index.html

<!DOCTYPE html>
<html>
<head>
<title>Verifiable Credentials Use Cases</title>
<meta http-equiv='Content-Type' content='text/html;charset=utf-8' />
<script src='https://www.w3.org/Tools/respec/respec-w3c' class='remove'></script>
<script src='https://opencreds.github.io/vc-common/common.js' class='remove'></script>
<script src='./refs.js' class='remove'></script>
<script class='remove'>
var respecConfig = {
  // specification status (e.g. WD, LCWD, NOTE, etc.). If in doubt use .
  specStatus:           "ED",
  useExperimentalStyles: true,

  // the specification's short name, as in http://www.w3.org/TR/short-name/
  shortName:            "vc-use-cases",

  // the specification's group as found in https://respec.org/w3c/groups/
  group:            "vc",

  // if you wish the publication date to be other than today, set this
  // publishDate:  "2019-09-24",

  // if there is a previously published draft, uncomment this and set its YYYY-MM-DD date
  // and its maturity status
  //previousPublishDate:  "2017-05-01",
  //previousMaturity:     "CG-FINAL",

  // extend the bibliography entries
  localBiblio: opencreds.localBiblio,

  github: "https://github.com/w3c/vc-use-cases",
  includePermalinks: false,

  // if there a publicly available Editor's Draft, this is the link
  //edDraftURI: "https://opencreds.github.io/vc-use-cases/",

  // if this is a LCWD, uncomment and set the end of its review period
  // lcEnd: "2009-08-05",

  // if you want to have extra CSS, append them to this list
  // it is recommended that the respec.css stylesheet be kept
  //extraCSS:             [],

  // editors, add as many as you like
  // only "name" is required
  editors:  [
    { name: "Shane McCarron", url: "http://blog.halindrome.com/",
      company: "Spec-Ops", companyURL: "https://spec-ops.io", w3cid: "23346" },
    { name: "Joe Andrieu", 
      company: "Legendary Requirements", companyURL: "http://legreq.com" },
    { name: "Matt Stone", url: "https://www.lithos.me/about",
      company: "The Brightlink", companyURL: "http://www.thebrightlink.com" },
    { name: "Tzviya Siegman", url: "",
      company: "Wiley", companyURL: ""},
    { name: "Gregg Kellogg", url: "http://greggkellogg.net/",
      company: "Spec-Ops", companyURL: "https://spec-ops.io/",
      w3cid: "44770" },
    { name: "Ted Thibodeau, Jr.", url: "https://www.linkedin.com/in/macted/",
      company: "OpenLink Software, Inc.", companyURL: "http://www.openlinksw.com/"},
    { name: "Kevin Dean", url: "https://www.linkedin.com/in/kdean/",
      company: "Dolphin Data Development Ltd."}
  ],

  // authors, add as many as you like.
  // This is optional, uncomment if you have authors as well as editors.
  // only "name" is required. Same format as editors.

  authors:  [
    { name: "Nate Otto", url: "",
      company: "Badge Alliance", companyURL: "" },
    { name: "Sunny Lee", url: "",
      company: "Badge Alliance", companyURL: "" },
    { name: "Brian Sletten", url: "http://bosatsu.net",
      company: "Bosatsu Consulting, Inc.", companyURL: "http://bosatsu.net" },
    { name: "Daniel Burnett",
      company: "Standards Play", companyURL: "http://standardsplay.com/"},
    { name: "Manu Sporny", url: "http://digitalbazaar.com/",
      company: "Digital Bazaar, Inc.", companyURL: "http://digitalbazaar.com/" },
    { name: "Ken Ebert", url: "",
      company: "Sovrin Foundation", companyURL: "https://sovrin.org/" }
  ],

  // maximum level of table of contents
  maxTocLevel: 3,

  // name of the WG
  wg:           "Verifiable Claims Working Group",

  // URI of the public WG page
  wgURI:        "https://www.w3.org/2017/vc/",

  // name (with the @w3c.org) of the public mailing to which comments are due
  // wgPublicList: "public-vc-comments",

