Comments (4)
I agree with Orie that defining how to verify that the content is secured and how to extract the secured content belongs in the securing specifications and not in the core data model.
from vc-data-model.
This needs to be solved in each securing mechanism.
specifically, proof
handling in data integrity, header
/ alg
processing needs to be handled in vc-jose-cose.
I objected to #1338 because the core data model should not be in the business of defining securing related verification procedures.... and I have continued to object to the presence of proof
in the core data model, for the same reason.
from vc-data-model.
The issue was discussed in a meeting on 2023-11-28
- no resolutions were taken
View the transcript
1.3. Improve Verification Algorithms section (issue vc-data-model#1362)
See github issue vc-data-model#1362.
Brent Zundel: There is a PR in progress that adds a verification algorithm to the spec.
… It seems to be progressing well.
See github pull request vc-data-model#1338.
Manu Sporny: There was at least one thing - it's not clear if we're going to be able to make the PR.
… We need WG consensus.
… We need to define an interface in the securing mechanism.
… Jeffrey wants us to do that.
… We need a uniform interface.
… Currently we provide instructions for DI and jose-cose.
… about the extraction and verification functions.
Michael Jones: as pointed out by Brent on the Editors call yesterday, we're explicitly not chartered to to APIs.
… what's being proposed here is an API, so therefore out of scope. It's fine to define normative language in the two securing specs.
… but providing an API to do it goes against charter.
Manu Sporny: This is not an API: #1338 (comment).
Manu Sporny: We do define algorithms.
… That's in scope.
Michael Jones: Then call them algorithms - not a uniform interface.
Manu Sporny: Done.
Brent Zundel: The concern I have is that what we have in #1338 is in response to comments from a W3C member saying that if this isn't addressed, they will formally object.
… On the other hand, we have charter language prohibiting creating APIs.
… From my perspective, the safe route is to figure out an algorithm to address this.
Manu Sporny: Jeffrey has approved the PR.
… It is definitely a grey area.
… If there is concern about somebody objecting to the charter, we have a strong defense.
… This can't work without algorithms.
… We have a path to defend against formal objections.
Brent Zundel: We will have a more thorough conversation about #1338 tomorrow.
Orie Steele: lets make sure the algorithm does not contradict any of our terminology or definitions, particularly the "extract" vs "credential" definitions.
Manu Sporny: The algorithm is meant to defer to the securing specs for all important implementation details.
Manu Sporny: agree with Orie that we don't want those algorithms to contradict any terminology/definitions in the securing mechanism specifications.
Dave Longley: and agree it's important that the algorithm not impede things like SD-JWT and ECDSA-SD.
Brent Zundel: If we get agreement on #1338 then #1362 can be closed.
from vc-data-model.
This issue is now overtaken by #1377. Closing.
from vc-data-model.
Related Issues (20)
- Request profile parameter from `application/vc` HOT 11
- Do VCs still need Media Types with Multiple Suffixes? HOT 11
- Clarify section on verifiable credential graph HOT 13
- Clarify the domain and range of the `verifiablePresentation.verifiableCredential` property HOT 7
- Bug in the context file? HOT 7
- Specify guarantees that all securing mechanisms must provide. HOT 10
- Remove repetition of normative statements in verification algorithm HOT 4
- Separate verification from validation in verification algorithm HOT 5
- Rewrite verification algorithm in a way that does not cause layer violations HOT 9
- Update algorithms section to normatively depend on the INFRA specification HOT 6
- Allow extensions to ProblemDetails object HOT 5
- Specify that it is important to validate the `issuer` value HOT 8
- Specify what kind of processing is safe on a returned document HOT 21
- Ensure `credentialStatus` `id` field is optional HOT 5
- Verifying a VC should return the same credential regardless of the verification method HOT 3
- Clarify embedded proof extension point HOT 3
- phrasing and/or punctuation for input "inputBytes or inputDocument and inputMediaType" needs work HOT 4
- reconsider `@id` for `mediaType` term HOT 17
- Does the specification need a normative "Credential Type Specifications" section? HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from vc-data-model.