-
Notifications
You must be signed in to change notification settings - Fork 98
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added presentationSchema #987
Conversation
Added the presentationSchema property for presentations to complement the credentialSchema property for credentials
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is it worth adding an example similar to the one for credentialSchema
?
@decentralgabe . I also thought about adding an example, but I do not think it adds much to the spec in doing so. Rather a better idea, given your prompting, might be to add more text to section 4.10 Presentations and add the presentationSchema property to this along with the example there. So then we will have an example of using this property |
agree with that idea |
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In general I'm ok with adding this feature. One recommendation is to clarify whether the schema applies to the VP only or whether it includes also the included VCs including their properties.
Note to myself, but others should ping if not done: if this PR is merged, the property has to be added to the official VC Data Model vocabulary (v2) as well. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall, I'm a +0.5 to this PR (as I understand it)... but I'm not sure how I understand it is how it's intended to be used... I could get to a +1 with a few answers to the questions below.
What's becoming increasingly clear is that there are multiple use cases for credentialSchema
and I'm not convinced the VCWG understands all of them, or the differences between them. I know that I'm now not clear of the differences between @decentralgabe's credential schema proposal and @OR13's credential schema proposal. That is, we have two proposals for the use of credentialSchema
that differ in ways that are not clear (which is fine for now, but the VCWG needs to understand the differences between the proposals).
Something similar could be said for presentationSchema
. For example, here are my initial questions for this feature:
- A Verifier MUST reject a VC that doesn't match the
credentialSchema
andpresentationSchema
? If so, is this a form of DRM (Digital Rights Management) that we're introducing into the specification? There's an argument that the answer to that question is "No" forcredentialSchema
but "Yes" forpresentationSchema
. Or, is this information only advisory for a Verifier? The reason I bring this up is that the biggest protest at W3C (yes, protest with people outside W3C TPAC wearing Guy Fawkes masks and chanting and signs, had to do with the Encrypted Media Extensions WG and the inclusion of DRM into a W3C specification). - Can you place
credentialSchema
orpresentationSchema
on a presentation? Or is it only supposed to live in the VC and not the VP? - If a Holder places a
presentationSchema
on a presentation, and it conflicts with what an issuer provided, what's expected to occur there? - What should a Verifier do if it can't fetch a
presentationSchema
?
All this to say, we need clarity around how people intend to use this feature, ideally with concrete use cases added to the Verifiable Credentials Use Cases document and implementation guide. We don't need all of that done for this PR to go through, but the PR could be a dangerous feature if misused/abused, so the details matter here.
I'm "Requesting Changes" to this PR that clarify the items above, and ideally, suggest we have a WG discussion about this to understand this feature more before adding it into the specification.
The issue was discussed in a meeting on 2022-11-30
View the transcript2.2. Added presentationSchema (pr vc-data-model#987)See github pull request vc-data-model#987. Manu Sporny: 987 adds presentation schema - has a couple of reviews, oliver& manu have questions. Explore at special topic call? Please take a look and add your questions.. Kristina Yasuda: would be better to have an issue for the discussion.
Manu Sporny: no open PRs on data integrity. Orie Steele: json web signature 2020 - open PR. |
I agree that all need not be done, as in complete, but I think all needs to be in motion via Issue and/or PR for each, so there's a relatively clear path to TR that will include "all of that". |
@msporny To answer your questions, the proposal is that credentialSchema only applies to the VC and the presentationSchema only applies to the VP. In the latter case the only interaction of the presentationSchema with the VC will be to say that the verifiableCredential property must be present in the VP. It MUST NOT say anything about the contents of the verifiableCredential(s), otherwise obviously there could be conflicts with the credentialSchema. We can make this part of the presentationSchema definition. Regarding fetching the presentationSchema definition, I would suggest that the Verifier (or RP), knowing which VCs it requires, and knowing which "holder binding methods" it supports, it will also know the presentationSchemas that it supports. So it should not have to fetch them dynamically at run time. Obviously its a local decision what the RP actually does, but we can recommend non-dynamic loading (as we should do for credentialSchema as well) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd prefer to see an example for "presentationSchema" included.
The issue was discussed in a meeting on 2022-12-07
View the transcript1.2. Added presentationSchema (pr vc-data-model#987)See github pull request vc-data-model#987. Manu Sporny: next item: 987; adds presentationSchema, by David Chadwick. good discussion. still some things being asked for. 3 people continuing to request changes. expect David to keep engaging to move it forward. Other than that, no new PRs.. |
@David-Chadwick is going to generate an example for this in the next week or so. |
The issue was discussed in a meeting on 2022-12-14
View the transcript3.2. Added presentationSchema (pr vc-data-model#987)See github pull request vc-data-model#987. Manu Sporny: PR 987 - request for an example from Orie - re Added PresentationSchema. David to provide an example two shortly. Ivan Herman: this is a new property to go into the data model?. David Chadwick: Yes that's correct, only applied to Presentations. Ivan Herman: has to add this to the vocabulary. David Chadwick: Property name is fixed, it will be an object with defs, and have a type and ID. Manu Sporny: One thing everyone doing PR should be aware of there are three places - spec, the vocab, and JSON schema file and JSON-LD schema file. Ivan Herman: for the vocab part would be nicer if the automatic publishing procedure was running. A bit complicated - but should be done in Jan.. Manu Sporny: Yes, it's on the 'todo' list. Mike: is JSON schema in scope?. Manu Sporny: Yes, JSON schema added for the specification was added a few weeks ago and needs to be added.
