-
Notifications
You must be signed in to change notification settings - Fork 106
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add section about terms of use #48
Comments
Another use case for issuer's TOS, from the mailing list:
|
I see two different 'terms of use'. The first is the policy of the issuer. This states the restrictions on the use of the VC by the subject, and the inspector should honour this policy. If the inspector disregards this policy then the issuer will take no responsibility for this i.e. the risk from use of the VC is entirely upon the inspector. |
Hi all, have you looked at: The POE WG (listed on your Charter under Liaisons) would be happy to chat more and look into the use case(s) ;-) |
@riannella Would you be able to join the VCWG to give a background on POE and ODRL and how we may be able to use it to express things like "consent", "terms of use", and "policy" for Verifiable Credentials? |
Yes, that would be fine. What times is the VCWG call? (I am in Brisbane, AU) #41 |
I think this issue can be closed now since we have a terms of use section in the latest VC Data Model document |
Closing, per @David-Chadwick's observation. We will continue to discuss exactly how to express terms of use using ODRL in another issue. |
Currently we don't have a section on how the data model supports various terms-of-use scenarios.
There have been discussions about expiry, revocation, and scope of use, but none have matured enough to have made it into the data model.
In particular, we need some distinction between terms of use for a given claim or credential, as set by the issuer, and the terms of use of a given presentation, as set by the controller of the claim.
Without the right hooks in the data model for this, we're propagating legacy problems related to data binding, the right to erasure, and other privacy issues.
FWIW, the UMA work on scope may be of use. https://docs.kantarainitiative.org/uma/rec-uma-core.html
The text was updated successfully, but these errors were encountered: