rework credential and batch credential endpoint

[paulbastian]

Closes #93

• discuss whether proofs array should only contain the key values with the same key type instead of each object containing proof_type
• add issuer metadata for support of proofs in credential endpoint
• agree whether to keep or scrap batch credential endpoint or postpone the discussion

[manecke]

The example in the "Batch Credential Request" section seems to be broken (in the proofs array). There are too many curly braces. The indentation does not seem to be correct either.

[manecke]

The square brackets are also not set correctly. The closing brackets are missing several times.

[manecke]

POST /batch_credential HTTP/1.1
Host: [server.example.com](http://server.example.com/)
Content-Type: application/json
Authorization: BEARER czZCaGRSa3F0MzpnWDFmQmF0M2JW
{
   "credential_requests":[
      {
         "format":"jwt_vc_json",
         "credential_definition":{
            "type":[
               "VerifiableCredential",
               "UniversityDegreeCredential"
            ]
         },
         "proofs":[
            {
               "credential_identifier":"BiologyEngineeringDegree-2023",
               "keys":[
                  {
                     "proof_type":"jwt",
                     "jwt":"eyJ0eXAiOiJvcGVuaWQ0dmNpL...Lb9zioZoipdP-jvh1WlA"
                  },
                  {
                     "proof_type":"jwt",
                     "jwt":"eyJraWQiOiJkaWQ6ZXhhbXBsZ...KPxgihac0aW9EkL1nOzM"
                  }
               ]
            },
            {
               "credential_identifier":"CivilEngineeringDegree-2023",
               "keys":[
                  {
                     "proof_type":"jwt",
                     "jwt":"eyJraWQiOiJkaWQ6ZXhhbXBsZ...KPxgihac0aW9EkL1nOzM"
                  }
               ]
            },
            {
               "credential_identifier":"ElectricalEngineeringDegree-2023",
               "keys":[
                  {
                     "proof_type":"jwt",
                     "jwt":"eyJraWQiOiJkaWQ6ZXhhbXBsZ...KPxgihac0aW9EkL1nOzM"
                  }
               ]
            }
         ]
      }
   ]
}

[paulbastian]

I've corrected the JSON structure.

The example that you posted is substantially different though.

[Sakurann]

if a mechanism to better issue multiple copies of the same credential dataset is added to credential endpoint in a backward compatible manner, I am ok having only one endpoint doing it. though we do need to discuss what it means on the mandatory to implement requirements - 1) we can scrap anything around MTI requirements, 2) say particular request (one credential or copies of the credential or multiple credential) is mandatory, 3) everything in credential endpoint is mandatory.

[paulbastian]

Following up the discussions from DCP Workshop on 19th of April, there are different options how to continue, so therefore please provide feedback/preferences. Please use emoji reaction of your choice to communicate your preferences.

[paulbastian]

A - make a breaking change to the Batch Credential Endpoint (current proposal - only proof[])

[paulbastian]

B - make the Batch Credential Request polymorphic (backwards compatible - proof and proofs[] are allowed)

[paulbastian]

C - make the Credential and Batch Credential Endpoint polymorphic (backwards compatible - proof and proofs[] are allowed)

[Sakurann]

We should add in this PR, credential issuer metadata parameter that the issuer uses to indicate how many credential copies it expects.

[bc-pi]

FWIW I would be in favor of the credential endpoint having a mechanism to issue multiple copies of the same credential dataset (and would be fine with the batch endpoint going away).

[paulbastian]

credential endpoint with proofs[] issuance of multiple credential istances has been tested successfully at IDunion hackathon at 23/24 of April between 4 participants!

[Sakurann]

WG call: tobias, Giuseppe, Christian (maybe Brian) to re-review. will merge once there are 4 approvals - hopefully within the next 1-2 days.

[Sakurann]

will continue the discussion on merging batch/credential endpoints in this issue: #18

[tplooker]

Approved on the proviso that my above minor suggestions are incorperated.

[peppelinux]

I can say that I can approve it to not block the world.
I would say that this specification is getting too much complex with mixed conditions. Something I would avoid.

[Sakurann]

@peppelinux the plan is to merge batch credential endpoint and credential endpoint once we merge this PR, but we need to merge this PR to start simplifying things.

[paulbastian]

@peppelinux changes applied
@Sakurann ready to merge

[peppelinux]

Go!

[c2bo]

looks good apart from the very minor json error 👍

torsten confirmed he is ok with the current PR