Comments (10)
The revocation of a credential is a unilateral step by the Issuer, so in theory there is no need to notify the Holder. However, as you point out, it is likely that the Issuer will attempt to notify the Holder. I think the best way to do that is via the Credential Offer, where the Issuer offers the Holder a replacement credential with the latest update (e.g. end date of employment when a person is fired or quits their job). I'm going to propose that as a v1.1 update to the "Issue-Credential" protocol.
As you pointed out on Rocketchat, there is the case of an Issuer revoking a credential and not offering a new credential that has to be covered. That likely needs to be another protocol with a single message from the Issuer, with an optional "ack" back from the Holder.
On your second point, the intention of the "issue-credential" message is that it is just passing along the Indy generated parameters for an Indy-based credential issuance. If the revo reg. is missing, that is an unintentional omission that does indeed need to be fixed. @TelegramSam, @dbluhm, @andrewwhitehead - could one of you see if that is missing from the issue credential RFC message?
from aries-rfcs.
@swcurran @smithbk there is already a rev_reg_def_id
attribute in the Indy-specific payload for issue-credential
described in the RFC
from aries-rfcs.
@llorllale The value of rev_reg_def_id
described in the RFC is simply an ID string and is the 1st return value from issuerCreateAndStoreRevocReg
, but the call to proverStoreCredential requires revRegDef
which is a JSON string and is the 2nd return value from issuerCreateAndStoreRevocReg
.
from aries-rfcs.
Is this blocking PR #158 to update the credentials HIPE to accepted status or would this be optional? From what I gather we may want to define this as a separate RFC and separate message in the family.
from aries-rfcs.
@kdenhartog I assume you are referring to the 1st point about adding a new revocation message. I agree that this can be in a separate message family and therefore would not prevent RFC 36 from being accepted. However, I think the 2nd point should be addressed in RFC 36 simply by adding a rev_reg_def
field to the issue-credential
message.
from aries-rfcs.
As per the recent update to the credential RFC, the JSON structure with the rev_reg_def_id
needs to be removed from the RFC. We are intentionally leaving out of these RFC credential exchange implementation specific data structures for reasons like this - they should be in the implementation specs.
I'll submit a PR now for that.
@smithbk - are you going to propose a revocation notification RFC?
from aries-rfcs.
PR submitted.
from aries-rfcs.
@swcurran Yes, done ... see https://github.com/hyperledger/aries-rfcs/pull/183/files
from aries-rfcs.
I see the PR has now been merged. Can we close this issue now?
from aries-rfcs.
Yes - closing this issue based on the following:
- a separate RFC has been raised about notifying a holder about the revocation of a credential they hold
- The missing field was in a data structure that should not have been in the RFC and has been removed.
- A future version (1.1) of the Credential Exchange protocol will be raised soon to add the notification of revocation in the Credential Offer message.
On the latter, since it has been taking so long to get the 1.0 version of the protocol moved from proposal that I feel like we should just put it in that version. It's been talked about since the very first HIPE.
Oh well...let's keep this moving.
from aries-rfcs.
Related Issues (20)
- RFC 0592 Proof Request includes nonce that is also required for a proof proposal HOT 2
- Outdated "problem_report" in Connection Protocol HOT 2
- Inconsistency in DIDComm mime-type HOT 1
- Issue Credential: initiate with issue message HOT 10
- Eliminate the use of %VER in the RFCs in favor of the explicit version in the method IDs
- Credential attribute for images/photos HOT 4
- [string](string) does not exist
- Add "watermark" to the Meta Overlay in the OCA for Aries RFCs HOT 1
- Message Content Type HOT 2
- Signal holder app when a transaction is done
- Credential Metadata about how to get a credential
- #0453 V2 issue-credential: review HOT 2
- Clarification on encoding format of attachment data in `Delivery` message of RFC-0685-pickup-v2 HOT 1
- Out of band - proposing change ( `services` VS `from` ) HOT 1
- Clarity on nullability of `credential_preview` in issue-credential-v2 offers (Aries RFC 0453) HOT 8
- add clarification to RFC 0510 on how to use with JWT VPs
- Is a JSON string valid to be used in attachment data `json`?
- Special case of threading in didexchange #0023 ? HOT 9
- Using `oobUrl` in `didcomm://` deeplink for linking with shortened url HOT 6
- List of additions to the published Aries RFCs mkdocs/gh-pages Website
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aries-rfcs.