  // URI of the patent status for this WG, for Rec-track documents
  // !!!! IMPORTANT !!!!
  // This is important for Rec-track documents, do not copy a patent URI from a random
  // document unless you know what you're doing. If in doubt ask your friendly neighbourhood
  // Team Contact.
  wgPatentURI:  "https://www.w3.org/2004/01/pp-impl/98922/status"
};
</script>

<style>
dl {
    margin-top: 20px;
    margin-bottom: 20px;
}
dt,
dd {
    line-height: 1.42857143;
}
dl.dl-horizontal > dt {
    font-weight: bold;
}
dl.dl-horizontal > dd {
    padding-bottom: 10px;
}
@media (min-width: 768px), print {
    .dl-horizontal {
        margin-bottom: 2em;
    }
    .dl-horizontal dt {
        font-weight: normal;
        float: left;
        width: 160px;
        clear: left;
        overflow: hidden;
        text-align: right;
    }
    .dl-horizontal dd {
        margin-left: 180px;
    }
    .dl-horizontal dd > ul {
        padding-left: 20px;
        margin: 0px;
    }
    .dl-horizontal dd + dt { border-top: solid thin grey; }
    dl.dl-horizontal dt:not(:first-child) + dd { border-top: solid thin grey; }

    .left.dl-horizontal dt {
        text-align: left;
    }
}
.dl-horizontal dd + dd { border-top: dotted thin grey;
    padding-top: 0.5em; }
</style>

</head>

<body>
  <section id='abstract'>
    <p>
A <em>verifiable claim</em> is a qualification, achievement, quality, or piece
of information about an <a>entity's</a> background such as a name, government
ID, payment provider, home address, or university degree. Such a claim
describes a quality or qualities, property or properties of an <a>entity</a>
which establish its existence and uniqueness. The use cases outlined here are
provided in order to make progress toward possible future standardization and
interoperability of both low- and high-stakes <a>claims</a> with the goals of
storing, transmitting, and receiving digitally verifiable proof of attributes
such as qualifications and achievements. The use cases in this document focus
on concrete scenarios that the technology defined by the group should address.
    </p>
  </section>
  <section id='sotd'>
    <p>
This document represents a concise but limited collection of use cases readers
should review alongside the <a href="https://www.w3.org/TR/vc-data-model/">Verifiable
Credentials Data Model</a>.
    </p>
    <p>
The work on this document was carried out under tight time constraints due to
limitations of the W3C process and publishing deadlines. Under such conditions,
errors are unavoidable and some of the ideas presented here are incomplete.
The Working Group hopes that in the future, W3C process can be revised to better
support the dynamic nature of standards work in a more consistent way across
different groups.
    </p>
    <p>
Comments regarding this document are welcome. Please file directly on
<a href="https://github.com/w3c/vc-use-cases/issues/">GitHub</a>, or send them
to <a href="mailto:public-vc-comments@w3.org">public-vc-comments@w3.org</a>
(<a href="mailto:public-vc-comments-request@w3.org?subject=subscribe">subscribe</a>,
<a href="https://lists.w3.org/Archives/Public/public-vc-comments/">archives</a>).
    </p>
  </section>

