Skip to content

v3.1.0

Choose a tag to compare

@luisgf luisgf released this 02 Jul 21:34

Feature release: the OpenBadges 3.0 issuer-side lifecycle — issue → publish trust artefacts → revoke/suspend. All new behaviour is opt-in; existing configs sign and publish exactly as in 3.0.x.

Added

  • feat(ob3): issuer-side credential status. Badges that opt in with status_lists = revocation, suspension get W3C Bitstring Status List entries attached to every newly signed credential (openbadges-signer -V 3), with the index recorded in a private per-badge registry (${base}/status/badge_N.json — random allocation per the spec's privacy recommendation, atomic writes). (#131, #132)
  • feat(publish): openbadges-publish -V 3 is no longer a no-op. It generates the issuer's did:web document (did.json) and, per opted-in badge, the signed status list credentials (revocation.jwt, suspension.jwt, signed with the badge key) plus verify.pem. New management flags --revoke ID, --suspend ID, --unsuspend ID (ID = jti or recipient email; -b scopes, --reason annotates) update the registry and regenerate the lists. Revocation is permanent; the -V 3 output directory may already exist and its files are replaced atomically.
  • feat(config): new opt-in keys — [paths] base_status, [issuer] did (auto derives a did:web issuer id from publish_url), and per-badge status_lists / status_size_bits / status_base. openbadges-init now also creates status/.
  • feat(api): new public API — openbadgeslib.ob3.status_list (encode_bitstring, build_status_list_credential, sign_status_list_credential, status_entry), openbadgeslib.ob3.StatusRegistry, did_web_from_url / build_did_document, openbadgeslib.keys.public_jwk_from_pem, OB3Signer.sign_payload. The OB3 signer path now also appends to the signer log, including the credential jti and status index.

Documentation (not part of the packaged distribution)

  • New publish-and-revoke walkthrough in Guides; updated Configuration, CLI-Reference, Quick-Start, OB2-vs-OB3, Security-Model (registry privacy notes and the verificationMethod[0] resolver limitation), Python-API-OB3 and Glossary.

Full history: Changelog.txt