w3c / vc-use-cases

Verifiable Credentials Use Cases
https://w3c.github.io/vc-use-cases/
Other
50 stars 22 forks source link

Update requested for section 6.2 (VC usage) #143

Open RieksJ opened 1 year ago

RieksJ commented 1 year ago

Section 6.2 is much more of an illustration of a very specific use-case, which (except for the age) is identical with the use-case r.2 in section 3.2. As such, it brings no real added value.

I suggest that the figure (and subsequent texts) are adjusted to show the following steps:

  1. Jane decides to request a product or service from a service/product provider SPP, and navigates to its website.
  2. SPP creates a claim request/presentation request (see #139) to request information that it needs to (a) decide whether or not to provide the product/service, and (b) prepare the delivery of such product of service, and sends it to Jane
  3. Jane receives and processes the request (see #140) which may include displaying relevant claims/credentials on the screen and if there is a choice to be made (e.g. when a bank-account is requested and Jane has several, then) she needs to select one;
  4. If Jane doesn't have one or more of the requested claims, she may obtain the missing claims/credentials from the point-of-issue of an issuer that provides such claims (see #141), store the response in her credential repository
  5. Jane constructs a response conformant to the request received from SPP, and sends it to SPP
  6. SPP verifies the response (checks structure, signatures)
  7. SPP validates the response (i.e. evaluates the criteria that it has decided that data from the responses must comply with in order to be valid to determine whether or not to provision the product/service and prepare its delivery)
  8. SSP redirects Jane's user agent to the website that will do the actual provisioning of the product/service.