  <section>
    <!-- Editor - @halindrome -->
    <h2>Introduction</h2>
      <p>
The Verifiable Claims Working Group at the W3C is developing standards for
expressing and exchanging "<a>claims</a>" that have been verified by a third
party and to make them easier and more secure on the Web.
    </p>
    <div class="note">
This document does NOT attempt to define an architecture for the support of
Verifiable Claims.  Instead it expresses the sorts of needs that real users have
that could be addressed through support for some sort of self-sovereign claim
environment.  It attempts to use terminology that is consistent with the other
deliverables of the Verifiable Claims Working Group (you can see the relevant
terms in Appendix A).
    </div>
    <section>
      <h3>Importance of this work</h3>
      <p>
Entities (people, organizations, devices) need to make many kinds of
<a>claims</a> as part of their everyday activities. As more and more of these
important activities move to the Internet, <a>entities</a> need to be able to
transmit instantly <em>verifiable</em> claims (e.g., about their location,
accomplishments, value, what-have-you). From educational records to payment
account access, the next generation of web applications will authorize
<a>entities</a> to perform actions based on rich sets of credentials issued by
trusted parties. Human- and machine-mediated decisions about job applications,
account access, collaboration, and professional development will depend on
filtering and analyzing growing amounts of data. It is essential that data be
verifiable.
      </p>
      <p>
Standardization of digital <a>claim</a> technologies makes it possible for many
stakeholders to issue, earn, and trust these essential records about their
counterparties, without being locked into proprietary platforms.
      </p>
    </section>
    <section>
      <h3>Use case model</h3>
      <p>
This document presents an aggregate use case model, composed of Needs, Roles,
Tasks, and Sequences. Taken together, these models define the use cases that
the Verifiable Claims Working Group has addressed.
      </p>
      <p>
User needs define the problem space addressed by <a>verifiable credentials</a>.
User Roles specify the roles different <a>entities</a> play when interacting
with <a>verifiable credentials</a>. Tasks define the functions users can
accomplish, and sequences demonstrate how tasks might be realized, by
interactions between <a>entities</a> over time.
      </p>
      <p>
As with all models, this use case model is neither exhaustive nor complete. The
listed uses cannot capture all possible use cases. Similarly, the models do not
completely characterize the use cases represented. However, the combined model
is intended to provide specific, coherent guidance for the work ahead.
      </p>
    </section>
    <section id="conformance" class="normative">
    </section>
    </section>

  <section>
    <h2>User Roles</h2>
    <p>
There are four roles supported by <a>verifiable credentials</a>: <a>Issuer</a>,
<a>Verifier</a>, <a>Subject</a>, and <a>Holder</a>.
    </p>
    <figure>
      <img alt="Verifiable Credential User Roles" 
           style="display:block; margin:auto"
           src="VerifiableCredentialsUserRoles.png" />
      <figcaption>
Verifiable Credential User Roles
      </figcaption>
    </figure>

    <dl>
      <dt>
Issuer
      </dt>
      <dd>
The <a>entity</a> that creates a <a>claim</a> and associates it with a
particular <a>subject</a>.
      </dd>
      <dt>
Verifier
      </dt>
      <dd>
The <a>entity</a> verifying a <a>claim</a> about a given <a>subject</a>.
      </dd>
      <dt>
Subject
      </dt>
      <dd>
The <a>entity</a> about whom a <a>claim</a> is issued.
      </dd>
      <dt>
Holder
      </dt>
      <dd>
A role an <a>entity</a> may perform by possessing one or more
<a>verifiable credentials</a>. A <a>holder</a> is usually, but not always, the
<a>subject</a> of the <a>verifiable credentials</a> that they are holding.
<a>Holders</a> store their <a>credentials</a> in <a>credential repositories</a>.
      </dd>
    </dl>
  </section>


  <section>
    <h2>User Needs</h2>
    <p>
<a>Verifiable credentials</a> address user needs in a number of key domains:
    </p>

    <figure>
      <img alt='Verifiable Credential User Needs'
           style='display:block; margin:auto'
           src="VerifiableCredentialsProblemDomains.png" />
      <figcaption>
Verifiable Credentials, Example Domains for User Needs
      </figcaption>
    </figure>

    <section>
      <h3>Education</h3>
      <p>
The education domain includes all levels of the educational experience; from
primary through professional continuing education.
      </p>
      <dl class="left dl-horizontal">
        <div data-include="short/e1_digital_transcript.html"
             data-include-replace="true"
             data-format="html"></div>
        <div data-include="short/e2_taking_a_test.html"
             data-include-replace="true" data-format="html"></div>
        <div data-include="short/e3_transferring_schools.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/e4_online_classes.html"
          data-include-replace="true" data-format="html"></div>
      </dl>
    </section>
    <section>
      <h3>Retail</h3>
      <p>
The retail domain encompasses all things where there is an exchange of value on
an individual level. This includes brick-and-mortar store fronts, web-only
venues, and even person-to-person sales.
      </p>
      <dl class="left dl-horizontal">
        <div data-include="short/r1_address-verification.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/r2_adult_beverages.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/r3_fraud_detection.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/r4_bona_fide_shopper.html"
          data-include-replace="true" data-format="html"></div>
      </dl>
    </section>
    <section>
      <h3>Finance</h3>
      <p>
The Finance domain includes banking, brokerage, insurance, and other
industries where there is a high value placed on knowing exactly with whom
you are dealing.
      </p>
      <dl class="left dl-horizontal">
        <div data-include="short/f1_reuse_know_your_customer.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/f2_money_transfer.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/f3_closing_account.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/f4_trying_out_a_new_service.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/f5_new_bank_account_from_home.html"
          data-include-replace="true" data-format="html"></div>
      </dl>
    </section>

