This specification describes a data model with which one or more recognized entities, such as one or more persons and/or organizations, can be described as known to perform specific actions, such as issuing or verifying a [=verifiable credential=]. The data model enables the publication or direct sharing of such information, providing a cryptographically-verifiable and privacy-preserving mechanism through which a [=holder=] can demonstrate that an entity whose credential they are using is recognized within a particular ecosystem. The specification is designed to interoperate with existing "trust infrastructures", such as X.509 certificate authority lists and ETSI Trust Service Lists, while enabling new decentralized ecosystems to be built using [=verifiable credentials=].
This is an experimental specification and is undergoing regular revisions. It is not fit for production deployment.
The [=verifiable credential=] ecosystem relies on the ability of [=verifiers=] to determine whether a particular [=issuer=] is recognized to perform a particular action, such as [=issuer|issuing=] a certain type of [=verifiable credential=]. Historically, this determination has often been made through out-of-band processes, bilateral agreements, or proprietary registries that are difficult to discover, query, or reason about in an automated way. As [=verifiable credentials=] are increasingly deployed across sectors such as education, healthcare, financial services, and government, the need for a standardized, interoperable mechanism to express and communicate recognition of entities that perform known actions has become critical. Without such a mechanism, ecosystem participants are forced to build bespoke "trust infrastructure", leading to fragmentation, increased integration costs, and barriers to cross-border and cross-sector interoperability.
This specification addresses the challenge of expressing recognized entities, such as people and organizations, and the actions they perform, such as issuing and verifying, in a decentralized manner by defining a data model that any entity can use to publish or share recognition information as a [=verifiable credential=]. Rather than mandating a single central registry, the model allows any entity — a government body, an industry consortium, a standards organization, or even a single individual — to issue a `VerifiableRecognitionCredential` asserting that they know of one or more entities that are recognized to perform specific actions. This design enables a web of overlapping, competing, and complementary "trust registries" to coexist, allowing ecosystem participants to choose the entities they trust and to reason across multiple registries. The specification also supports interoperability with existing "trust infrastructure", such as X.509 certificate authority lists and ETSI Trust Service Lists, allowing existing recognized entity information to be referenced and composed into new decentralized ecosystems.
Readers who are interested in the variety of use cases supported by this specification are urged to read the use cases document. The remainder of this document is organized into the following sections:
A conforming document is any concrete expression of the data model that complies with the normative statements in this specification. Specifically, all relevant normative statements in Section of this document MUST be enforced.
A conforming processor is any algorithm realized as software and/or hardware that generates or consumes a conforming document. Conforming processors MUST produce errors when non-conforming documents are consumed.
This document also contains examples that contain JSON and JSON-LD content. Some of these examples contain characters that are invalid JSON, such as inline comments (`//`) and the use of ellipsis (`...`) to denote information that adds little value to the example. Implementers are cautioned to remove this content if they desire to use the information as valid JSON or JSON-LD.
The following sections outline the data model that is used by this specification for Verifiable Issuer and Verifier Lists.
The data model described in this section has been built using input from a variety of the prior art evaluated for this paper including input from the EBSI Trusted Issuer Registry, ETSI TS 119 612, eSSIF-Lab TRAIN, the Trust over IP Foundation Trust Registry Protocol, and Rebooting the Web of Trust input documents. The data model described in this section is capable of expressing many, but not all, of the concepts described in those other specifications.
The unified data model for this work can be represented as a list of service providers that represent entities or organizations that provide services such as credential issuance or validation. The data model also includes the details of the list operator description.
