five questions and answers added after testing

docs/Glossary.md

@@ -2,6 +2,7 @@
 
 ## Abbreviations
 In alphabetic order:\
+CBOR = [Concise Binary Object Representation](#concise-binary-object-representation) 
 DID = [Decentralized Identity](#decentralized-identity) or Digital Identity dependent of the context.\
 DDO = DID Document, look up W3D DID standardization for more info\
 DHT = Distributed Hash Table\
@@ -12,6 +13,9 @@ LOA = [Levels Of Assurance](#levels-of-assurance)\
 PKI = [Public Key Infrastructure](#public-key-infrastructure)\
 PoA = Proof of Authority\
 PR = Pull Request; github terminology\
+SSKR = {TBW prio 2}
+SSSS = Shamir Secret Sharing Scheme
+UR = Universal Resource
 VC = Verifiable Credential, look up W3D DID standardization for more info\
 
 Definitions in alphabetic order:
@@ -25,6 +29,9 @@ Agents can be people, edge computers and the functionality within [`wallets`](#d
 #### Claim
 An assertion of the truth of something, typically one which is disputed or in doubt. A set of claims might convey personally identifying information: ½name, address, date of birth and citizenship, for example. ([Source](https://www.identityblog.com/?p=352)).
 
+#### Concise Binary Object Representation 
+Also CBOR. It is a binary data serialization format loosely based on `JSON`. Like JSON it allows the transmission of data objects that contain name–value pairs, but in a more concise manner. This increases processing and transfer speeds at the cost of human readability. [More](https://en.wikipedia.org/wiki/CBOR)
+
 #### Content-addressable hash
 Content addressing is a way to find data in a network using its content rather than its location. The way we do is by taking the content of the content and hashing it. Try uploading an image to IPFS and get the hash using the below button. In the IPFS ecosystem, this hash is called Content Identifier, or CID.
 #### Controller
@@ -61,7 +68,6 @@ Or JOSE. JOSE is a framework intended to provide a method to securely transfer c
 #### Key
 A mechanism for granting or restricing access to something. MAY be used to issue and prove, MAY be used to transfer and control over _identity_ and _cryptocurrency_. [More](https://en.wikipedia.org/wiki/Key_(cryptography))
 
-
 #### Level of Assurance
 LOA; Identity and other trust decisions are often not binary. They are judgement calls. Any time that judgement is not a simple “Yes/No” answer, you have the option for levels of assurance.
 KERI has the same LOAs for entropy and trust in human behaviour preservering the security of keypairs and preservering their own privacy. It has high LOAs for the cryptographical bindings of controllers and identifiers. Also the validation of witnesses and watchtowers has high a LOA.

docs/Q-and-A.md

@@ -26,7 +26,7 @@ Why should you read or step through the Q&A? To get a different angle to the sam
 ## Beware: A Q&A is always *work in progress*. Tips & help welcome.
 
 ### Disclaimer
-None of the respondents in the **open** repo and presentations have been explicitly named as a source, except for ***Christopher Allen***, ***Wolf mcNally*** and ***@henkvancann***. If there is no reference added to the answers, then it's Christopher Allen who answered the question. Most of the editing is done by @henkvancann, which might have introduced ommission, errors, language glitches and such. Sorry for that, feel free to correct by submitting a pull request (PR).\
+None of the respondents in the **open** repo and presentations have been explicitly named as a source, except for ***Christopher Allen***, *** 🐺 Wolf mcNally*** and ***@henkvancann***. If there is no reference added to the answers, then it's Christopher Allen who answered the question. Most of the editing is done by @henkvancann, which might have introduced ommission, errors, language glitches and such. Sorry for that, feel free to correct by submitting a pull request (PR).\
 For practical reasons educational images uploaded by Github members have been downloaded. We de-personalised them by giving images a new name. Under these new names these images have been uploaded to github and used in the Q&A to clarify the questions and answers.
 