    <section>
      <h3>Healthcare</h3>
      <p>
Privacy is critically important in the healthcare industry. This domain looks
at everything from physical interaction to connecting patients and providers
with service organizations.
      </p>
      <dl class="left dl-horizontal">

        <div data-include="short/h1_prescribing.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/h2_online_pharmacy.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/h3_insurance_claim.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/h4_traveling_illness.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/h5_proving_legal_disability_status.html"
          data-include-replace="true" data-format="html"></div>

      </dl>
    </section>

    <section>
      <h3>Professional Credentials</h3>
      <p>
In many aspects of life it is important to know that <a>entities</a> are who
they say they are, and that they can do what they say. Professional
accreditation is one way of learning about the abilities of an <a>entity</a>.
Being able to verify these credentials is essential to their value.
      </p>
      <dl class="left dl-horizontal">
        <div data-include="short/c1_find_a_doctor.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/c2_busy_doctor.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/c3_bad_university.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/c4_new_employer.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/c5_social_authority.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/c6_job_applicant.html"
          data-include-replace="true" data-format="html"></div>
      </dl>
    </section>
    <section>
      <h3>Legal Identity</h3>
      <p>
For many transactions, an <a>entity</a> must be able to prove some aspect of
their identity in a way that can be quickly verified.  Governments and other
widely recognized <a>entities</a> are well positioned to provide such
identification in a verifiable digital form.
      </p>
      <dl class="left dl-horizontal">
        <div data-include="short/l1_digital_driving_license.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/l2_seamless_immigration.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/l3_speedy_air_travel.html"
          data-include-replace="true" data-format="html"></div>
        <div data-include="short/l4_refugee_crisis.html"
          data-include-replace="true" data-format="html"></div>

      </dl>
    </section>
    <section>
      <h3>Devices</h3>
        <p>
Intelligence devices are created and deployed so that they can interact with
other <a>entities</a> (people, organizations, devices). Establishing trust
and maintaining secure relationships with these devices is especially critical.
        </p>
        <dl class="left dl-horizontal">
          <div data-include="short/d1_devices_during_manufacturing.html"
            data-include-replace="true" data-format="html"></div>
          <div data-include="short/d2_devices_during_delivery.html"
            data-include-replace="true" data-format="html"></div>
          <div
            data-include="short/d3_devices_setup_for_operating_autonomously.html"
            data-include-replace="true" data-format="html"></div>
        </dl>
    </section>
</section>
<section>
    <h2>User Tasks</h2>
    <p>
Use cases are often used as a driver for requirements. While the users of
<a>verifiable credentials</a> have needs across many domains, the tasks
associated with those needs span the domains. This section summarizes those
tasks, as well as requirements related to the tasks, and maps the tasks and
requirements back to the associated needs.
    </p>
    <p class="note">
It is worth noting that the <a>subject</a> may or may not be the same
<a>entity</a> as the <a>holder</a>. There are no tasks in these examples that
require participation of the <a>subject</a>.
    </p>

      <figure>
        <img alt="Verifiable Credential User Tasks"
             style="display:block; margin:auto"
             src="VerifiableCredentialsUserTasks.png" />
        <figcaption>
Verifiable Credential User Tasks
        </figcaption>
      </figure>