The properties in this section can be added to objects found in a `VerifiableRecognitionCredential` as defined in Section [[[#verifiablerecognitioncredential]]]. Each general property listed in this section is OPTIONAL; none of the values are required to be provided by an [=issuer=].
| Property | Description |
|---|---|
| id | A URL that identifies the entity in a globally unambiguous way. The value for this property is defined in Section 4.4: Identifiers of the [[[VC-DATA-MODEL]]] specification. |
| type | The type of the entity. The value for this property is defined in Section 4.5: Types of the [[[VC-DATA-MODEL]]] specification. The `type` property MUST be `RecognizedIssuer` if the entity is an [=issuer=] of [=verifiable credentials=]. |
| name | A human-readable name for the entity. The value for this property is defined in Section 4.6: Names and Descriptions of the [[[VC-DATA-MODEL]]] specification. |
| legalName | The official legal name of an organization or entity, as registered with legal authorities, which can differ from the commonly used name. The value MUST be a [=string=]. |
| image | A URL or image data representing a visual identifier for the entity, such as a logo, photograph, or icon. The value MUST be a [=URL=]. |
| url | A URL pointing to the primary website or web resource associated with the entity. The value MUST be a [=URL=]. |
| sameAs | One or more URLs that refer to the same entity in other contexts or systems, enabling cross-reference and verification across different platforms. Each value MUST be a [=URL=]. |
| description | A human-readable description providing details about the entity. The value for this property is defined in Section 4.6: Names and Descriptions of the [[[VC-DATA-MODEL]]] specification. |
| digestMultibase | One or more cryptographic digests used to verify the integrity of resources associated with the entity. The values for this property are defined in Section 5.3: Integrity of Related Resources of the [[[VC-DATA-MODEL]]] specification. |
A recognized entity is any entity that is recognized by an [=issuer=] of a `VerifiableRecognitionCredential` to perform a specific action.
| Property | Description |
|---|---|
| id | A URL that identifies the entity in a globally unambiguous way. The value for this property is defined in Section 4.4: Identifiers of the [[[VC-DATA-MODEL]]] specification. |
| type | The `type` property MUST be `RecognizedEntity`. The value for this property is defined in Section 4.5: Types of the [[[VC-DATA-MODEL]]] specification. |
| recognizedTo | A specific action that the [=recognized entity=] is expected to perform as defined in Section [[[#recognizedaction]]]. This property may occur more than once if the [=recognized entity=] is expected to perform more than one action. |
| recognizedIn | An object that contains a reference to a document of recognized entities that contains this particular [=recognized entity=] as well as the actions it is known to perform. The `id` value of the object MUST be a [=URL=]. The `type` value of the object MUST conform to the type value space defined in the [[[VC-DATA-MODEL]]] specification and SHOULD be `EtsiTrustServiceList`, `x509CertificateAuthorityList`, or `VerifiableRecognitionCredential`. |
Properties from Section [[[#general-properties]]] can be included in addition to the properties above.
A `recognizedIn` with a `type` property of `EtsiTrustServiceList` MUST conform to the [[[ETSI-TRUST-LISTS]]] specification. A list with `type` property of `x509CertificateAuthorityList` MUST conform to the [[[RFC5280]]] specification. A list with a `type` property of `VerifiableRecognitionCredential` MUST conform to this specification.
A recognized action is an action that a [=recognized entity=] is expected to perform.
| Property | Description |
|---|---|
| type | The `type` property MUST be `RecognizedAction`. |
| action | A [=string=] that specifies the name of the action to be performed such as `issue` or `verify`. |
| recognizedBy | A [=URL=], or object containing properties from Section [[[#general-properties]]], of the entity that performed the task of recognizing. |
| outputValidation | The value of the `outputValidation` property MUST be one or more data schemas that provide [=verifiers=] with enough information to determine whether the provided data conforms to the provided schema(s). Each validator MUST specify its `type` (for example, `JsonSchema`) and an `id` property that MUST be a [=URL=] identifying the schema file. The specific type definition determines the precise contents of each data schema. If multiple schemas are present, validity is determined according to the processing rules outlined by each associated `type` property. |
When a verifiable recognition credential is published, it MUST be a conforming [=verifiable credential=], as defined in [[[VC-DATA-MODEL-2.0]]], that expresses the data model specified in the section that follows. It describes the format of a [=verifiable credential=] that encapsulates the recognized entities.
A recognized entity is expressed inside a [=verifiable credential=], enabling a [=holder=] to provide it directly to a [=verifier=]. This mechanism, sometimes called "certificate stapling", increases privacy for the [=holder=] by ensuring that the [=verifier=] does not need to contact the [=issuer=] to retrieve the recognition credential. Still, a [=verifier=] might choose to ignore the [=holder=]-provided [=recognition credential=], even when its authenticity is verifiable, if, for instance, it desires a more recent version of the [=recognition credential=].
| Property | Description |
|---|---|
| id | A [=verifiable credential=] that contains a set of recognized entities MAY express an `id` property to make its retrieval easier for other systems. |
| type | A [=verifiable credential=] that contains a set of recognized entities MUST express a `type` property that includes the `VerifiableRecognitionCredential` value. |
| issuer | The [=issuer=] of the [=verifiable credential=] as defined in the Verifiable Credentials Data Model specification in Section 4.76: Issuer. This object MAY also include other properties listed in Section [[[#general-properties]]]. |
| validFrom | The earliest point in time at which the credential is valid. This property is defined in the Verifiable Credentials Data Model specification in Section 4.6: Validity Period. |
| validUntil | The latest point in time at which the credential is valid. This property is defined in the Verifiable Credentials Data Model specification in Section 4.6: Validity Period. |
| credentialSubject | A set of one or more `RecognizedEntity` objects as defined in Section [[[#recognizedentity]]]. |
The following examples demonstrate how verifiable recognition credentials can be employed in a variety of use cases. The first example below is used to publish information about a set of known universities in a particular nation.
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://www.w3.org/ns/credentials/examples/v2"
],
"type": [
"VerifiableCredential",
"VerifiableRecognitionCredential"
],
"issuer": {
"id": "did:web:learning-commission.example",
"type": "RecognizedIssuer"
},
"validFrom": "2025-01-01T00:00:00Z",
"validUntil": "2030-01-01T00:00:00Z",
"credentialSubject": [{
"id": "did:web:university.example",
"type": "RecognizedEntity",
"name": "Example Tech",
"legalName": "Example Polytechnic University",
"image": "https://university.example/logo.png",
"url": "https://www.university.example/",
"description": "A university providing a great education in Utopia Valley.",
}, {
"id": "did:web:college.example",
"type": "RecognizedEntity",
"name": "Exemplar Community College",
"legalName": "Community College of Examples and ",
"image": "https://college.example/graphics/ecc.png",
"url": "https://college.example/",
"description": "The backbone of learning in the Utopia community.",
}],
"proof": {
"type": "DataIntegrityProof",
"created": "2026-04-10T20:08:22Z",
"verificationMethod": "did:web:accreditor.example#issuance-key-1",
"cryptosuite": "ecdsa-rdfc-2019",
"proofPurpose": "assertionMethod",
"proofValue": "z36XPGByaH3rvtKfwoEQXsnUXUAjwd2Ceiqke1GPfjAPAFYoXKo5ftPdwE7QZ8Mw22SC5LSRQg1d8bhe3252hYJoH"
}
}
The next example is used to publish information about a set of known issuers for a particular type of [=verifiable credential=].
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://www.w3.org/ns/credentials/examples/v2"
],
"type": [
"VerifiableCredential",
"VerifiableRecognitionCredential"
],
"issuer": {
"id": "did:web:learning-commission.example",
"type": "RecognizedIssuer"
},
"validFrom": "2025-01-01T00:00:00Z",
"validUntil": "2030-01-01T00:00:00Z",
"credentialSubject": [{
"id": "did:web:university.example",
"type": "RecognizedEntity",
"name": "Example Tech",
"legalName": "Example Polytechnic University",
"image": "https://university.example/logo.png",
"url": "https://www.university.example/",
"description": "A university providing a great education in Utopia Valley.",
"recognizedTo": {
"type": "RecognizedAction",
"action": "issue",
"recognizedBy": "did:web:learning-commission.example",
"outputValidation": {
"id": "https://learning-commission.example/credentials/bachelors.json",
"type": "JsonSchema",
"digestMultibase": "uEiBZl963sknNAHgPyslVv6VztZpfWQoRvW1htfx-UwirFo",
}
}
}, {
"id": "did:web:college.example",
"type": "RecognizedEntity",
"name": "Exemplar Community College",
"legalName": "Community College of Examples and ",
"image": "https://college.example/graphics/ecc.png",
"url": "https://college.example/",
"description": "The backbone of learning in the Utopia community.",
"recognizedTo": {
"type": "RecognizedAction",
"action": "issue",
"recognizedBy": "did:web:learning-commission.example",
"outputValidation": {
"id": "https://learning-commission.example/credentials/associates.json",
"type": "JsonSchema",
"digestMultibase": "uEiWQoRvpfWW1htfsknNAHgPyslVv6VztZpfwirFoBZl963",
}
}
}],
"proof": {
"type": "DataIntegrityProof",
"created": "2026-04-10T20:08:22Z",
"verificationMethod": "did:web:accreditor.example#issuance-key-1",
"cryptosuite": "ecdsa-rdfc-2019",
"proofPurpose": "assertionMethod",
"proofValue": "z36XPGByaH3rvtKfwoEQXsnUXUAjwd2Ceiqke1GPfjAPAFYoXKo5ftPdwE7QZ8Mw22SC5LSRQg1d8bhe3252hYJoH"
}
}
The final example below is used to publish information about an entity that publishes an European Union ETSI Trust Services list [[ETSI-TRUST-LISTS]].
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://www.w3.org/ns/credentials/examples/v2"
],
"type": [
"VerifiableCredential",
"VerifiableRecognitionCredential"
],
"issuer": "did:web:ec.europa.example",
"validFrom": "2025-01-01T00:00:00Z",
"validUntil": "2030-01-01T00:00:00Z",
"credentialSubject": [{
"id": "did:web:ec.europa.example",
"type": "RecognizedEntity",
"name": "Utopian Commission",
"legalName": "The Utopian Commission",
"image": "https://ec.europa.example/logo.png",
"url": "https://ec.europa.example/",
"recognizedIn": {
"id": "https://ec.europa.example/tsl/lotl.xml",
"type": "EtsiTrustServiceList",
"name": "Utopian Commission List of the Lists"
}
}],
"proof": {
"type": "DataIntegrityProof",
"created": "2026-04-10T20:08:22Z",
"verificationMethod": "did:web:ec.europa.example#issuance-key-1",
"cryptosuite": "ecdsa-rdfc-2019",
"proofPurpose": "assertionMethod",
"proofValue": "z36XPGByaH3rvtKfwoEQXsnUXUAjwd2Ceiqke1GPfjAPAFYoXKo5ftPdwE7QZ8Mw22SC5LSRQg1d8bhe3252hYJoH"
}
}
This section details the general privacy considerations and specific privacy implications of deploying this specification into production environments.
Readers are urged to familiarize themselves with the general privacy advice provided in the Privacy Considerations section of the Verifiable Credentials specification before reading this section. Implementers are expected to apply the general warnings provided in that specification to each specific feature provided by this specification.
A `VerifiableRecognitionCredential` publicly lists named organizations and people with their identifiers, legal names, URLs, and images. Aggregating these across multiple lists enables profiling and surveillance of recognized entities. This section should discuss the risks of publishing richly-described entity information, especially for individuals, and guidance for issuers on minimizing disclosure. For example, a list of recognized entities that is published to a private group can escape that group if any group member decides to publish the information outside of the private group. Suggest that selective disclosure does not provide much protection here because it requires honest actors.
Having holders provide recognition credentials preserves privacy better than having the verifier reach out to the issuer to retrieve the recognition credential.
A `VerifiableRecognitionCredential` can reveal the membership structure of a private or sensitive ecosystem, such as healthcare credential issuers or financial service providers. Publishing or widely sharing such credentials can expose which entities participate in that ecosystem, which can be commercially sensitive or create targeting risks. This section should discuss when and how to limit the distribution of recognition credentials that describe sensitive ecosystems, possibly suggesting that it is not possible to limit distribution of recognition credentials and thus creating them for sensitive ecosystems might be an anti-pattern. In general, if you build certain lists with certain memberships, it might have negative effects on individuals (harm by association) -- unintended or not.
There are a number of security considerations that implementers should be aware of when processing data described by this specification. Ignoring or not understanding the implications of this section can result in security vulnerabilities.
Readers are urged to familiarize themselves with the general security advice provided in the Security Considerations section of the Verifiable Credentials specification before reading this section.
While this section attempts to highlight a broad set of security considerations, it is not a complete list. Implementers are urged to seek the advice of security and cryptography professionals when implementing mission critical systems using the technology outlined in this specification.
When a [=holder=] receives a `VerifiableRecognitionCredential` and shares it with others, there is a risk that the credential has not been properly vetted. A malicious or negligent actor could craft a `VerifiableRecognitionCredential` that lists fraudulent or compromised entities as recognized issuers or verifiers, and propagate it peer-to-peer across an ecosystem. Recipients who accept and act upon such a credential without independent verification might unknowingly accept [=verifiable credentials=] from untrustworthy sources, exposing themselves and others to fraud, data breaches, or credential forgery. The decentralized nature of this specification, while a strength, amplifies this risk: a single unvetted credential shared widely can rapidly corrupt the trust assumptions of many parties in an ecosystem.
To mitigate these dangers, deployments are expected to independently verify the cryptographic integrity and provenance of any `VerifiableRecognitionCredential` before acting upon it or sharing it further. This includes confirming that the [=issuer=] of the credential is a party the implementer has an established reason to trust for the given recognition domain, and that the credential has not expired or been revoked. Implementers cannot rely solely on the fact that a peer has already accepted a credential as evidence of its validity. Instead, a [=verifier=] needs to vet the issuer of the recognition credential as well as the [=recognized action=] independently of receiving the `VerifiableRecognitionCredential` and can only depend on information from the credential once trust has been established on the issuing entity.
A malicious actor could create a `VerifiableRecognitionCredential` that mimics a
well-known recognizing authority by using a similar `issuer` identifier or name.
Verifiers who manually add VRCs to their software, that do not independently
validate the issuer's identifier against a known root of trust, could be deceived
into accepting fraudulent recognition claims. This section should discuss how to
detect and prevent issuer impersonation and the importance of verifying issuer
identifiers through authoritative out-of-band means.
Note that appropriate bindings to protocols and user interactions (such as an
individual receiving a request from origin). It would be good if a wallet
communicates: "I have a recognition credential for this origin/issuer from
someone you trust" (if there is a check made that binds request to origin
-- TLS used, for example) and that's associated with issuer in VRC. It would be
good for this section to talk about how protocols can bind this sort of
information together to help individuals not fall for scams.
Recognition credentials with excessively long `validUntil` periods may remain in circulation long after a recognized entity has been suspended, revoked, or compromised. Conversely, overly short validity periods create operational burden. This section should discuss appropriate selection of validity periods and the importance of pairing validity periods with robust revocation mechanisms. The section should speak to organization/individual end of life as well. How long a period should be is dependent on list size and diversity -- the larger the list, the shorter the timeline (24-48 hours?); the smaller the list, the longer the timeline (weeks to months). Want to be able to add entities on reasonable timeframes. Ecosystems might desire list aggregators -- accreditation bodies might have longer periods. The section should explain the justification for having a longer period -- why go longer than 24-48 hours?
