-
Notifications
You must be signed in to change notification settings - Fork 98
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for SD-JWT #1019
Comments
Thanks for bringing this up, David. I think SD-JWT-VC can be created in an interoperable manner without an additional specification in W3C VC WG. Latest SD-JWT draft has two examples (4a and 4b) of SD-JWT-VC with two different payloads: one uses cty defined in section 6.3 of VCDM 2.0 and another uses cty defined in section 4 of VC-JWT spec. SD-JWT spec allows to include combined format for presentations (a term defined in the SD-JWT spec which refers to SD-JWT + Disclosures) in a container such as a Verifiable Presentation (spec text here). So a presentation would simply use verifiableCredential property to pass SD-JWT-VCs (or combined format of presentations to be precise), just like when passing VC-JWTs. |
The issue was discussed in a meeting on 2023-06-07
View the transcript2.1. Support for SD-JWT (issue vc-data-model#1019)See github issue vc-data-model#1019. Brent Zundel: Discuss issue 1019. Joe Andrieu: Thinks it would be hard to discuss this without Kristina's input.
David Chadwick: Has this been superseded by Oliver's email requesting this has been moved to a work item with some positive replies on the working group. Brent Zundel: talking into mute.
Brent Zundel: agreement that this needs to be done but not here. So should be pending close as its being done elsewhere. David Chadwick: I'm happy with it being pending closed.
Brent Zundel: Marking issue as pending closed. |
No objections raised to closing since being marked |
The IETF is specifying a standard way for the selective disclosure of JSON objects, which includes verifiable credentials. See
https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-02.html#name-creating-an-sd-jwt
We should add support to the VC DM for this type of VC.
How a credential is proofed is flexible in the VC DM - it can be external or internal via the proof property.
SD-JWTs are a different way of externally proofing a credential. Consequently we should do the following:
i) write a new document (analogous to the current JWT spec) to say how W3C credentials are proofed using SD-JWT
ii) add details to the DM to say how presentations may incorporate SD-JWTs and disclosures instead of (or as well as) VCs
For example
Note that the above credential contains 7 hidden/hashed properties but only 4 of them have been disclosed to the verifier
The text was updated successfully, but these errors were encountered: