Hello Sovrin community!
I found following piece in protocol docs.
Because Relationships and Attributes are orthogonal, an Issuer does not issue credentials to a particular DID. Remember DIDs are contextual to a relationship, and Credentials should be usable in different relationships without sharing correlation handles across relationships or contexts.
Let me validate my understanding of this.
Let’s say John is using DID “A” for relationship with a bank. Bank issues verifiable claim for John. Now John wants to prove to Organization Inc. certain information contained in the claim. How will this be done?
My original understanding was:
John will receive from a bank a claim - a signed document containing following information:
- John’s DID “A” (therefore specifying for whom the claim was issued, and then it would be up to holder of the claim to prove he is owner of given DID)
- Information issued by bank for John.
For communication with Organization Inc., John would prove his ownership of “A” DID and submit his verifiable claim. The Organization will:
- verify his ownership “A” DID
- verify the whether the claim was truly signed by Bank.
My new, mixed thoughts and questions:
After reading the piece above from documentation, seems like I am completely off. My original understanding breaks down right at the beginning at the architecture of a claim. Particularly this part: “Issuer does not issue credentials to a particular DID”. If the claim is not tied with DID, what piece of information ties the claim with holder? How the holder proves the claim was really issued for him? Verkey?