peppelinux
commented
1 week ago This cannot be performed as the Credential Issuer must not keep track and keep details of the issued credentials, thus will not be able to be aware if the credential needs to be updated (see issue 425 for example)
it must, since a citizen might lose its right due to a crime or other giurisdictional events. The citizen dies and other.
Therefore a status attestation that doesn't match the credential will only return an error.
It returns an error.
In this case Credential Issuer cannot and must not revoke the credential.
if the data about the credential's subject changes, the credential must be revoked and the user must get a message to be informed about this event
The other circumstances are not under control of the Credential Issuer, therefore the revocation is not 'driven' by the Issuer itself but by the Wallet, and Credential Issuer cannot (and must not) be aware of the reasons behind the revocation request
There are situations where the decision to revoke a credential is not made by the Credential Issuer. In cases where jurisdictional authorities or the user decide to revoke the credential, a message is sent by these parties to the Credential Issuer, who then acts as the material revoker of the credential.
In the actual version, is required that the Credential Issuer MUST revoke a Digital Credential when the following circumstances occur:
This cannot be performed as the Credential Issuer must not keep track and keep details of the issued credentials, thus will not be able to be aware if the credential needs to be updated (see issue 425 for example). Therefore a status attestation that doesn't match the credential will only return an error. In this case Credential Issuer cannot and must not revoke the credential.
The other circumstances are not under control of the Credential Issuer, therefore the revocation is not 'driven' by the Issuer itself but by the Wallet, and Credential Issuer cannot (and must not) be aware of the reasons behind the revocation request