Closed peppelinux closed 4 months ago
What about Status Evidence?
This would be close to the Wallet Trust Evidence we have for eIDAS
I suggest we have a chat with RATS about this... they use these terms a lot, and will be very unhappy if we do not attempt to foster alignment... as will I : )
"status assertions" seems reasonably good/appropriate here. The term "attestation" is just quite popular right now and carries some assumptions/connotations due to wide use in a different context. The term "assertion" is overloaded too (as are most terms) but less problematically so. And I think "assertion" does nicely convey the intent.
I suddenly realized that "status $something" misses the subject, the name would therefore be "Digital Credential Status Assertions"
This specification excludes its use with traditional OAuth 2.0/OIDC tokens. While the OAuth Status List shares some similarities, the OAuth 2.0 Introspection endpoint is deemed sufficient for such tokens due to several key differences:
Following the Architecture for Trustworthy and Transparent Digital Supply Chains (SCITT), this looks pretty close to the purpose of this specs
{{NIST.SP.800-63-3}} defines "assertion" as "A statement from a verifier to an RP that contains information about a subscriber.
Assertions may also contain verified attributes."
@SaraConsoliACN could you please create a PR with the proposal of the specification name change?
Could it be "status tokens" or "status assertions"?