Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

proposal to use aggregated/distributed claims for VCs/VPs #23

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

proposal to use aggregated/distributed claims for VCs/VPs #23

wants to merge 6 commits into from

Conversation

tlodderstedt
Copy link
Collaborator

I took the time to flush out how use of aggregated/distributed claims could look like. The nice thing with this approach is we could provide VPs/VCs as is either embedded or referenced objects as is without any embedding into new JWT claims.
Having it as a PR might be useful to compare it to the claims-based approach.

AdamJLemmon
AdamJLemmon reviewed Apr 12, 2021
View reviewed changes
README.md
"https://www.w3.org/2018/credentials/examples/v1/AlumniCredential":[
"src1",
"src2"
],
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it common that a claim name / credential type would be mapped to multiple sources?
I am struggling to think of a situation for this...
How would the RP determine how to proceed?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what do you think is reasonable? one source, multiple credentials (VP) but one credential at most one source?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would initially think of 1 to 1 for a credential type to a credential type source?

ie. I request a Driver's License type credential and I get one src back? And that src will describe the format? It may come back as a vc_jwt... vp_jwt etc?

Sakurann
Sakurann reviewed Apr 19, 2021
View reviewed changes
README.md
Comment on lines +323 to +326
"_claim_sources":{
"src1":{
"format":"vp_jwt",
"value":"eyJraWQiOiJkaWQ6aW9uOkVpQzZZOV9hRGFDc0lUbFkwNkhJZDRzZUpq...5SRU16ZEdsUWR6SkdTbWNpZlgwIn0.nwxW-8GVL0msMAhZESDZkGC3U00iJgqQXyz3cpfQXIyzqD82A8Eko7nh-7U8-CZ3gl6tdLgxSJEc6nJM7G_-oQ"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

with Aggregated claims, vp_ldp would have to be embedded as a JWT, too?

Aggregated Claims
JSON object that MUST contain the JWT member whose value is a JWT [JWT] that MUST contain all the Claims in the _claim_names object that references the corresponding _claim_sources member.

Sakurann
Sakurann reviewed Apr 19, 2021
View reviewed changes
README.md
Comment on lines +393 to +396
"_claim_sources":{
"src1":{
"format":"vp_jwt",
"endpoint":"https://op.example.com/presentations/1234564",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

with Distributed claims, vp_ldp would have to be returned as a JWT from the endpoint?

endpoint
REQUIRED. OAuth 2.0 resource endpoint from which the associated Claim can be retrieved. The endpoint URL MUST return the Claim as a JWT.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AdamJLemmon AdamJLemmon AdamJLemmon left review comments

@Sakurann Sakurann Sakurann left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@tlodderstedt @AdamJLemmon @Sakurann