light-mode-image
Learn

DTS options

The options MATTR offers for publishing and consuming trust, and which category of trusted list each one serves.

MATTR offers several options for publishing and consuming trust. Each option serves one of the categories described in Trusted Lists, so you can pick the mechanism that matches the kind of trust you need to publish or consume.

There are different models for a Digital Trust Service to make its trust framework available for consumption. You can download trust information from publicly available websites, from public APIs, or from authenticated APIs (which may require onboarding and potentially involve commercial terms).

Ecosystem policies via MATTR VII APIs

Serves: Trusted Issuer Lists and Trusted Reader Lists.

MATTR VII ecosystem capabilities let a network operator publish policies that describe which participants may issue and which may verify each credential type. Issuers, holders, and verifiers retrieve this information through publicly available or authenticated APIs and integrate it into their solutions.

A policy defines what credential types (identified by their format and type/docType) can be issued and/or verified by which participants (identified by their IACA/DID). Retrieve the current policy through the ecosystem policy API, or consume it through the MATTR Pi Holder, Verifier Web, and Verifier Mobile SDKs, or through MATTR GO Hold and GO Verify.

VICAL: standardized issuer trust lists

Serves: Trusted Issuer Lists.

A VICAL (Verified Issuer Certificate Authority List) is a mechanism defined in the ISO/IEC 18013-5 standard to support establishing trust in networks where relying parties need to verify credentials issued by numerous different issuers. The VICAL operator collects and validates IACAs from different issuing authorities, then cryptographically signs them into a single list that relying parties can consume.

VICAL is the concrete, standards-based implementation of a Trusted Issuer List. See the VICAL overview, guide, and consumption pages to implement it.

RICAL: reader trust lists

Serves: Trusted Reader Lists.

A RICAL (Reader Certificate Authority List) is the mechanism for publishing which readers (verifiers) are authorized to request credentials. Holders and wallets consume a RICAL to confirm that a verifier is trusted before presenting data to it.

RICAL is the concrete implementation of a Trusted Reader List. See the RICAL overview, guide, and consumption pages to implement it.

Choosing an option

You want to publish or consumeCategoryUse
Which participants may issue or verify a credential typeIssuer and Reader listsEcosystem policies via MATTR VII APIs
A signed list of trusted issuer certificate authoritiesIssuer listsVICAL
A list of trusted readers (verifiers)Reader listsRICAL
Certified wallets and technologiesTrusted walletsWallet attestation and trust framework criteria

Once your application consumes trust information from a DTS, verification and presentation processes are greatly simplified. Establishing trust with every individual issuer or verifier is delegated to the DTS operator.

How would you rate this page?

Last updated on

On this page