    <section>
      <h3>Issue Claim</h3>
      <dl class="dl-horizontal">
        <dt>Requirement</dt>
        <dd>
It MUST be possible for any <a>entity</a> to issue a <a>verifiable credential</a>.
        </dd>
        <dt>Motivation</dt>
        <dd>
Individuals and organizations need a way to issue <a>claims</a> about
themselves or others that can be verified and trusted.
        </dd>
        <dt>Needs</dt>
        <dd>
<uref>F.1</uref>, <uref>E.1</uref>, <uref>L.1</uref>, <uref>H.1</uref>
        </dd>
      </dl>
    </section>
    <section>
      <h3>Assert Claim</h3>
      <dl class="dl-horizontal">
        <dt>Requirement</dt>
        <dd>
It MUST be possible for the <a>holder</a> of a <a>verifiable credential</a>
to restrict the amount of information exposed in a <a>credential</a> they
choose to share.  It also MUST be possible for the holder to limit the
duration for which that information is shared.
        </dd>
        <dt>Motivations</dt>
        <dd>
<a>Credentials</a> may be issued about a <a>subject</a> that include multiple
attributes, only some of which are required when verifying a specific criteria
is satisfied. The <a>holder</a> should have the ability to satisfy the
criteria without revealing additional attributes that are not required.
        </dd>
        <dt>Needs</dt>
        <dd>
<uref>R.2</uref>, <uref>H.4</uref>
        </dd>
      </dl>
    </section>
    <section>
      <h3>Verify Claim</h3>
      <dl class="dl-horizontal">
        <dt>Requirement</dt>
        <dd>
It MUST be possible for a <a>verifier</a> to verify that the credential is an
authentic statement of an <a>issuer's</a> <a>claims</a> about the
<a>subject</a>. The verifying <a>entity</a> must have the capability to
connect the issuer’s identity to its credential identifier and the
<a>subject's</a> identity to their identifier as indicated in the credential.
The issuer’s verification information, such as its public key, must be
discoverable from the credential record and verifiably linked to the issuer.
It MUST be possible to do this in an automated fashion.
        </dd>
        <dt>Motivations</dt>
        <dd>
In many environments (such as order processing) information such as a payer's
address, citizenship, or age need to be automatically verified in order to
complete the transaction.
        </dd>
        <dt>Needs</dt>
        <dd>
<uref>F.2</uref>, <uref>C.1</uref>, <uref>E.2</uref>, <uref>R.1</uref>,
<uref>F.5</uref>, <uref>H.2</uref>, <uref>C.6</uref>
        </dd>
      </dl>
    </section>
    <section>
      <h3>Store / Move Claim</h3>
      <dl class="dl-horizontal">
        <dt>Requirement</dt>
        <dd>
It MUST be possible for the holder of a claim to store that claim in one or
more <a>credential repositories</a>. It MUST also be possible for the holder
to move a claim among <a>credential repositories</a>, and to do so without
requesting a new claim from the claim issuer.
        </dd>
        <dt>Motivation</dt>
        <dd>
A <a>claim</a> is under the control of its <a>holder</a>. That holder will
choose where their <a>claims</a> are stored based upon a variety of factors
(e.g., employer requirements, convenience, service levels, provider cost,
business intelligence). The holder needs to be able to easily choose among
various <a>credential repositories</a>, and also to be able to migrate their
<a>claims</a> to another without requesting new <a>claims</a> from the
<a>claim</a> <a>issuer</a>.
        </dd>
        <dt>Needs</dt>
        <dd>
<uref>F.4</uref>, <uref>E.3</uref>, <uref>C.4</uref>
        </dd>
      </dl>
    </section>
    <section>
      <h3>Retrieve Claim</h3>
      <dl class="dl-horizontal">
        <dt>Requirement</dt>
        <dd>
It MUST be possible for a <a>holder</a> to select if and which appropriate
credential should be sent to a <a>verifier</a>.
        </dd>
        <dt>Motivations</dt>
        <dd>
A <a>verifier</a> may require that a <a>holder</a> verify aspects of their
suitability for a transaction.  In this case, the <a>holder</a> must be able
to select which, if any, <a>verifiable credential</a> stored with their
<a>credential repository</a> is used to satisfy the <a>verifier</a>.
        </dd>
        <dt>Needs</dt>
        <dd>
<uref>C.5</uref>, <uref>E.4</uref>
        </dd>
      </dl>
    </section>
    <section>
      <h3>Revoke Claim</h3>
      <dl class="dl-horizontal">
        <dt>Requirement</dt>
        <dd>
It MUST be possible for the <a>issuer</a> of a <a>claim</a> to revoke it,
after which it will no longer satisfy verification procedures.
        </dd>
        <dt>Motivation</dt>
        <dd>
An <a>entity</a> (<a>issuer</a>) discovers that a <a>claim</a> they have
issued and are endorsing for an end user (<a>subject</a>), is no longer valid
and wishes to revoke the issued claim.
        </dd>
        <dt>Needs</dt>
        <dd>
<uref>F.3</uref>, <uref>C.2</uref>, <uref>C.3</uref>
        </dd>
      </dl>
    </section>
  </section>
  <section>
    <h2>Focal Use Cases</h2>
    <p>
Focal Use Cases are meant to provide examples where a blend of features from
<a>verifiable credentials</a> standard may be used together to solve complex
or challenging marketplace needs.
    </p>
    <div data-include="focal/1_citizenship_by_parentage.html"
    data-include-replace="true" data-format="html"></div>
    <div data-include="focal/2_expert_dive_instructor.html"
    data-include-replace="true" data-format="html"></div>
    <div data-include="focal/3_international_travel_with_minor_and_upgrade.html"
    data-include-replace="true" data-format="html"></div>
  </section>
  <section>
    <h2>Extant Use Cases</h2>
    <p>
Extant Use Cases are illustrative of market adoption, i.e., examples of the use
of <a>verifiable credentials</a> in real-world applications.
    </p>
  </section>
  <section>
    <!-- Editor - @halindrome -->
    <h2>User Sequences</h2>
    <p>
The transaction examples in this section show basic ways in which
<a>verifiable credentials</a> might be used. They are not meant to be
architecturally constraining. Instead, they are meant to help illustrate the
basic way it <em>could</em> be done in a typical commerce situation. Again
&mdash; please remember that it is just an example, and should not be thought
of as the canonical way such a <a>claims</a> environment must be implemented.
    </p>
    <section>
      <h3>How a Verifiable Credential Might Be Created</h3>
      <p>
In this first example, a user will request a verifiable credential&mdash;a
confirmation of their identity. Consider this illustration:
      </p>

      <figure>
        <img aria-describedby="claim_flow"
             alt="Verifiable Credential Creation Flow Description"
             style="display:block; margin:auto"
             src="uc-issuing-claims.svg" />
        <figcaption>Verifiable Credential Creation Flow Diagram</figcaption>
      </figure>

      <p>
Expanding on these steps:
      </p>
        <ol id="claim_flow" title="Verifiable Credential Creation Flow Description">
          <li>
Jane asks her User Agent to help her get a <a>verifiable credential</a> about
her identity.
          </li>
          <li>
Her user agent connects her to a <a>credential</a> <a>issuer</a> that is able to
<a>verify</a> her identity.
          </li>
          <li>
The issuer examines her documentation.
          </li>
          <li>
They are satisfied, so the <a>issuer</a> generates a
<a>verifiable credential</a> for Jane that includes information about her
identity linked to their own trusted <a>credential</a>.
          </li>
          <li>
The issuer delivers the <a>verifiable credential</a> back to Jane's User Agent.
          </li>
          <li>
Jane views the <a>verifiable credential</a> to ensure it reflects her requirements.
          </li>
          <li>
When she is satisfied, she instructs her User Agent to save the
<a>verifiable credential</a> so she can use it in the future.
          </li>
          <li>
The UA communicates with her <a>credential repository</a>, instructing it to
store the new <a>verifiable credential</a>.
          </li>
          <li>
The <a>credential repository</a> returns a list of the 
<a>verifiable credentials</a> it is holding for Jane to the UA.
          </li>
          <li>
The UA shows Jane her <a>verifiable credential</a> collection &mdash;
confirming everything she has available.
          </li>
        </ol>
    </section>
    <section>
      <h3>How a Verifiable Credential Might Be Used</h3>
        <p>
In this example, a <a>holder</a> of a <a>claim</a> needs to use that
<a>claim</a> in a typical commerce situation:
        </p>
        <figure>
          <img aria-describedby="vf-flow"
               alt="Verifiable Credential Usage Flow Diagram"
               style="display:block; margin:auto"
               src="example.svg" />
          <figcaption>
Verifiable Credential Usage Flow Diagram
          </figcaption>
        </figure>
        <ol title="Verifiable Credential Usage Flow Description" id="vf-flow">
          <li>
Jane decides to shop on the website WinesOfTheWorld.example.com (merchant).
          </li>
          <li>
The merchant's site requires Jane be 21 years of age and requests (via a user
agent-supported API call) that Jane prove this.
          </li>
          <li>
Jane's user agent asks her <a>credential repository</a> for the proof.
          </li>
          <li>
The <a>credential repository</a> shows Jane some <a>verifiable credentials</a>
it holds that can support her age claim (e.g., her passport, driving license,
and birth certificate).
          </li>
          <li>
Jane selects one of these, and authorizes that it be shared with the merchant.
          </li>
          <li>
The <a>credential repository</a> returns the selected <a>credential</a> as a
response to the user agent-supported API call, which in turn delivers it to
the merchant.
          </li>
          <li>
The merchant's server verifies that the <a>claim</a> is valid and satisfies
the requirement.
          </li>
          <li>
The merchant redirects the user agent to the web site with appropriate
authorization.
          </li>
        </ol>
    </section>
  </section>


