Make trust model section discuss expectations.

w3c · Apr 16, 2024 · 078c6a7 · 078c6a7
1 parent cff9ea1
commit 078c6a7
Showing 1 changed file with 32 additions and 29 deletions.
diff --git a/index.html b/index.html
@@ -3000,69 +3000,72 @@ <h3>Lifecycle Details</h3>
         <h3>Trust Model</h3>
 
         <p>
-The [=verifiable credentials=] trust model is as follows:
+The [=verifiable credentials=] trust model is based on the following
+expectations:
         </p>
 
         <ul>
           <li>
-The [=verifier=] trusts the [=issuer=] to issue the [=credential=] that
-it received. To establish this trust, a [=credential=] is expected to either:
+The [=verifier=] expects the [=issuer=] to verifiably issue the
+[=credential=] that it receives. This can be established by satisfying
+either of the following:
             <ul>
               <li>
-Secure the [=credential=] with a <a href="#securing-mechanisms">securing mechanism</a> establishing that the
-[=issuer=] generated the [=credential=] (that is, it is a
-[=verifiable credential=]), or
+A [=verifier=] is expected to secure a [=credential=] with a 
+<a href="#securing-mechanisms">securing mechanism</a> which establishes
+that the [=issuer=] generated the [=credential=]. (In other words, an
+[=issuer=] is expected to [=issue=] a [=verifiable credential=].)
               </li>
               <li>
-Have been transmitted in a way clearly establishing that the [=issuer=]
-generated the [=verifiable credential=] and that the
-[=verifiable credential=] was not tampered with in transit or storage. This
-trust could be weakened depending on the risk assessment of the [=verifier=].
+A [=credential=] is expected to be transmitted in a way that clearly
+establishes that the [=issuer=] generated the [=credential=], and that
+the [=credential=] was not tampered with in transit nor storage. This
+expectation could be weakened, depending on the risk assessment by the
+[=verifier=].
               </li>
             </ul>
           </li>
           <li>
-All [=entities=] trust the [=verifiable data registry=] to be
-tamper-evident and to be a correct record of which data is controlled by which
-[=entities=].
+All [=entities=] expect the [=verifiable data registry=] to be tamper-evident
+and to be a correct record of which data is controlled by which [=entities=].
           </li>
           <li>
-The [=holder=] and [=verifier=] trust the [=issuer=] to issue
-true (that is, not false) [=credentials=] about the [=subject=], and to
-revoke them quickly when appropriate.
+The [=holder=] and [=verifier=] expect the [=issuer=] to stand by [=claims=]
+it makes in [=credentials=] about the [=subject=], and to revoke [=credentials=]
+quickly if and when they no longer stand by those [=claims=].
           </li>
           <li>
-The [=holder=] trusts the [=repository=] to store [=credentials=]
-securely, to not release them to anyone other than the [=holder=], and to not
-corrupt or lose them while they are in its care.
+The [=holder=] expects the [=repository=] to store [=credentials=] securely,
+to not release [=credentials=] to anyone other than the [=holder=] (which may
+subsequently [=present=] them to a [=verifier=]), and to not corrupt nor lose
+[=credentials=] while they are in its care.
           </li>
         </ul>
 
         <p>
 This trust model differentiates itself from other trust models by ensuring
-the:
+the following:
         </p>
 
         <ul>
           <li>
-[=Issuer=] and the [=verifier=] do not need to trust the
-[=repository=]
+The [=issuer=] and [=verifier=] do not need to know anything about the
+[=repository=].
           </li>
           <li>
-[=Issuer=] does not need to know or trust the [=verifier=].
+The [=issuer=] does not need to know anything about the [=verifier=].
           </li>
         </ul>
 
         <p>
-By decoupling the trust between the [=identity provider=] and the
-[=relying party=] a more flexible and dynamic trust model is created such
-that market competition and customer choice is increased.
+By decoupling the expectations between the [=issuer=] and the [=verifier=],
+a more flexible and dynamic trust model is created, such that market
+competition and customer choice is increased.
         </p>
 
         <p>
 For more information about how this trust model interacts with various threat
-models studied by the Working Group, see the Verifiable Credentials Use Cases
-document [[VC-USE-CASES]].
+models studied by the Working Group, see the [[[VC-USE-CASES]]] [[VC-USE-CASES]].
         </p>
 
         <p class="note">
@@ -5298,7 +5301,7 @@ <h3>Signature-Based Correlation</h3>
       </section>
 
       <section class="informative">
-        <h3>Long-Lived Identifier-Based Correlation</h3>
+        <h3>Long-Lived-Identifier-Based Correlation</h3>
 
         <p>
 [=Verifiable credentials=] might contain long-lived identifiers that could