From 22e373048f96f18db8f7a8b71023dbcb1f28a924 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Wed, 2 Aug 2023 13:21:36 -0400 Subject: [PATCH 1/8] Add section on Ecosystem Compatibility. (#1203) 17 approvals, open for more than a week, no objections during the Special topic call on 08-01-2023 * Add section on Ecosystem Compatibility. * Fix grammar in Ecosystem Compatibility section. Co-authored-by: Ted Thibodeau Jr * Add references to "digital credentials" specifications. * Update Ecosystem Compatibility based on VCWG Special Topic call. * Add clarification around when a transformation becomes a VC. * Add note about what constitutes a verifiable credential. * Clarify that a conforming document has two possible media types. * Clarify that JOSE, COSE, wrapped conforming documents are VCs/VPs. * Clarify which specs need to follow the ecosystem guidelines. Co-authored-by: Dave Longley * Remove vague statement about "any securing mechanism" per @jandrieu. Co-authored-by: Joe Andrieu * Apply editorial suggestions from @Sakurann to Ecosystem Compatibility. Co-authored-by: Kristina <52878547+Sakurann@users.noreply.github.com> --------- Co-authored-by: Ted Thibodeau Jr Co-authored-by: Dave Longley Co-authored-by: Joe Andrieu Co-authored-by: Kristina <52878547+Sakurann@users.noreply.github.com> --- index.html | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 77 insertions(+), 1 deletion(-) diff --git a/index.html b/index.html index ca7271b45..4274a8071 100644 --- a/index.html +++ b/index.html @@ -2230,7 +2230,7 @@

Data Schemas

If multiple schemas are present, validity is determined according to the -processing rules outlined by each associated credentialSchema +processing rules outlined by each associated credentialSchema type property.

@@ -3625,6 +3625,82 @@

Reserved Extension Points

+ +
+

Ecosystem Compatibility

+ +

+There are a number of digital credential formats that do not natively use the +data model provided in this document, but are aligned with a number of concepts +in this specification. At the time of publication, examples of these digital +credential formats include + +JSON Web Tokens (JWTs), + +CBOR Web Tokens (CWTs), +ISO-18013-5:2021 +(mDLs), + +AnonCreds, + +Gordian Envelopes, and + +Authentic Chained Data Containers (ACDCs). +

+ +

+If conceptually aligned digital credential formats can be transformed into a +conforming document according to the rules provided in this section, they +are considered "compatible with the W3C Verifiable Credentials ecosystem". +A conforming document is either a verifiable credential serialized +as the `application/vc+ld+json` media type or a verifiable presentation +serialized as the `application/vp+ld+json` media type. Specifications that +describe how to perform transformations that enable compatibility with +the Verifiable Credentials ecosystem: +

+ +
    +
  • +MUST identify whether the transformation to this data model is one-way-only or +round-trippable. +
    • +
  • +MUST preserve the `@context` values when performing round-trippable +transformation. +
    • +
  • +MUST result in a conforming document when transforming to the data +model described by this specification. +
    • +
  • +MUST specify a registered media type for the input document. +
    • +
  • +SHOULD provide a test suite that demonstrates that the specified transformation +algorithm to the data model in this specification results in +a conforming document. +
    • +
  • +SHOULD ensure that all semantics utilized in the transformed +conforming document follow best practices for Linked Data. See +Section , Section +, and Linked Data Best Practices [[?LD-BP]] +for additional guidance. +
    • +
+ +

+Readers are advised that a digital credential is only considered +compatible with the W3C Verifiable Credentials ecosystem if it is a +conforming document and it utilizes at least one securing mechanism, as +described by their respective requirements in this specification. While some communities might call some digital +credential formats that are not conforming documents +"verifiable credentials", doing so does NOT make that digital credential +compliant to this specification. +

+ +
+
From 6592f3b3aea7ec482f76a9ab2fe45af9313ef574 Mon Sep 17 00:00:00 2001 From: Orie Steele Date: Tue, 6 Jun 2023 13:28:35 -0500 Subject: [PATCH 2/8] Update reservation table --- contexts/credentials/v2 | 6 +++++- index.html | 20 +++++++++++++++++++- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/contexts/credentials/v2 b/contexts/credentials/v2 index 69c14cbd8..3c8ba2a80 100644 --- a/contexts/credentials/v2 +++ b/contexts/credentials/v2 @@ -41,7 +41,7 @@ "credentialStatus": { "@id": "https://www.w3.org/2018/credentials#credentialStatus", "@type": "@id" - }, + }, "credentialSubject": { "@id": "https://www.w3.org/2018/credentials#credentialSubject", "@type": "@id" @@ -80,6 +80,10 @@ "termsOfUse": { "@id": "https://www.w3.org/2018/credentials#termsOfUse", "@type": "@id" + }, + "confidenceMethod": { + "@id": "https://www.w3.org/2018/credentials#confidenceMethod", + "@type": "@id" } } }, diff --git a/index.html b/index.html index 4274a8071..fdab49eb2 100644 --- a/index.html +++ b/index.html @@ -3555,6 +3555,23 @@

