Clarification on Data model : Profile

[sudeshrshetty]

As mentioned in the spec, A profile is a named bucket for grouping wallet content.

Does it mean that a single wallet instance can have multiple profiles? or it can have multiple profiles managed by same holder(or entity)?

[jgoodell2]

I also questioned intent of Profile in the spec because the word profile is used for something else in other standards (e.g. for xAPI a profile defines a data pattern and controlled vocabulary supporting a specific use case). After rereading I understand it here to be a mechanism for defining a Persona under which  items within a wallet are grouped. You could have one wallet with both your professional persona as a software engineer and avocational persona as a musician and have credentials,cards, or even buckets of currency tied to persona. This helps with querying contents by grouping kinds of records, but doesn’t define the data type or structure for interpretation or translation of any kind of contents. It looks like multiple profile/groupings can exist in one wallet but an item can only belong to one group. Am I Reading this correctly? Is correlation the means to link profile and items within the grouping or some other structure?

Sent from Yahoo Mail for iPhone

On Tuesday, January 5, 2021, 10:40 PM, Sudesh Shetty notifications@github.com wrote:

As mentioned in the spec, A profile is a named bucket for grouping wallet content.

Does it mean that a single wallet instance can have multiple profiles? or it can have multiple profiles managed by same holder(or entity)?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.

[sudeshrshetty]

Yes correlation is tricky here. Data models like credentials can't have a new field like correlation unless we force users to update their VC contexts or update w3 VC contexts (eg: "https://www.w3.org/2018/credentials/v1").

[OR13]

Yes, a single wallet can hold multiple "profiles"... I am not in love with the word, suggestions welcome.

The idea is that I might store contents grouped by an alias, or pseudonym...

Some content might be related to my public professional profile (like my linked in)... other stuff might be related to personal stuff (like facebook).... other stuff might be related to identities I intentionally never make public or want correlated.

If a wallet does not have a way of representing these relationships, it cannot help you manage potential risks of disclosure or correlation.

Is there any language which we can propose to improve this?

[sudeshrshetty]

@OR13 @jgoodell2 how about calling it as vault?

[OR13]

I am not in love with the word vault for this, because vaults are already a thing in password managers and encrypted data vaults.... in practice... we use encrypted data vaults to store wallet contents that might span multiple profiles...

bikeshedding:

• contentGroup
• collectionTag
• tag
• group
• label
• profile

[sudeshrshetty]

@OR13 I liked below 2 suggestions,

• contentGroup
• collectionTag

since it is kind of tagging wallet contents, we can also call it as 'contentTag'

[OR13]

If we can get away with a single word, I would prefer: tag, collection or group... remember, with the power of JSON-LD we can put paragraphs of context behind a single word :)

[sudeshrshetty]

I am also thinking about scenario where a parent's wallet is custodian for some of their kid's credentials until they are old enough. I think collection fits well in this scenario.

[kimdhamilton]

I like @jgoodell2's term "Persona" for this concept.

[OR13]

@kimdhamilton but what about the robots? I as a robot, I don't like all this human centered design stuff.

In all seriousness, this feature needs to work for Non Person Entities, such as Government Branches, Corporate Sub Divisions and IoT devices.

Persona also has baggage... https://blog.mozilla.org/addons/personas-are-now-firefox-themes/

[kimdhamilton]

I re-read the description of this concept and think profile is confusing here because it can be used to (for example) group my credentials by issuing organization, etc.

Additional criteria: term should not risk implying exclusive membership.

I lean towards collection or group, vs tag (which seems like the label applying to a group of entities vs the group of entities itself).

Collection has nice data structure semantics that would be useful here. Combined with disambiguation enabled by LD, that provides the necessary context, so I vote for that.

[jandrieu]

I would like to suggest the following definition for profile, although the semantics I'm suggesting are different than the current one:

A collection of cryptographic material and its associated credentials and capabilities, such that they can be used together. For example, a credential issued to a profile can be legitimately presented by anyone who can execute the cryptographic proofs in that profile. Profiles are decentralized and portable. Any service that can understand the cryptography can make use of the profile.

This is a definition in use by several clients today, which effectively means that if you control the crypto for a profile, you can act on behalf of that profile--regardless of where that profile (or any associated data) actually live.

This is not merely a nickname or alias or grouping. It's not just a "folder" or "tag" used for grouping, it is literally defined by the cryptographic functionality. You can't just move a VC from one profile to another; a VC is issued to an identifier under control of a profile. This is substantially different than A profile is a named bucket for grouping wallet content.

I like "collection" or "group", but...

With my requirements engineering hat on, my question is what is that collection used for? How does it get used? How does it show up in the interface? The mechanisms for an exclusive hierarchy (like a file system) are going to be different for non-exclusive groups (like a tag-based folksonomy).

It's relatively easy to build an exclusive system on top of a non-exclusive system by enforcing additional rules, e.g., no more than one tag of a particular set, but the reverse is often not true without additional support at the platform level. For example, it isn't easy to group my windows files by multiple non-exclusive types without an overlay on top of the windows file system. Windows already uses the file extension as a presumptive tag within the hierarchical file structure, but adding a disjoint set of tags isn't directly supported.

Are we looking for hierarchy or to support a folksonomy?

[kimdhamilton]

Those semantics are stricter than (what I think is) the emergent concept we're talking about here. What you're talking about may be useful, and may end up being called profile, but that's heavier weight than what we seem to be orbiting around, which is simply this:

"A profile is a named bucket for grouping wallet content"

But I did miss something in my previous comment. We're talking here about a collection (grouping of wallet content), and yes, a "profile" (name TBD) for that collection.

The specific examples and accompanying text listed make that a bit muddied, and I see what you are saying. Let me follow up with some use cases (as I see it)

[kimdhamilton]

We definitely need to clear up some things. I'm taking "wallet contents" to mean any object in the wallet; i.e. not simply groups of credentials. The collection contents may also be populated dynamically (by facet, tag, whatever).

The associated collection description (currently called "profile" in the spec) may be derived from credentials (ex 1), may be based on info I provided (ex 2), or may be generated by the wallet (ex 3). And again, the collection contents may just be the results of queries by collection

Very rough examples:	Number	Collection	Collection name	Description of Collection / "Profile"
1	credentials issued by issuer A	"Issuer A"	Information about issuer A (type Organization)
2	Credentials related to my work history	"Kim's Verifiable Work Record"	Information about me (type Person)
3	all issuers/orgs that have issued me credentials	"My Issuers"	maybe some wallet-generated metadata

We should discuss whether this is a shared interpretation before proceeding :)

[jandrieu]

@kimdhamilton Understood. Call my comment a long-winded vote for anything other than "profile", as that has gained some traction with several implementers for the specific definition I gave.

Your last list of use cases make me think "collection" is pretty good. The descriptive phrases with "collection" were easy to understand and on point.

"A collection is a named bucket for grouping wallet content"

[kimdhamilton]

Make explicit: membership not unique

[OR13]

It would be good to provide some examples where an item is part of multiple collections... basically, better examples