Revocation methods
Linked Validity Verifiable Credentials
Linked Validity Verifiable Credentials (LVVC) is a privacy-preserving revocation method. Instead of relying on a connection between the issuer and verifier, LVVC attaches a small credential to each credential issued. This small credential, the "LVVC", has a short lifespan and the holder must connect to the issuer to renew. The verifier determines how fresh the LVVC must be for validation, according to their risk model.
For more information on the LVVC revocation method, see the initial draft.
Bitstring Status list
Procivis One implements the Bitstring Status List v1.0 specification. This revocation method gives verifiers a kind of list to refer to to check the revocation status of a credential.
When using this method, the issuer keeps a bitstring list of all the credentials it has issued. Each credential holds a position on this list. Each bit on the bitstring has a binary value indicating whether the associated credential is valid or has been revoked. The credential contains the means for the verifier to look up this list via URL and also contains the position of the credential on the bitstring list.
For credentials issued with this method, the system creates and maintains the list referenced in the credential so that verifiers can retrieve validity status.
Token Status List
This revocation method gives verifiers a kind of list to refer to to check the revocation status of a credential.
When using this method, the issuer maintains a bitstring list representing the status of issued credentials. Each credential contains both a status index and a status list URL. The status index indicates which bit in the list corresponds to that credential's validity. The verifier uses the URL from the credential to fetch the current bitstring list and checks the bit at the specified index to determine validity.
Procivis One supports Token Status List via HTTPS in JWT representation. For credentials issued with this method, the system creates and maintains the list referenced in the credential so that verifiers can retrieve validity status.
No revocation method
When no revocation method is chosen, issued credentials cannot be revoked and remain valid indefinitely.