Reserved Extension Points

+ + `confidenceMethod` + +A property used for specifying one or more methods that a verifier +might rely on in order to authenticate the holder of a presentation. +The associated vocabulary URL MUST be +`https://www.w3.org/2018/credentials#confidenceMethod`. +

+This property reservation might be deleted in favor of an existing section +in the specification if at least one specification with two independent +implementations are demonstrated by the end of the Candidate Recommendation +Phase. If that does not occur, this reservation will remain, but the existing +section in the specification will be removed. +See Verifiable Credential Confidence Methods. +

+ + `evidence` @@ -3588,13 +3605,14 @@

Reserved Extension Points

`renderMethod` -A property used for specifying how to render a credential into a visual, +A property used for specifying one or more methods to render a credential into a visual, auditory, or haptic format. The associated vocabulary URL MUST be `https://www.w3.org/2018/credentials#renderMethod`.

This reserved property is at risk and will be removed from the specification if at least one specification with two independent implementations are not demonstrated by the end of the Candidate Recommendation Phase. +See Verifiable Credential Rendering Methods.

From 0ca0f708606a0d32de1ddf277d39d698c2061456 Mon Sep 17 00:00:00 2001 From: Orie Steele Date: Tue, 6 Jun 2023 13:29:38 -0500 Subject: [PATCH 3/8] Update contexts/credentials/v2 --- contexts/credentials/v2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contexts/credentials/v2 b/contexts/credentials/v2 index 3c8ba2a80..3148253fa 100644 --- a/contexts/credentials/v2 +++ b/contexts/credentials/v2 @@ -41,7 +41,7 @@ "credentialStatus": { "@id": "https://www.w3.org/2018/credentials#credentialStatus", "@type": "@id" - }, + }, "credentialSubject": { "@id": "https://www.w3.org/2018/credentials#credentialSubject", "@type": "@id" From 839c3b459ad90b05437cd9034a8434bd3f5327f5 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Tue, 1 Aug 2023 18:16:18 -0400 Subject: [PATCH 4/8] Update URL to add confidenceMethod specification. --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index fdab49eb2..b93bb8a9a 100644 --- a/index.html +++ b/index.html @@ -3568,7 +3568,7 @@

Reserved Extension Points

implementations are demonstrated by the end of the Candidate Recommendation Phase. If that does not occur, this reservation will remain, but the existing section in the specification will be removed. -See Verifiable Credential Confidence Methods. +See Verifiable Credential Confidence Methods.

From f3e2b302406cbcea7b63093305f0087d030fa769 Mon Sep 17 00:00:00 2001 From: Orie Steele Date: Wed, 2 Aug 2023 12:30:13 -0500 Subject: [PATCH 5/8] Update index.html Co-authored-by: Ted Thibodeau Jr --- index.html | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/index.html b/index.html index b93bb8a9a..cb3fee159 100644 --- a/index.html +++ b/index.html @@ -3559,7 +3559,10 @@

Reserved Extension Points

`confidenceMethod` A property used for specifying one or more methods that a verifier -might rely on in order to authenticate the holder of a presentation. +might use to increase their confidence that the value of an attribute in or of +a verifiable credential or verifiable presentation is accurate, including but not +limited to attributes such `initialRecipient` (a/k/a `issuee`), `presenter`, +`authorizedPresenter`, `holder`, etc. The associated vocabulary URL MUST be `https://www.w3.org/2018/credentials#confidenceMethod`.

