Comments (8)
this is not an issue for vc-jose-cose, additional claims can be present, and if not understood they are ignored.
in the context of rdf, they get assigned "issuer dependent terms".
from vc-data-model.
@dmitrizagidulin that functionality is still supported by what I said... and it still needs to be interpreted consistently by issuers and verifiers to be useful.
from vc-data-model.
My proposal - we add the relatedResources
field to the VP data model. (That is, extend the domain of the relatedResources
field to be either VC or VP.)
from vc-data-model.
@OR13 I agree that schema-wise, it's not an issue for jose/cose serializations. However, we should still highlight its use in VPs, so that verifiers interpret it consistently
from vc-data-model.
The issue was discussed in a meeting on 2023-11-28
- no resolutions were taken
View the transcript
1.2. Add mechanism to cryptographically secure non-credential VP properties (contexts etc) (issue vc-data-model#1360)
See github issue vc-data-model#1360.
Dmitri Zagidulin: We want to be able to lock these down cryptographically.
… We have only added this for verifiable credentials.
… But not for related resources.
… We need to do this for VPs.
Brent Zundel: Can the solution be as simple as saying "this section also refers to VPs".
Manu Sporny: Do you mean "related resources"?
… I can volunteer to write a PR for this.
Joe Andrieu: correct. id we need to secure contexts we should do that. arbitrary resources is a layer violation.
Phillip Long: pdl-asu has joined #vcwg-special.
Joe Andrieu: happy to review pr.
from vc-data-model.
PR #1370 has been raised to address this issue. This issue will be closed once issue #1370 has been merged.
from vc-data-model.
PR #1370 has failed to gain consensus.
from vc-data-model.
The issue was discussed in a meeting on 2023-12-13
- no resolutions were taken
View the transcript
2.3. Add mechanism to cryptographically secure non-credential VP properties (contexts etc) (issue vc-data-model#1360)
See github issue vc-data-model#1360.
Brent Zundel: add mechanism to secure presentation metadata, related to related resource stuff.
… separated from enveloped credentials.
… seems like we tried, and now its time to decide to close the issue... if it stays open, it will be labeled future work.
Dmitri Zagidulin: I recommend we label future work.
… this seems important, but we should leave a roadmarker for the future us.
Brent Zundel: unless there is objection, I will label as future work.
… I will remove the before CR label, and unassign manu.
from vc-data-model.
Related Issues (20)
- Improve Verification Algorithms section HOT 4
- Request profile parameter from `application/vc` HOT 11
- Do VCs still need Media Types with Multiple Suffixes? HOT 11
- Clarify section on verifiable credential graph HOT 13
- Clarify the domain and range of the `verifiablePresentation.verifiableCredential` property HOT 7
- Bug in the context file? HOT 7
- Specify guarantees that all securing mechanisms must provide. HOT 10
- Remove repetition of normative statements in verification algorithm HOT 4
- Separate verification from validation in verification algorithm HOT 5
- Rewrite verification algorithm in a way that does not cause layer violations HOT 9
- Update algorithms section to normatively depend on the INFRA specification HOT 6
- Allow extensions to ProblemDetails object HOT 5
- Specify that it is important to validate the `issuer` value HOT 8
- Specify what kind of processing is safe on a returned document HOT 21
- Ensure `credentialStatus` `id` field is optional HOT 5
- Verifying a VC should return the same credential regardless of the verification method HOT 3
- Clarify embedded proof extension point HOT 3
- phrasing and/or punctuation for input "inputBytes or inputDocument and inputMediaType" needs work HOT 4
- reconsider `@id` for `mediaType` term HOT 17
- Does the specification need a normative "Credential Type Specifications" section? HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from vc-data-model.