Let’s try to understand
A credential does not stay trustworthy just because it was once issued correctly. That is the part I keep coming back to with Sign’s revocation and status model. If validity can change over time, then who keeps that truth current across every verifier and every system? If one service checks live status and another relies on stale data, are they still reading the same credential? And if a record stays visible after revocation, what exactly is being preserved — history, trust, or just proof that something once existed? That is where portable credentials stop being simple records and start becoming living systems.