From cf429b194ff89ae255a70cf271aac45f703f96c1 Mon Sep 17 00:00:00 2001 From: Brent Zundel Date: Wed, 2 Aug 2023 16:27:16 -0600 Subject: [PATCH 6/8] Update index.html minor typo fix. --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index cb3fee159..b104c9954 100644 --- a/index.html +++ b/index.html @@ -3561,7 +3561,7 @@

Reserved Extension Points

A property used for specifying one or more methods that a verifier might use to increase their confidence that the value of an attribute in or of a verifiable credential or verifiable presentation is accurate, including but not -limited to attributes such `initialRecipient` (a/k/a `issuee`), `presenter`, +limited to attributes such as `initialRecipient` (a/k/a `issuee`), `presenter`, `authorizedPresenter`, `holder`, etc. The associated vocabulary URL MUST be `https://www.w3.org/2018/credentials#confidenceMethod`. From af67521e68801a7e1e67dbf4e78c3e7b3d87bf5a Mon Sep 17 00:00:00 2001 From: Ivan Herman Date: Thu, 3 Aug 2023 10:54:33 +0200 Subject: [PATCH 7/8] Editorial update index.html: use JsonSchema and not JsonSchema2023 This is just a leftover of the naming/versioning change around JSON Schemas. (Editorial change, only in the examples). --- index.html | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/index.html b/index.html index b104c9954..a2c4e2626 100644 --- a/index.html +++ b/index.html @@ -939,7 +939,7 @@

Concrete Lifecycle Example

// the name of the cryptographic signature suite "cryptosuite": "eddsa-2022", // the date the signature was created - "created": "2023-06-18T21:19:10Z", + "created": "-06-18T21:19:10Z", // purpose of this proof "proofPurpose": "assertionMethod", // the identifier of the public key that can verify the signature @@ -990,7 +990,7 @@

Concrete Lifecycle Example

"proof": { "type": "DataIntegrityProof", "cryptosuite": "eddsa-2022", - "created": "2023-06-18T21:19:10Z", + "created": "-06-18T21:19:10Z", "proofPurpose": "assertionMethod", "verificationMethod": "https://university.example/issuers/565049#key-1", "proofValue": "zQeVbY4oey5q2M3XKaxup3tmzN4DRFTLVqpLMweBrSxMY2xHX5XTYV8nQA @@ -1731,7 +1731,7 @@

Representing Time

only moment in time that is affected is the one second period of the leap second itself. That is, the moment after the most recent leap second can always be represented as the first moment of the next day (for example, -`2023-01-01T00:00:00Z`), regardless of whether the system in question +`-01-01T00:00:00Z`), regardless of whether the system in question understands leap seconds. @@ -2224,7 +2224,7 @@

Data Schemas

more data schemas that provide verifiers with enough information to determine if the provided data conforms to the provided schema(s). Each credentialSchema MUST specify its type (for example, -JsonSchema2023), and an id property +JsonSchema), and an id property that MUST be a URL identifying the schema file. The precise contents of each data schema is determined by the specific type definition.

@@ -2270,11 +2270,11 @@

Data Schemas

}, "credentialSchema": [{ "id": "https://example.org/examples/degree.json", - "type": "JsonSchema2023" + "type": "JsonSchema" }, { "id": "https://example.org/examples/alumni.json", - "type": "JsonSchema2023" + "type": "JsonSchema" }] } From 8b2e277519738f57c53956a639c51a4524e47083 Mon Sep 17 00:00:00 2001 From: Ivan Herman Date: Fri, 4 Aug 2023 06:10:58 +0200 Subject: [PATCH 8/8] Apply suggestions from code review Co-authored-by: Gabe <7622243+decentralgabe@users.noreply.github.com> --- index.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/index.html b/index.html index a2c4e2626..f010b6de5 100644 --- a/index.html +++ b/index.html @@ -939,7 +939,7 @@

Concrete Lifecycle Example

// the name of the cryptographic signature suite "cryptosuite": "eddsa-2022", // the date the signature was created - "created": "-06-18T21:19:10Z", + "created": "2023-06-18T21:19:10Z", // purpose of this proof "proofPurpose": "assertionMethod", // the identifier of the public key that can verify the signature @@ -990,7 +990,7 @@

Concrete Lifecycle Example

"proof": { "type": "DataIntegrityProof", "cryptosuite": "eddsa-2022", - "created": "-06-18T21:19:10Z", + "created": "2023-06-18T21:19:10Z", "proofPurpose": "assertionMethod", "verificationMethod": "https://university.example/issuers/565049#key-1", "proofValue": "zQeVbY4oey5q2M3XKaxup3tmzN4DRFTLVqpLMweBrSxMY2xHX5XTYV8nQA @@ -1731,7 +1731,7 @@

Representing Time

only moment in time that is affected is the one second period of the leap second itself. That is, the moment after the most recent leap second can always be represented as the first moment of the next day (for example, -`-01-01T00:00:00Z`), regardless of whether the system in question +`2023-01-01T00:00:00Z`), regardless of whether the system in question understands leap seconds.