 GordianGuardian's content is licensed under the [CC by SA 4.0. license](https://creativecommons.org/licenses/by-sa/4.0/). 
@@ -72,11 +72,11 @@ We've done our best to protect the privacy of the Github by investigating the im
 - [General](#qa-section-general)
 - [GordianGuardian and DIDs](#qa-GordianGuardian-and-dids)
 - [Wallets](#qa-section-wallets)
-- [Signatures](#qa-section-signatures)
+- [Schemes](#qa-section-schemes)
 - [Proofs](#qa-section-proofs)
 - [Private Key Management](#qa-section-private-key-management)
 - [Blockchain](#qa-key-blockchain)
-- [Root of trust](#qa-section-root-of-trust)
+- [Security](#qa-section-security)
 - [GordianGuardian operational](#qa-section-GordianGuardian-operational)
 - [Agencies](#qa-key-agencies)
 - [Virtual Credentials](#virtual-credentials)
@@ -96,4 +96,56 @@ A seed management tool
 
 # Q&A section GordianGuardian operational
 
-## *Q On what platform or devices does GordianGuardian run?
+## *Q: On what platform or devices does GordianGuardian run?
+March 2021: Currently only iOS Testflight, alpha release.
+
+## I get confused by a *seed request* on one device. Could explain more?
+- [x] github [issue 40](https://github.com/BlockchainCommons/GordianGuardian-iOS/issues/40)
+
+🐺 I'm not sure how to make this clearer. Typically "another device" **will note** be this device. If the requested seed is not already on the device, it obviously can't send it, and will tell you so. It also makes clear the consequences of sending the seed (via the QR Code) to another device.\
+The request URs available [in the test PDFs](https://github.com/BlockchainCommons/GordianGuardian-iOS/tree/master/Testing) are so, you can test a UR similar to what another device would show when requesting a seed from this device.
+
+# Q&A Schemes
+
+## **Q: Is SSKR a rebrand of SSSS, Shamir Secret Sharing scheme?
+- [x] github [issue 37](https://github.com/BlockchainCommons/GordianGuardian-iOS/issues/37)
+🐺 Under the hood SSKR is using the technique of Shamir's Secret Sharing (SSS) but SSKR is a particular packaging of that technique optimized for `CBOR` and `UR`s.
+
+| ===|  | =========================== | 
+|---| -------- | ------------------------ | 
+| | ![](https://i.imgur.com/SYpP0sK.png)     | |
+
+# Q&A Security
+
+## *Q: I can import the same seed twice
+*I can't think of a reason why I would want to import the same seed twice.*
+- [x] github [issue 41](https://github.com/BlockchainCommons/GordianGuardian-iOS/issues/41)
+
+🐺 `ur:crypto-seed` contains metadata like name and notes that can be different. It's up to the user to reconcile these differences.
+
+| ===|  | =========================== | 
+|---| -------- | ------------------------ | 
+| | ![](https://i.imgur.com/y7QwKOI.png)     | |
+
+
+## *Q: Why it is recommended to delete all data from the device before deleting the app?
+🐺 {TBW1}
+- [x] github [issue 36](https://github.com/BlockchainCommons/GordianGuardian-iOS/issues/36)
+
+| ===|  | =========================== | 
+|---| -------- | ------------------------ | 
+| | ![](https://i.imgur.com/QuQ9EZB.png)    | |
+
+## *Q: I swiped to delete a seed, now the settings cog asks me to delete ALL seeds??
+*If as a user 'I don't know that I have to right-left swipe' to delete a rendundant seed, then clicking on the seed and as natural flow, I choose the cog, I might go forward and delete everything, instead of trying to get rid of just one seed.*
+- [x] github [issue 42](https://github.com/BlockchainCommons/GordianGuardian-iOS/issues/42)
+
+| Swipe left | Click on | 
+| -------- | -------- |
+| ![](https://i.imgur.com/3knEgl3.png) | ![](https://i.imgur.com/hqilJcJ.jpg) |
+
+🐺 **You don't have to swipe on a seed to delete it**. Just tap the Edit button and then tap one of the Delete buttons that appear. This is iOS-standard behavior. Swipe-to-delete is a shortcut. Later when we have more settings the "Danger Zone" box will get pushed down further. 
+> The warning message has been clarified to: "All data will be erased from the app, including ALL seeds stored in the device keychain. This is recommended before deleting the app from your device, because deleting an app does not guarantee deletion of all data added to the keychain by that app."
+
+## *Q: Copy paste of a BIP39 seed is a good idea?
+There are security issues related to copy-pasting when your computer has been compromised. On the other hand it's easy and less error prone to copy and paste. It's your choice. You can also type in the 24 word seed.