  <section class="appendix">
    <!-- Editor - @halindrome -->
    <h2>Terminology</h2>

      <em>This section is non-normative.</em>

      <div data-include="./terms.html"
          data-oninclude="restrictReferences">
      </div>

  </section>
  <section class="appendix">
    <h2>Example Verifiable Credentials</h2>
    <h3>Focal Use Case: International Travel with Minor</h3>

      <pre class="example nohighlight" title="Malathi's passport (simple model)">
{
  "@context": [
    "https://w3id.org/credentials/v1",
    "https://example.com/travel-vocab/v1"
  ],
  "id": "urn:uuid:9f6878c8-73c7-11e8-ab37-23a1a3504fd0",
  "type": ["VerifiableCredential", "PassportCredential"],
  /* gov't DID */
  "issuer": "did:example:CCnF3zFaXkPN4zB94XaomRdvw2zX3XHPVX3aExcgo6PV",
  "expires": "2028-01-01T00:00:00Z",
  "claim": {
    "id": "did:example:BcRisGnqV4QPb6bRmDCqEjyuubBarS1Y1nhDwxBMTXY4",
    "givenName": "Malathi",
    "familyName": "Hamal",
    "citizenship": "US",
    /* any other claims made by gov't */
  },
  "proof": {/* signature by gov't */}
}
      </pre>

      <pre class="example nohighlight" title="Malathi's passport (passport is a document model) ">
{
  "@context": [
    "https://w3id.org/credentials/v1",
    "https://example.com/travel-vocab/v1"
  ],
  "id": "urn:uuid:9f6878c8-73c7-11e8-ab37-23a1a3504fd0",
  "type": ["VerifiableCredential", "PassportCredential"],
  /* gov't DID */
  "issuer": "did:example:CCnF3zFaXkPN4zB94XaomRdvw2zX3XHPVX3aExcgo6PV",
  "expires": "2028-01-01T00:00:00Z",
  "claim": {
    "id": "did:example:BcRisGnqV4QPb6bRmDCqEjyuubBarS1Y1nhDwxBMTXY4",
    "passport": {
      "id": "urn:uuid:79c181dc-73c7-11e8-8c1f-2bb1fd2d268a",
      "type": "Passport",
      "traveler": {
        "id": "did:example:BcRisGnqV4QPb6bRmDCqEjyuubBarS1Y1nhDwxBMTXY4",
        "givenName": "Malathi",
        "familyName": "Hamal",
        "citizenship": "US"
      },
      /* any other passport fields */
    }
  },
  "proof": {/* signature by gov't */}
}
      </pre>

