+ +
+The APIs provided by this specification enable the deletion of +verifiable credentials and verifiable presentations from +storage services. The result of these deletions +and the side-effects they might cause are out of scope for this specification. +However, implementers are advised to understand the various ways deletion can be +implemented. There are at least two types of deletion that are contemplated by +this specification. +
+ ++Partial deletion marks a record for deletion but continues to store +some or all of the original information. This mode of operation can be useful if +there are audit requirements for all credentials and/or presentations over +a particular time period, or if recovering an original credential might be a +useful feature to provide. +
++Complete deletion purges all information related to a given +verifiable credential or verifiable presentation in a way that +is unrecoverable. This mode of operation can be useful when removing information +that is outdated and beyond the needs of any audit or when responding to any +sort of "right +to be forgotten" request. +
++When deleting a verifiable credential, handling of its status +information needs to be considered. Some use cases might call for deletion +of a particular verifiable credential to also set the revocation +and suspension bits of that verifiable credential, such that any sort of +status check for the deleted credential fails and use of the credential is +halted. +
++Given the scenarios above, implementers are advised to allow the system actions +that occur after a delete to be configurable, such that system flexibility is +sufficient to address any verifiable credential use case. +
+