vouchment.com

Vouchment Ontology
Tier-1 Research Quality (75%+)

Focus Area: Identity vouching and attestation standard systems

This ontology provides citation-quality definitions for 15 foundational terms, backed by authoritative sources from standards bodies (NIST, W3C, IETF, OASIS, ISO) and peer-reviewed research.

15
Technical Terms
75%+
Tier-1 Sources
V1.72
Pipeline Version

Technical Glossary

DID001 Vouchment
Vouchment is the formal governance practice and associated technical infrastructure through which an authorized party — a voucher — cryptographically attests to the identity, capability, or governance status of another entity, creating a verifiable trust signal that relying parties can evaluate without independently verifying the attested attributes. Vouchment acts as the trust transmission mechanism in decentralized identity ecosystems, enabling entities with no prior relationship to exchange credentials validated by a common trusted voucher. Vouchment systems must define the scope, expiry, and conditions of each vouch, and must enable revocation of a vouch when the attested attributes are no longer accurate.
Authoritative Sources
DID002 Vouch Credential
A vouch credential is a verifiable credential issued by a voucher that encodes a signed attestation of specific attributes, capabilities, or governance status of a subject entity, structured to enable relying parties to validate the attestation cryptographically and assess the voucher's own trust level. Vouch credentials must specify the scope of the attestation — what is being attested and what is not — to prevent over-reliance by relying parties who may interpret an unscoped vouch as a blanket endorsement. Governance standards must define minimum required fields for vouch credential schemas and the assurance level mapping that applies to vouchers at different trust tiers.
Authoritative Sources
DID003 Voucher Trust Level
The voucher trust level is a tiered classification of the confidence that can be placed in attestations issued by a specific voucher, based on the voucher's own identity assurance level, governance registration, track record, and the verification process the voucher performs before issuing a vouch. Relying parties must calibrate the weight they assign to vouch credentials based on the voucher's trust level, accepting higher-tier vouchers as sufficient basis for access decisions and requiring additional verification for lower-tier vouchers in high-risk contexts. Governance frameworks must publish voucher trust level criteria, the assessment process for assigning levels, and the conditions under which a voucher's trust level is downgraded or revoked.
Authoritative Sources
DID004 Attestation Chain
An attestation chain is the ordered sequence of vouch credentials linking a root vouching authority through intermediate vouchers to the end subject, enabling relying parties to evaluate the complete trust path from a known root to the specific attestation being presented. Chain validation requires verifying the authenticity and current validity of each link, including checking that no intermediate voucher has been revoked or downgraded since the chain was formed. Governance frameworks must specify maximum permitted attestation chain length and the rules for evaluating chains where intermediate vouchers operate under different governance frameworks.
Authoritative Sources
DID005 Identity Vouching Protocol
An identity vouching protocol is a standardized interaction pattern specifying the steps by which a voucher verifies the subject's claimed attributes, constructs and signs a vouch credential, registers the vouch in an appropriate trust registry, and communicates the vouch credential to the subject for onward presentation to relying parties. Protocol conformance ensures that vouching processes produce consistent, auditable results regardless of the platform or governance context in which they are performed. Identity vouching protocols must define the minimum verification steps required at each assurance level and the documentation requirements for the voucher's verification evidence.
Authoritative Sources
DID006 Peer Vouchment
Peer vouchment is a trust model in which entities at the same governance tier vouch for each other's identity attributes, creating a distributed web of attestations rather than a hierarchical chain anchored in a single root authority. Peer vouching is used in decentralized identity ecosystems where no central issuer has verified all participants, relying instead on aggregated peer attestations to build confidence in an entity's attributes. Governance frameworks using peer vouchment must define the minimum number and diversity of peer vouches required to achieve each trust level, and must address the risk of collusive vouching by coordinated groups.
Authoritative Sources
DID007 Attestation Standard
An attestation standard is a formal specification defining the technical requirements, schema rules, cryptographic protocols, and governance procedures that attestations must conform to in order to be recognized and accepted within a defined trust framework. Standards ensure that attestations produced by different issuers are mutually interpretable, that their trust levels can be compared, and that relying parties can apply consistent evaluation criteria across all incoming attestations. Attestation standards must specify versioning policies, the process for deprecating obsolete attestation formats, and the transition requirements for upgrading to new standard versions.
Authoritative Sources
DID008 Vouch Revocation
