From d0a218d63ec0bb7572ab2b0ea7c7e245e27b8cc9 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sun, 24 Nov 2024 17:11:51 -0500 Subject: [PATCH] Editorial clean up of verification relationship introduction. --- index.html | 55 ++++++++++++++++++++++++++++-------------------------- 1 file changed, 29 insertions(+), 26 deletions(-) diff --git a/index.html b/index.html index 1530b59..747c8ea 100644 --- a/index.html +++ b/index.html @@ -1687,40 +1687,43 @@

Referring to Verification Methods

Verification Relationships

-A [=verification relationship=] expresses the relationship between the -[=controller=] and a [=verification method=]. +A [=verification relationship=] is an expression that one or more +[=verification methods=] are authorized to verify [=proofs=] made on behalf of +the subject.

+

-Different [=verification relationships=] enable the associated -[=verification methods=] to be used for different purposes. It is up to a -verifier to ascertain the validity of a verification attempt by -checking that the [=verification method=] used is contained in the -appropriate [=verification relationship=] property of the -[=controller document=]. +Different [=verification relationships=] enable the associated [=verification +methods=] to be used for different purposes. It is up to a [=verifier=] +to ascertain the validity of a verification attempt by checking that the +[=verification method=] used is referred to by the appropriate [=verification +relationship=] property in the [=controller document=].

+

-The [=verification relationship=] between the [=controller=] and the -[=verification method=] is explicit in the [=controller document=]. -[=Verification methods=] that are not associated with a particular -[=verification relationship=] cannot be used for that [=verification -relationship=]. For example, a [=verification method=] in the value of -the [=authentication=] property cannot be used to engage in -key agreement protocols with the [=controller=] — the value of the -keyAgreement property needs to be used -for that. +The [=verification relationship=] between the [=subject=] and the [=verification +method=] is explicit in the [=controller document=]. [=Verification methods=] +that are not associated with a particular [=verification relationship=] cannot +be used for that [=verification relationship=]. For example, a [=verification +method=] associated with the [=authentication=] property cannot be used to +engage in key agreement protocols — the value of the +keyAgreement property needs to be used for +that.

+

-The [=controller document=] does not express revoked keys using a verification -relationship. If a referenced verification method is not in the latest -[=controller document=] used to dereference it, then that verification method is -considered invalid or revoked. +The [=controller document=] does not express revoked keys using a [=verification +relationship=]. If a referenced [=verification method definition=] is not in the +latest [=controller document=] used to dereference it, then that [=verification +method=] is considered invalid or revoked.

+

-The following sections define several useful [=verification relationships=]. -A [=controller document=] MAY include any of these, or other properties, to -express a specific [=verification relationship=]. To maximize -interoperability, any such properties used SHOULD be registered in the -VC Specifications Directory. +The following sections define several useful [=verification relationships=]. A +[=controller document=] MAY include any of these, or other properties, to +express a specific [=verification relationship=]. To maximize interoperability, +any such properties used SHOULD be registered in the list of +[[[DID-EXTENSIONS-PROPERTIES]]].