Thanks for sending these, James. I hadn't actually captured them in the minutes (my bad).
Regarding the second question, this is exactly where I think we need to apply some caution and forward thinking. As noted in the final question in the minutes, trust elevation is a broad topic and claims are not the only mechanism possible; extensibility is important to account for. (Unless Justin's use of "claims" is meant to deliberately broaden well past its current definition? It applies exclusively to RqPs now.)
Other mechanisms we've discussed:
- Client characteristics that can be detected in client-AS interaction or that the client can be trusted to convey
- Environmental characteristics that can be detected in client-AS interaction or that the client can be trusted to convey
- Smart contracts with the RqP
See also
issue #249, wherein I discuss wanting a claims-like mechanism for Client Operators so that Alice can constrain uses of her data when it comes to the companies operating the apps she uses. (This straddles technical and legal topics.)