Lead verifier: Verification API extensions #368
Description
Challenge-Response
The verification API must support a new “lead verifier” mode where the usual challenge-response API accepts verification requests for composite evidence and dispatches them to the CE handler endpoint in VTS.
The existing verification component is extended to recognise requests for collection types (e.g., CMW, EAT w/ submods) that do not have an associated scheme plugin, and forward them to the CE handler.
Discovery
The lead verifier adds a new "composite-evidence-media-types" array listing all the supported "composition" base1 media types to the discovery object.
{
"ear-verification-key": { /* ... */ },
"media-types": [ /* ... */ ],
"version": "...",
"service-state": "...",
"api-endpoints": { /* ... */ },
"composite-evidence-media-types": [
"application/cmw+cbor",
"application/cmw+json",
"application/eat+cwt",
"application/eat+jwt"
]
}The list is discovered through a VTS endpoint.
Note that if the same media type is listed in the "media-types" array (likely including some parameters), the dispatch function will prioritise the "media-types" entry over the one in "composite-evidence-media-types".
Footnotes
-
By "base", we mean that they do not include any parameters. ↩