Add section in privacy considerations about issuer.

Co-authored-by: Ted Thibodeau Jr <[email protected]>
Co-authored-by: Manu Sporny <[email protected]>

Author: 3 people

index.html

@@ -4621,7 +4621,35 @@ <h3>Private Browsing</h3>
       </p>
     </section>
 
+    <section class="informative">
+      <h3>Issuer Cooperation Impacts on Privacy</h3>
+
+      <p>
+It cannot be overstated that <a>verifiable credentials</a> rely on a high
+degree of trust in <a>issuers</a>. The degree to which a <a>holder</a> might take
+advantage of possible privacy protections often depends strongly on the support
+an <a>issuer</a> provides for such features. In many cases, privacy protections
+which make use of zero-knowledge proofs, data minimization techniques, bearer
+credentials, abstract claims, and protections against signature-based
+correlation, require the <a>issuer</a> to actively support such capabilities and
+incorporate them into the <a>verifiable credentials</a> they issue.
+      </p>
+      <p>
+It should also be noted that, in addition to a reliance on <a>issuer</a>
+participation to provide <a>verifiable credential</a> capabilities that help
+preserve <a>holder</a> and <a>subject</a> privacy, <a>holders</a> rely on
+<a>issuers</a> to not deliberately subvert privacy protections. For example, an
+<a>issuer</a> might sign <a>verifiable credentials</a> using a signature scheme
+that protects against signature-based correlation. This would protect the
+<a>holder</a> from being correlated by the signature value as it is shared among
+<a>verifiers</a>. However, if the <a>issuer</a> creates a unique key for each
+issued <a>credential</a>, it might be possible for the <a>issuer</a> to track
+<a>presentations</a> of the <a>credential</a>, regardless of a <a>verifier</a>'s
+inability to do so.
+      </p>
+    </section>
 
+    
   </section>
 
   <section class="informative">