Where is authorizedRevokingParties stored?

[nicksmd]

the authorizedRevokingParties is mentioned in the blockcerts-revocation paper several times. Where is it stored to ensure that the revocation process is decentralized?

[jandrieu]

@kimdhamilton This one is for you.

[ChristopherA]

It depends on what kind of DID is used by the blockcert.

In the BTCR method for DIDs, if the unspent output (aka UTXO) of the destination address of the DID transaction is spent without use of a op_return output, the DID is considered to be revoked. This information is available on every bitcoin full-node in the world within a few minutes, and is confirmed in ~10 minutes. It is as decentralized as bitcoin is.

Other DID methods use different techniques for revocation.

[kimdhamilton]

In this paper, @joaosantos15 and I presented a solution where the set of authorized revokers are flexible and use case dependent. The authorized revokers are stored in the contract, so this assumes that at issuance time (and revocation contract creation time) these individuals are known.

The intent for Blockcerts scenarios is that the issuer or recipient would be able to revoke that recipient's credential by assertion uid (an open badges concept).

Note that this paper is pretty old so it's not using the Verifiable Credentials scheme or DIDs.

Furthermore, our approach has downsides which we mention in the paper, one of which is that it enables correlation. Future revisions would attempt to address this.