Why is the Identity Profile not included in the list of "standardization work"? about vc-data-model HOT 5 CLOSED

An interesting observation, and after reading through those sections again my guess (not being an author of this) is a combination of the following:

1. Perhaps if "the minimum information necessary to create and use entity credentials" is achieved, then the required architecture is also achieved to make Identity Profiles; but not the other way around.
2. There's been reported, on the mailing list, to be a lot of politics around "Identity" that might be best avoided by people who see it as a morass; and since (as someone also said) the VC work will not "solve" Identity on the Internet, perhaps not mentioning it, when the opportunity presented itself, was attractive.

I agree that it looks like a major omission in the flow of the document though, because of the equal space and size given to the Entity Credential and Identity Profile.

So, personally at this point, I can live with it but I'm not completely happy. :-)

from vc-data-model.

The short answer is that the schema of the Identity Profile is inherently emergent. Different creators and recipients will have different needs and those needs will change over time.

The VCTF previously used to use the term "Identity", defined as all the claims about a particular person, which is aligned with related ISO standards. I advocate against using "Identity" in that way because it is confusing and rarely captures the needed complexity, especially for real-world uses of identity aka "legal identity". Instead, I argue in favor of describing identity systems in terms of how they enable or prevent correlation. (You can read the Rebooting Web of Trust paper http://bit.ly/identitycrisispaper for a more complete argument.)

In part in response to that conversation, VCTF turned to "Identity Profile" to capture essentially the same idea: the collection of all the identity-enabling information stored as verifiable claims. However, the schema for that profile will, by design, be flexible over time as uses cases, technologies, and regulations evolve.

My experience with different attempts to define a universal schema for "identity" suggest that it is an intractable problem due to the continually changing intersection of the need for minimal disclosure and the flexibility required by recipients for identity assurance. There's still value in referring to the set of identity-enabling claims collectively and "Identity profile" is as good a term as any. There just isn't a closed form data model for what information can actually be captured in said profile.

from vc-data-model.

I withdraw my earlier comment without prejudice. ;)

The Entity Profile is missing, and in the latest PR #67, incorrect as commented in #67 (comment)

I answered a more overarching question because I didn't understand that Entity Profiles were what holders present to inspector-verifiers. I spent a year thinking claims were presented, and therefore interpreted Entity Profiles to be the collection of claims related to an individual, which for various reasons is often the end-goal for many new to issues of digital identity, i.e. "What are the necessary attributes to prove someone's identity". That question remains intractable.

However, for any given use, we can and should demonstrate the Entity Profile actually presented to the inspector-verifier.

from vc-data-model.

We plan on addressing this when we address #66 with a PR to resolve related terminology issues.

from vc-data-model.

We have the concept of a "Verifiable Profile" in the spec now:

Closing this issue.

from vc-data-model.