The `outputValidation` property references external schema files via URL. If those URLs are not protected by `digestMultibase` or other integrity checks, an attacker who compromises the schema host can alter validation rules without invalidating the recognition credential, causing verifiers to accept credentials that no longer conform to the intended schema. This section should discuss the importance of using content integrity protection for all externally referenced resources.
The `recognizedIn` property allows recognition credentials to chain to other registries such as ETSI Trust Service Lists, X.509 certificate authority lists, or other `VerifiableRecognitionCredential`s. A compromised or malicious entry in a lower-level registry could be transitively trusted if verifiers do not enforce depth limits or validate each link in the chain independently. This section should discuss safe practices for traversing chained recognition structures and the risks of unbounded transitive trust.
The `action` property is a free-form string (e.g., `issue`, `verify`). Without strict governance of allowable action values within an ecosystem, recognized entities may present credentials claiming broad or undefined actions that verifiers interpret more permissively than intended, leading to unauthorized use beyond the issuer's intent. This section should discuss the importance of ecosystem-level governance of action vocabularies and how verifiers should handle unrecognized action values.
This specification was designed with awareness of existing "trust infrastructure" technologies, three of which are described below. The data model defined in this specification is capable of expressing many of the concepts found in these technologies and is designed to interoperate with them via the `recognizedIn` property.
The European Telecommunications Standards Institute (ETSI) defines a format for Trust Service Lists (TSLs) in [[?ETSI-TRUST-LISTS]], which is used across the European Union to publish lists of trusted service providers — entities authorized to issue electronic signatures, seals, timestamps, and other trust services under the eIDAS regulation. Each EU member state publishes a national TSL, and the European Commission publishes a List of the Lists (LoTL) that references each national TSL, forming a well-defined, hierarchical trust federation.
ETSI Trust Service Lists share several conceptual goals with this specification: both describe entities that are recognized to perform specific actions, associate those entities with identifying metadata, and are intended to be consumed by relying parties during validation. However, this specification differs from ETSI Trust Service Lists in several key ways:
X.509 [[RFC5280]] is a standard for public key infrastructure (PKI) that defines the format for certificates and certificate chains. Certificate Authorities (CAs) are entities trusted to issue X.509 certificates that bind a public key to an identity. Trust in a CA is typically established through inclusion in a browser or operating system trust store — a curated list of root CAs — or through a certificate chain that traces back to such a root.
X.509 CA infrastructure and this specification both address the problem of establishing whether a given entity can be relied upon to perform a specific action within a given context. However, this specification differs from X.509 CA lists in several key ways:
ISO/IEC 18013-5 defines the mobile Driving License (mDL), a standard for expressing driver's licenses as mobile documents (mDocs). As part of that ecosystem, the standard defines a Verified Issuer Certificate Authority List (VICAL), which is a signed data structure containing a list of entities that are recognized as certificate authorities empowered to issue mDLs. A relying party uses the VICAL to determine whether the issuer of a presented mDL is trusted within its jurisdiction.
The VICAL concept and this specification share the goal of enabling relying parties to determine whether a credential issuer is recognized within a particular ecosystem. However, this specification differs from the mDL VICAL in several key ways:
The Working Group thanks the following individuals for significant contributions to the community: TBD
Work on this specification has been supported by the Rebooting the Web of Trust community facilitated by Christopher Allen, Joe Andrieu, and Erica Connell. The participants in the Internet Identity Workshop, facilitated by Phil Windley, Kaliya Young, Doc Searls, and Heidi Nobantu Saul, also supported the refinement of this work through numerous working sessions designed to educate about, debate on, and improve this specification.
The Working Group would like to thank the following individuals for reviewing and providing feedback on the specification (in alphabetical order):