The cornerstone of the Blockcerts project is the belief that people should be able to possess and prove ownership of their important digital records. These records form the basis for proving aspects of oneself, consistent with the principles of self-sovereign identity.
Ideal Characteristics for Recipient
For a validly-issued certificate should be useful to a recipient, the following characteristics are needed:
Independence: The recipient owns the credential, and does not require the issuer or 3rd party to be involved after receiving the credential
Ownership: The recipient may prove ownership of the credential
Control: The recipient has control over how they curate credentials they own. They may choose to associate credentials with an established profile they own, or not.
Verifiability: The credential must be verifiable by 3rd parties
Permanence: The credential must be a permanent record (see limitations at the end)
Ideal Characteristics for Issuer
For a credentialing system to be useful to an issuer, the following characteristics are needed:
- Issuer may prove they issued the credential
- Issuer may set an expiration time on the credential
- Issuer may revoke the credential
- The credentialing system is secure and imposes minimal ongoing burden to retain this characteristic
For the credential itself to have meaning and utility, a 3rd party verifier, such as an institution receiving the credential as part of an application , must be convinced of a certificate's veracity. The following are standard requirements:
Integrity : The content hasn't been tampered with; i.e. it matches what the issuer originally intended (integrity)
Authenticity : Confidence that the issuer is who the certificate claims, and has not been forged
Blockcerts adds the criteria that the above can be done in an environment without requiring trust between parties and without reliance on a central authority. This is a critical component of longevity and efficiency.