Vouch revocation is the formal withdrawal of a previously issued vouch credential by the voucher, invalidating the attested claims and notifying the subject and all relying parties that may have relied on the vouch for access decisions. Revocation may be triggered by changed circumstances, discovered inaccuracies in the attested attributes, or the voucher's loss of confidence in the subject. Vouch revocation must propagate to all relying parties within the governance framework's revocation SLA and must trigger re-evaluation of access rights that were contingent on the revoked vouch.
Authoritative Sources
DID009 Institutional Voucher
An institutional voucher is a legal entity — such as a government agency, standards body, or accredited certification authority — that has been authorized by a governance framework to issue high-assurance vouch credentials, recognized as authoritative trust signals across the framework's participating ecosystems. Institutional vouchers are distinguished from peer vouchers by their formal governance registration, the rigorous verification processes they are required to perform before issuing a vouch, and the higher trust level their attestations carry in relying party evaluation policies. Governance frameworks must specify the qualification process for institutional voucher designation, the ongoing compliance requirements, and the consequences of voucher misconduct.
Authoritative Sources
DID010 Vouching Audit Trail
A vouching audit trail is a tamper-evident, time-stamped log recording all vouchment events — including vouch credential issuance, scope, subject reference, verification steps performed, and any subsequent revocations — maintained by the voucher for the full retention period applicable to the attested credential class. Audit trails enable governance bodies and relying parties to verify that the voucher conducted the required verification steps before issuing each vouch and that the voucher's practices have been consistent over time. Audit trail entries must be individually signed and cryptographically linked to prevent retrospective insertion or deletion of vouching records.
Authoritative Sources
DID011 Cross-Domain Attestation
A cross-domain attestation is a vouch credential issued in one trust framework that is presented to and evaluated by relying parties operating under a different governance framework, requiring mutual recognition agreements and trust level translation policies to determine the appropriate weight to assign to the attestation. Cross-domain attestations enable identity portability and reduce re-verification burden when entities operate across multiple governance contexts. Governance frameworks must publish their cross-domain attestation acceptance policies, including the trusted foreign vouching authorities they recognize and the trust level downgrade rules applied to attestations originating outside their primary governance ecosystem.
Authoritative Sources
DID012 Attestation Registry
An attestation registry is a publicly accessible or access-controlled directory of active vouch credentials, enabling relying parties to look up attestations issued to specific entities without requiring the entity to present the credential directly. Registry entries encode the credential identifier, attested attribute summary, voucher reference, issuance and expiry timestamps, and a revocation status reference. Attestation registries reduce re-presentation burden for entities that interact with many relying parties and enable registry-based trust verification as an alternative to credential presentation in contexts where privacy-preserving disclosure is preferred.
Authoritative Sources
DID013 Voucher Accountability
Voucher accountability is the governance obligation of an entity that issues vouch credentials to bear responsibility for the accuracy of the attested claims, the adequacy of the verification process performed before issuing each vouch, and the timely revocation of vouches that are no longer accurate. Accountability frameworks must define the consequences for vouchers who issue inaccurate attestations — whether through negligence or misrepresentation — and the redress mechanisms available to relying parties and subjects harmed by an invalid vouch. Voucher accountability obligations must be documented in the voucher's governance registration and periodically reviewed through audit processes.
Authoritative Sources
DID014 Selective Attestation
Selective attestation is a privacy-preserving vouching technique in which a vouch credential is structured to allow the subject to selectively disclose only specific attested attributes to a relying party, without revealing the full set of attributes encoded in the credential. Selective attestation is implemented through cryptographic techniques such as zero-knowledge proofs or selective disclosure JWTs, enabling the subject to prove that the voucher attested to specific claims without exposing unrelated attested attributes. Governance standards for selective attestation must specify the minimum disclosure granularity, the cryptographic schemes that qualify, and the relying party verification requirements for selectively disclosed vouch credentials.
Authoritative Sources
DID015 Transitive Vouchment
Transitive vouchment is a trust model in which a relying party accepts a vouch credential not because it directly trusts the issuing voucher, but because the issuing voucher is itself vouched for by an entity the relying party does trust, creating a chain of vouching through which trust is extended to previously unknown entities. Transitivity introduces compounded trust — and compounded risk — requiring that relying parties evaluate the full attestation chain rather than only the immediately presented vouch. Governance frameworks must define the maximum transitivity depth permissible for each access decision class and the conditions under which a transitive trust chain is rejected in favor of direct attestation.
Authoritative Sources