Skip to content

Latest commit

 

History

History
131 lines (66 loc) · 9.72 KB

glossary-primer.md

File metadata and controls

131 lines (66 loc) · 9.72 KB

A Glossary of Terms for Rebooting the Web of Trust

by Shannon Appelcline

ACL: Access Control List. An authorization methodology where permissions are attached to an object as a list of who can access that object and in what way.

Agent: A service or application that acts as a mediator between credential issuers, credential holders, and credential verifiers.

Attestation: A statement of some fact (or some opinion) about some entity. Claim and Credential may be preferred synonyms due to W3C's work on Verifiable Credentials.

Attribute: Information about a digital identity.

Authentication: The act of verifying an identity.

Authorization: The act of verifying access permissions.

Bitcoin: The cryptocurrency that invented blockchain technology and still the digital currency with the largest market cap. Focused on the purchase of goods and services.

Blockcert: A blockchain-anchored credential that is decentralized and trustless.

Blockchain: An immutable decentralized ledger maintained by consensus rules. In other words, a sort of online database that everyone can write to if they follow set guidelines.

CA: Certificate Authority. An entity that issues certificates. Typically, a centralized authority/.

Capability: An authorization methodology where permissions are attached to an entity as a list of what objects that entity can access and in what way.

Centralized Authority: A singular entity who has control over some system or process.

Certificate: An identity credential. Typically, a public key bound to a name that is signed by some authority.

Claim: An attestation about some entity.

Credential: A set of one or more claims about the same entity, which might also include other information such as identifiers, proofs, or other metadata.

Cryptocurrency: Digital currency protected by cryptographic algorithms.

Cryptography: Mathematical processes based on one-way functions that convert a message from a plain-text form to a coded form (and vice-versa).

DAD: Decentralized Autonomic Data. Self-regulating or self-managing data that does not reside with a single party, supporting the identification, certification, and securing of streaming data that is processed in a distributed manner. See also "Decentralized Autonomic Data (DAD) and the Three R's of Key Management".

Data Minimization: The act of limiting shared data to the minimum necessary.

DID: Decentralized Identifier. A portable, globally unique identifier associated with some entity that does not require a centralized authority for registration. See also "A Short Primer on Decentralized Identifiers".

DID Document: A document that contains information related to a specific DID.

DID Method: A regularized methodology for creating, reading, updating, and revoking a DID. BTCR, IPID, Sovrin, uPort, and Veres Ones are just a few DID methods.

Decentralized: Distributed and not dependent upon any central authority.

Digital Rights: The codification of authorization to use digital media.

ECC: Elliptic Curve Cryptography. A method of public-key cryptography that depends on elliptic curves (y^2 = x^3 + ax + b) and how they behave in finite fields. They improve over classic RSA cryptography with their smaller key size.

Entity: A person, organization, concept, or device.

Ether: Currently, the third-most valuable cryptocurrency, the "fuel" for the ethereum platform.

Ethereum: A distributed computer blockchain focused on smart contracts that uses Ether.

FIDO: An authentication method for secure two-factor authentication, managed by a hardware key.

GDPR: General Data Protection Regulation. European laws that protect the data and privacy of individuals and that place restrictions on how others can use that data.

Holder: Someone who possesses credentials, usually (but not always) the subject of the credentials.

Hub: A datastore where objects are signed by a digital identity and accessible through unique global identifiers. See also "Hubs" and "Identity Hub Attestation Flows and Components".

Identifier: A proxy for identity that is used as a label to refer to the entity being represented. For example, a name or UID.

Identity: Identity is a conceptual construct that enables the differentiation between distinct entities that are individually considered to be unique. An identity is not the entity that it represents.

Identity, Digital: A digital representation of identity.

Identity, Functional: A model for identity that says, "identity is how we recognize, remember, and ultimately respond to specific people and things." See also "A Primer on Functional Identity".

Issuer: Someone who asserts claims and issues them in credentials.

Key: A cryptographic secret used to encrypt or decrypt data. In traditional symmetric cryptography, the same key was used for encrypting and decrypting. In public-key cryptography, a private key is used for encrypting (and signing) while a mathematically related public key is used for decrypting (and verifying).

PGP: Pretty Good Privacy. A classic program used for encrypting, decrypting, and signing data. The origin of the Web of Trust, which was designed as a method for determining the trust of public keys, as an alternative to a centralized public-key infrastructure.

PKI: Public-Key Infrastructure. A methodology to ensure the creation, storage, distribution, and revocation of public keys.

Private Key: Half of the keypair in public-key cryptography. A secret that's used to encrypt and to sign.

Public Key: Half of the keypair in public-key cryptography. A publicly distributed key that's used to decrypt and to verify signatures.

Public-key Cryptography: A cryptographic process that uses two mathematically related keys, one to encrypt a message and one to decrypt a message; one key (the public key) can be derived from the other key (the private key), but not vice-versa.

Repository: A wallet (or other storage area) used to store personal credentials.

Reputation: A system for measuring the behavior of entities.

Revocation: The act of cancelling digital identity data such as a DID or private key.

Ripple: A real-time payment and settlement system designed to bridge transfers between different sorts of money using the XRP cryptocurrency. Although it uses a distributed consensus ledger, it is not a blockchain.

Selective Disclosure: A method of sharing information at a granular level, such as revealing some claims but not an entire credential. See also "Engineering Privacy for Verified Credentials".

Signature: A means for verifying the authenticity of a message or transaction by signing it with a private key; the signature can then be verified with a public key.

Smart Contract: A digital program, often associated with the transaction of cryptocurrency funds. Neither smart nor a contract.

SSI: Self-sovereign identity. A decentralized, portable digital identity that does not depend on any centralized authority. See also "The Path to Self-Sovereign Identity".

Subject: Someone who is the subject of claims.

Trustless: Requiring no trust. A process that is designed such that its rules ensure that all of its participants must act fairly. Usually part of a decentralized design.

Verifiable Claims: The original name for Verifiable Credentials.

Verifiable Credentials: A tamper-evident credential, per the W3C Data Model. See also "A Verifiable Credentials Primer".

Verification: The act of proving the accuracy of something, often verifying a digital signature.

Verifier: Someone who verifies credentials.

Wallet: A digital means to store private keys and their associated public keys. The term comes from cryptocurrency wallets, which store the keys associated with cryptocurrency transactions, but there are also identity wallets, which store keys related to digital identities.

Wallet, Hardware: A hardware gadget that acts as a wallet. Often, a Ledger or a Trezor.

Web of Trust: A method for assessing trust based on peer-to-peer processes. More broadly, an area of digital development that focuses on decentralized identity.

XRP: Currently, the second-most valuable cryptocurrency, owned by Ripple. Created as a high-speed bridge currency that eliminates exchange fees.

Zero-knowledge Proof: A cryptographic method where someone can prove that they know some information without revealing the information.

Some inspirations for terms and for the words used to describe them drawn from Verifiable Claims Terminology.

If you have any disagreements on definitions on which to include additional terms, please enter a PR.