Comments (5)
@gobengo issuer in data integrity is "better" than jwt iss
as it can be extended as an object whereas iss
is always a string. He thinks the example should be
"issuer": {
"id": "https://university.example/issuers/565049"
}
as it shows off it can be extended.
I tend to agree adding code for finding the issuer did has always bothered me.
I think issuer
should always be an object with an id
from vc-data-model.
It is recommended that roles be expressed with objects instead of strings.
objects are easily extended, strings are not.
graph nodes are a major part of the value of the spec, graph node id's hide that value.
switching types will cause higher burden in safer languages like go and rust.
It is recommended that types be expressed with arrays instead of strings.
arrays are easily extended, strings are not.
switching types will cause higher burden in safer languages like go and rust.
- these recommendations will make the VCs have more bytes (e.g. compared to JWTs with
iss
and string value), so these recommendations shouldn't be used later as part of any argument about which VC serialization costs more bytes/processing time.
I don't need to use bytes to make that argument, I actually encountered this issue first using JSON Pointers with ecdsa-sd.
consider the following:
"/issuer/id",
"/issuer",
The shape of the JSON changing causes extra burden to all algorithms that process the data model.
You will find extra logic checking for string, array, object
everywhere polymorphism is encouraged.
There will be more bugs.
JSON shape is not the primary performance issue with the spec anyway, its "sign and verify time" when you do canonicalization / media type conversion... instead of just signing bytes.
https://transmute-industries.github.io/vc-jwt-sd/
from vc-data-model.
Seems reasonable. Caveats:
- If possible it is nice to have a rationale with any recommendations, both to help noobs understand why they were recommended in the average case while also helping advanced users understand why/when it may be appropriate to deviate from the recommendations
- @OR13 since you filed the issue proposing these recommendations, would you be willing to include your rationale for recommending them?
- these recommendations will make the VCs have more bytes (e.g. compared to JWTs with
iss
and string value), so these recommendations shouldn't be used later as part of any argument about which VC serialization costs more bytes/processing time.
from vc-data-model.
- @OR13 since you filed the issue proposing these recommendations, would you be willing to include your rationale for recommending them?
I think @OR13's point is more -- it would make developers' lives easier if we picked ANY combination, and enforced it (via json schema, etc). The individual choices matter less, if devs don't have to constantly be like "if this field is a string, do this, if it's an array, do this" etc.
👍 to this issue, @OR13. I don't know if we have time for this change, CR-wise, but I think it would be better for the spec.
from vc-data-model.
I'm +1 on all of the above too because I've also had to write tedious code to check for the polymorphism. Because of that I tend to follow the above recommendations anyway, but have at least once had a reviewer balk at { "type": ["VerifiableCredential"] }
.
Thanks @OR13 for elaborating on the rationale, which includes some reasons I hadn't thought of.
One reason I asked is I didn't understand what this meant
This is missing an opportunity to show why issuer is "better" than iss
from vc-data-model.
Related Issues (20)
- JSON-only processors and VCDM 2.0 conformance HOT 29
- Multiple Credential Status Lists HOT 2
- Clarify evidence section to point to OBv3 evidence property usage
- address normative statements in non-normative sections HOT 1
- Clarify what conformance means to the issuers/verifiers HOT 1
- add explicit notes where terminology in the spec diverges from things elsewhere
- Remove the at risk issue marker for `Evidence` HOT 5
- (Editorial) Use a three level deep TOC in the VCDM spec
- Controller Documents HOT 5
- Include credentialSubject examples that use URLs rather than DIDs
- Make Section 4.1 non-normative HOT 1
- Section 3 "Core Data Model" clean up
- clarify relationship to the `proof` property and the specifications defining how to secure VCs HOT 2
- Use a better example for bidirectional text (Editorial) HOT 4
- Default context contains terms outside of the spec HOT 9
- Consider abandoning drafts for non-data-integrity-proof securing formats HOT 13
- Update 4.9 Securing Verifiable Credentials HOT 7
- Updating figures 6 and 7 HOT 4
- Cross-check the `domain`/`range` statements in the vocabulary with the VCDM spec HOT 10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from vc-data-model.