      <pre class="example nohighlight" title="Anand's passport">
{
  "@context": [
    "https://w3id.org/credentials/v1",
    "https://example.com/travel-vocab/v1"
  ],
  "id": "urn:uuid:b306614c-73c7-11e8-b596-47e8c5ce9144",
  "type": ["VerifiableCredential", "PassportCredential"],
  /* gov't DID */
  "issuer": "did:example:CCnF3zFaXkPN4zB94XaomRdvw2zX3XHPVX3aExcgo6PV",
  "expires": "2020-01-01T00:00:00Z",
  "claim": {
    "id": "did:example:8vFBbPrhBUyG6DEzVncBZpzBNsmRrbfsQKXQKPLskBCu",
    "givenName": "Anand",
    "familyName": "Hamal"
    "citizenship": "US",
    /* any other claims made by gov't */
  },
  "proof": {/* signature by gov't */}
}
      </pre>

      <pre class="example nohighlight" title="Anand's birth certificate">
{
  "@context": [
    "https://w3id.org/credentials/v1",
    "https://example.com/travel-vocab/v1"
  ],
  "id": "urn:uuid:05a47fe2-73c8-11e8-ac1e-7fe0051a1d75",
  "type": ["VerifiableCredential", "BirthCertificate"],
  "issuer": "did:example:CCnF3zFaXkPN4zB94XaomRdvw2zX3XHPVX3aExcgo6PV",
  "expires": "2020-01-01T00:00:00Z",
  "claim": {
    "id": "did:example:8vFBbPrhBUyG6DEzVncBZpzBNsmRrbfsQKXQKPLskBCu",
    "citizenship": "US",
    "birthDate": "2017-10-01T00:00:00Z",
    "birthPlace": {
      "type": "Hospital",
      "address": {
        "type": "US address",
        "addressLocality": "Denver",
        "addressRegion": "CO",
        "postalCode": "80209",
        "streetAddress": "123 Main St."
      }
    },
    "givenName": "Anand",
    "familyName": "Hamal",
    "parent": [{
      "id": "did:example:BcRisGnqV4QPb6bRmDCqEjyuubBarS1Y1nhDwxBMTXY4",
      "type": "Person",
      "givenName": "Malathi",
      "familyName": "Hamal",
      "maidenName": "Holla"
    }, {
      "id": "did:example:BgXRjB4RPrrsUVoVNaYNwzfznKsWep7AWrZkiyVcorEN",
      "type": "Person",
      "givenName": "Rajesh",
      "familyName": "Hamal"
    }]
  },
  "proof": {/* signature by gov't */}
}
      </pre>

      <pre class="example nohighlight"
           title="Permission to travel from Rajesh using schema.org vocab" >
{
  "@context": [
    "https://w3id.org/credentials/v1",
    "https://example.com/travel-vocab/v1"
  ],
  "id": "urn:uuid:58c08196-73c6-11e8-b030-3bd8a829a356",
  "type": ["VerifiableCredential", "ChildTravelPass"],
  "issuer": "did:example:BgXRjB4RPrrsUVoVNaYNwzfznKsWep7AWrZkiyVcorEN",
  "expires": "2018-07-01T00:00:00Z",
  "claim": {
    "id": "did:example:8vFBbPrhBUyG6DEzVncBZpzBNsmRrbfsQKXQKPLskBCu",
    "potentialAction": {
      "type": "TravelAction",
      "agent": "did:example:8vFBbPrhBUyG6DEzVncBZpzBNsmRrbfsQKXQKPLskBCu",
      "participant": "did:example:BcRisGnqV4QPb6bRmDCqEjyuubBarS1Y1nhDwxBMTXY4",
      "location": {
        "type": "Country",
        "address": {
          "addressCountry": "CA"
        }
      }
    }
  },
  "proof": {/* signature by Rajesh proving control of DID */}
}
      </pre>
  </section>

  <section class="informative">
    <h2>Acknowledgements</h2>

    <p>
The editors are thankful to the contributions from the Web Payments Workshop,
the Web Payments Community Group, the Web Payments Interest Group, the
Credentials Community Group, the Verifiable Claims Task Force, and the
Verifiable Claims Working Group.
    </p>

  </section>


</body>
</html>