From 2e71d8e27ea9ff5ffb8cb1cb12c96b5445ba9ba4 Mon Sep 17 00:00:00 2001
From: Ivan Herman <ivan@w3.org>
Date: Tue, 9 Jul 2024 15:54:18 +0200
Subject: [PATCH] Clarify what a securing mechanism secures.

Co-authored-by: Dave Longley <dlongley@digitalbazaar.com>
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
Co-authored-by: Manu Sporny <msporny@digitalbazaar.com>
---
 index.html | 40 ++++++++++++++++++++--------------------
 1 file changed, 20 insertions(+), 20 deletions(-)

diff --git a/index.html b/index.html
index 09c432366..76b473943 100644
--- a/index.html
+++ b/index.html
@@ -4246,37 +4246,37 @@ <h3>Securing Mechanism Specifications</h3>
 
         <p>
 Securing mechanism specifications that create new types of [=embedded proofs=]
-MUST specify a [=property=] for securing both [=verifiable credentials=] and
-[=verifiable presentations=]. The requirements for the property used by the
-embedded securing mechanism are as follows:
+MUST specify a [=property=] that relates the [=verifiable credential=] or [=verifiable
+presentation=] to a [=proof graph=]. 
+The requirements on the securing mechanism are as follow:
         </p>
-
         <ul>
           <li>
-The property MUST relate the [=verifiable credential=] or [=verifiable
-presentation=] to a separable and securable [=proof graph=].
-          </li>
-          <li>
-The property MUST define all terms used by the [=proof graph=]. For example,
+The securing mechanism MUST define all terms used by the [=proof graph=]. For example,
 the mechanism could define vocabulary specifications and `@context` files
 in the same manner as they are utilized by this specification.
           </li>
           <li>
-In a [=verifiable credential=], the property MUST secure the
-[=default graph=].
-          </li>
-          <li>
-In a [=verifiable presentation=], the property MUST secure the
-[=default graph=] of the [=presentation=] as well as every [=proof graph=]
-related to each [=verifiable credential=] in the [=presentation=].
+The securing mechanism MUST secure all graphs in the [=verifiable credential=] or the [=verifiable
+presentation=], except for any [=proof graphs=] securing the [=verifiable credential=] 
+or the [=verifiable presentation=] itself.
           </li>
-          <li>
+
+        </ul>
+
+      <p class="note">
+The last requirement means that the securing mechanism secures the [=default graph=] and, 
+for [=verifiable presentations=], each [=verifiable credential=] of the presentation, together with 
+their respective [=proof graphs=].
+See also <a href="#info-graph-vp"></a> or <a href="#info-graph-vp-mult-creds"></a>.
+      </p>
+
+      <p>
 The `proof` property as defined in [[VC-DATA-INTEGRITY]] MAY be used by the
 embedded securing mechanism.
-          </li>
-        </ul>
+      </p>
 
-        <p>
+      <p>
 Securing mechanism specifications SHOULD register the securing mechanism in the
 <a data-cite="?VC-SPECS#securing-mechanisms">Securing Mechanisms</a> section
 of the [[[?VC-SPECS]]] [[?VC-SPECS]].