- changed component to VC Sec&Trust
[VC Security & Trust Document] Does a presentation require holder binding?
Regarding this open question: “Should a "presentation" always mean/require cryptographic holder binding? Should these use cases where it is not required covered by the protocol?”
Giuseppe De Marco
it may depends by use cases.
presenting personal identification data, for authentication purpose, or verifiable attestation of attributes, for instance: diploma use cases and any other attestation, like mDL. In these cases the binding of the owner and the proof of it’s willing during the presentation is a mandatory requirement.
there are other cases where the VC is a cinema ticket, a parking ticket, laundry ticket and other cases where the credentials may be shared between different holders. In this cases there would not be the security requirement of the binding and that’s up to the nature of the credentials and service it is required to be used on.
usually, these VC/services, should be like disposable tickets, to be used only once.
Different cases are subscriptions or VCs which, by their very nature, must be resubmitted from time to time.
Comments (2)
-
-
- changed status to wontfix
Moving to new Repo under Digital Credentials Protocols WG
- Log in to comment