-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Define credentialStatus correctly in YAML #225
Comments
ping @nissimsan this is to track defining credentialStatus correctly in YAML. |
The group discussed this on 2022-09-06. credentialStatus is defined correctly in https://github.com/w3c-ccg/vc-http-api/blob/main/components/IssueCredentialOptions.yml#L38. @dlongley noted that you need to create an issuing instance that's configured to work with a particular revocation mechanism, and when you use that endpoint, that revocation mechanism is used, you can't turn it on and off. If you want to use a different one, you need to configure a different instance. @PatStLouis asked why you don't specify @PatStLouis asked if an instance should have one revocation/status mechanism implemented, what's the purpose of having a way to set status information. @dlongley noted that when API was originally designed, it was built around testing VCs, but that didn't work well with real world use cases. For example, if you digitally sign using Ed25519, you probably wouldn't issue the credential using Ed25519 and then set the revocation list to use P-256. What we moved to was having "issuing instances" that had "configurations" and that you'd configure key types, revocation mechanisms, and other things to that endpoint. So when you hit the API, you don't have the client to send all the options to the endpoint. You don't hard code this in in your client or your server, you'd just configure instances w/ appropriate combinations. The group is suggesting that setting the |
Seems like there is a mismatch between "array" and "object". Which is correct? seems like "object" is correct... cc @mprorock See also: w3c-ccg/traceability-interop#379 |
The group discussed this on the 2023-06-06 call and came to the realization that this does not have to do with the configuration/instance endpoint (except for the fact that one or more status list mechanisms might be configured for a particular endpoint). The main question is what does the object that is used to update one or more credential statuses look like? What it looks like is going to be dependent on the particular status list format. @jandrieu noted that if we want to specify the VC API to support multiple status mechanisms, that we need to specify an update object that is going to support multiple status mechanisms. In order to generalize the solution the group proposed the following. A call to modify the status of a credential needs to take an object that:
A PR should be raised to update the credential status update call to use an object with the properties defined above as well as explanatory text in the main specification that guides implementers and specification writers to put the details of the 3rd item above into a status list specification. |
See: #211 (comment)
The text was updated successfully, but these errors were encountered: