or device that performs one or more roles in the ecosystem. 60 |
61 |
graph
62 |
63 | A network of information composed of subjects and their relationship 64 | to other subjects or data. 65 |
66 |
holder
67 |
68 | A role an entity might perform by possessing one or more 69 | verifiable credentials and generating presentations from them. 70 | A holder is usually, but not always, a subject of the verifiable 71 | credentials they are holding. Holders store their credentials in 72 | credential repositories. 73 |
74 |
identity
75 |
76 | The means for keeping track of entities across contexts. Digital 77 | identities enable tracking and customization of entity interactions 78 | across digital contexts, typically using identifiers and attributes. Unintended 79 | distribution or use of identity information can compromise privacy. Collection 80 | and use of such information should follow the principle of 81 | data minimization. 82 |
83 |
identity provider
84 |
85 | An identity provider, sometimes abbreviated as IdP, is a system 86 | for creating, maintaining, and managing identity information for 87 | holders, while providing authentication services to 88 | relying party applications within a federation or distributed network. 89 | In this case the holder is always the subject. Even if the 90 | verifiable credentials are bearer credentials, it is assumed the 91 | verifiable credentials remain with the subject, and if they are 92 | not, they were stolen by an attacker. This specification does not use this term 93 | unless comparing or mapping the concepts in this document to other 94 | specifications. This specification decouples the identity provider 95 | concept into two distinct concepts: the issuer and the holder. 96 |
97 |
issuer
98 |
99 | A role an entity can perform by asserting claims about one or 100 | more subjects, creating a verifiable credential from these 101 | claims, and transmitting the verifiable credential to a 102 | holder. 103 |
104 |
presentation
105 |
106 | Data derived from one or more verifiable credentials, issued by one or 107 | more issuers, that is shared with a specific verifier. A 108 | verifiable presentation 109 | is a tamper-evident presentation encoded in such a way that authorship of the 110 | data can be trusted after a process of cryptographic verification. Certain 111 | types of verifiable presentations might contain data that is synthesized from, 112 | but do not contain, the original verifiable credentials (for example, 113 | zero-knowledge proofs). 114 |
115 |
repository
116 |
117 | A program, such as a storage vault or personal verifiable credential 118 | wallet, that stores and protects access to holders' 119 | verifiable credentials. 120 |
121 |
selective disclosure
122 |
123 | The ability of a holder to make fine-grained decisions about what 124 | information to share. 125 |
126 |
subject
127 |
128 | A thing about which claims are made. 129 |
130 |
user agent
131 |
132 | A program, such as a browser or other Web client, that mediates the 133 | communication between holders, issuers, and verifiers. 134 |
135 |
validation
136 |
137 | The assurance that a verifiable credential or a 138 | verifiable presentation meets the needs of a verifier and other 139 | dependent stakeholders. This specification is constrained to verifying 140 | verifiable credentials and verifiable presentations regardless of 141 | their usage. Validating verifiable credentials or 142 | verifiable presentations is outside the scope of this specification. 143 |
144 |
verifiable data registry
145 |
146 | A role a system might perform by mediating the creation and verification 147 | of identifiers, keys, and other relevant data, such as 148 | verifiable credential schemas, revocation registries, issuer public keys, 149 | and so on, which might be required to use verifiable credentials. Some 150 | configurations might require correlatable identifiers for subjects. Some 151 | registries, such as ones for UUIDs and public keys, might just act as namespaces 152 | for identifiers. 153 |
154 |
verification
155 |
156 | The evaluation of whether a verifiable credential or verifiable presentation 157 | is an authentic and timely statement of the issuer or presenter, respectively. 158 | This includes checking that: the credential (or presentation) conforms to the specification; the proof method is 159 | satisfied; and, if present, the status is successfully checked. 160 | 161 |
162 |
verifier
163 |
164 | The entity verifying a claim about a given subject. 165 |
166 |
URI
167 |
168 | A Uniform Resource Identifier, as defined by [[RFC3986]]. 169 |
170 |
-------------------------------------------------------------------------------- /uc-issuing-claims.pml: -------------------------------------------------------------------------------- 1 | @startuml 2 | ' Built at http://plantuml.com/plantuml/ 3 | ' Modified by @halindrome to harmonize terminology 4 | !includeurl https://raw.githubusercontent.com/w3c/webpayments-ig/master/VCTF/common/skin.pml 5 | !ifndef SKIN_INCLUDED 6 | skinparam { 7 | backgroundColor transparent 8 | defaultFontName Lucida Sans 9 | shadowing false 10 | } 11 | skinparam sequence { 12 | DividerBackgroundColor transparent 13 | LifeLineBackgroundColor transparent 14 | } 15 | !endif 16 | Autonumber 17 | 18 | Actor "Jane" as Holder 19 | Participant "User Agent" as UA 20 | Participant "Credential Repository" as CS 21 | Participant "Issuer" as Issuer 22 | 23 | Holder->UA: Navigate to\nweb site 24 | UA->Issuer: Request Credential 25 | Issuer->Issuer: Verify\nidentity 26 | Issuer->Issuer: Generate credential 27 | Issuer->UA: Issue credential 28 | UA->Holder: Display credential 29 | Holder->UA: Save credential 30 | UA->CS: Store credential 31 | CS->UA: List of credentials 32 | UA->Holder: Show credential list 33 | 34 | title Example credential creation flow 35 | 36 | @enduml 37 | -------------------------------------------------------------------------------- /uc-issuing-claims.svg: -------------------------------------------------------------------------------- 1 | Example credential creation flowJaneJaneUser AgentUser AgentCredential RepositoryCredential RepositoryIssuerIssuer1Navigate toweb site2Request Credential3Verifyidentity4Generate credential5Issue credential6Display credential7Save credential8Store credential9List of credentials10Show credential list -------------------------------------------------------------------------------- /user-tasks.svg: -------------------------------------------------------------------------------- 1 | User TasksVerifiable ClaimsUser TasksIssuerInspectorHolderSubject1. IssueClaim2. AssertClaim7. RevokeClaim3. VerifyClaim4. StoreClaim5. RetrieveClaim6. MoveClaim8. AmendClaim -------------------------------------------------------------------------------- /w3c.json: -------------------------------------------------------------------------------- 1 | { 2 | "group": [ 3 | "98922" 4 | ], 5 | "contacts": [ 6 | "iherman" 7 | ], 8 | "shortName": "vc-use-cases", 9 | "repo-type": "note" 10 | } 11 | --------------------------------------------------------------------------------