It is not clear for me how the consumer (employer) can trust the issuer based only on its public key. In other words, how the consumer authenticate the issuer’s public key?
This concern is not part of the Blockcerts scope currently, but it is an important concern. Here ere are some practical ideas for the short and long term.
Issuers can publish their public keys, making them known to the community, particularly over time. Perhaps registry services will emerge that make this knowledge more convenient. In the cases of school-systems, often the issuers and verifiers interact so much, the keys will be well known.
Issuers could start issuing from a Decentralized Identity Profile (DID) like Blockstack or UPort. The more these DIDs are used, the more reliable their reputation becomes. I can imagine this reputation someday becoming part of the verification process or a separate smart-contract.
Other ideas? Please share!
This is definitely an important issue to will require a more convenient solutions long term.
Thank you so much for this clarifications.
Yes, I have a very small idea and if you want we can first, discuss it in private.
If there are no sensitive content, please post it here so that blockchain enthusiasts like me can get exposure to these suggestions and maybe improve ourselves, in a broader sense.