Dmitri Zagidulin: one way to reduce the complexity adding to 4 places is if we added a toolset to automate this. Orie has more tooling or others may have something..
Michael Prorock: big fan of doing this once and highly in favor that approach but maintaining both things at once will get things out of sync. Kristina Yasuda: WG agreed to work on the schemas. Can we document the issues re: generating once and integrate the updates. Manu Sporny: will create an issue to automate the files we have to maintain so we only one to maintain..
Mike: can someone put a note in the header for the schema that it is out of date and we're not going to maintain it until we do the one point of change to update all..
|
Here is a real life example of a VP containing the presentationSchema property.
The schema itself is live at the id URL above, and dereferencing it you should obtain the following
|
The issue was discussed in a meeting on 2023-01-11
View the transcript2.1. Added presentationSchema (pr vc-data-model#987)See github pull request vc-data-model#987. Manu Sporny: A lot of topics for today. Asking David Chadwick for PR 987.. David Chadwick: Don't believe anyhting outstanding.. Manu Sporny: Confirmed. Orie to confirm.. |
The issue was discussed in a meeting on 2023-01-18
View the transcript2.1. Added presentationSchema (pr vc-data-model#987)See github pull request vc-data-model#987. Manu Sporny: action was to write an example, but there has yet to be responses to what david has provided.. |
Ok, got it. Thank you for the example... now for the clarification of the use case. I don't understand the value of the feature. To be clear, the entity that's creating the presentation is also setting the schema under which that presentation is valid. IOW, why would they create a presentation that's not valid based on their own criteria for creating a presentation? One could argue "well, software can have bugs, and so a Please help me understand the use case -- I get that it is technically possible to do this, but why would one do this? |
The use case is a generic one. |
The example helps. This seems like it could create a lot of work for holder's and verifiers... This pattern has been seen in the while, for example: |
I don't think so. It is only RECOMMENDED that the type URI should be machine processable. It is not a requirement, in the same way the JSON-LD processing is not a requirement. Note, it also is not a requirement to have a credentialSchema property, so in this way the two features have been treated equally. |
Clearly a higher bandwidth sync is needed on this. : ) |
You cannot have different verifiers associating different schemas to the same VP type. Some trusted entity has to do this. In the case of issuing and credentialSchema it can be the issuer or an external entity like JFF. In the case of verification it should always be some external trusted entity (and not the holder). But nevertheless both the holder and verifier need to know what this is. Passing it in the VP is an explicit way of confirming this joint knowledge. The amount of schema checking done by the verifier is the same in both cases (whether presentationSchema is passed or not). If we do not define the presentationSchema property it is not clear to me how it is specified and how a common standardised understanding can be reached by the specifier, the holder and the verifier. |
@David-Chadwick wrote:
The Verifier is ultimately responsible for what they allow, they are the first line of "trusted entity". We can't tell them that they cannot associate their own JSON Schemas w/ incoming data of any type or form. Now, they may defer their authority to some other entity in the space, like an SDO, to express what a valid presentation looks like, but the decision is ultimately theirs to make (not the issuers, not the holders, etc.).
Ah, good, this was the missing piece. We are much more aligned now than I had previously thought. To reflect back what I think you're saying: "Ultimately, We don't say any of the above in the spec today, and I think that we should.
Hmm, the open question is whether or not checking is mandatory. I expect that it's not, correct? If the holder/verifier chooses to ignore I'll also note that linking to this sort of external resource has the same implications a linking to an external |
^ yes, this is the problem with both |
Of course both schemas can be ignored by the recipient. The recipient is the ultimate arbiter of what they will accept. The schema are there to help the recipient should they choose to accept it. |
@David-Chadwick let me try to refine what you have said. Both properties are option and can be ignored by a verifier, regardless of if the verifier understands them or not... is that correct? |
@OR13 What you are saying applies to all the credential metadata properties: ToU, Evidence, validity period, Status etc. So in this respect the schema properties are no different |
@David-Chadwick agreed, I filed #1027 to keep your PR clear of debate on this topic. |
The issue was discussed in a meeting on 2023-02-01
View the transcript3.1. Added presentationSchema (pr vc-data-model#987)See github pull request vc-data-model#987. Manu Sporny: Add presentationSchema. Good discussion going in this PR, it would be good for other people to weigh in. David and I have some level of agreement on what's meant by this PR.. |
Conflicts exists, we have not made progress on this item, it seems to be stalling out. |
Yes I will add this to the next revision. |
This has already been done |
I believe the best course of action is to merge #1108 (which includes |
@brentzundel If you do as you suggest then you lose all the work that has already been done on the definition of |
Why not define
There needs to be working group consensus to update the document, not just 2 implementations.
I agree with this, but the current PR is making things worse, not better in this regard, better to define things in a place where you are not blocked by the working group, show interop and adoption, then ask the working group to document it, (and they can still say no, if they don't like the idea, or are not convinced it will make things, safer / easier to use / better). The VCDM is filled with "things people thought would be useful", and we are all paying to maintain them, while acknowledging that nobody is using them currently... this needs to stop for the spec to improve. I suggest this PR be closed. |
@OR13 |
The issue was discussed in a meeting on 2023-05-17
View the transcript3.1. Added presentationSchema (pr vc-data-model#987)See github pull request vc-data-model#987. Brent Zundel: open for a while. Three people requesting changes and no one who has approved it. Manu Sporny: There are a couple things we can try, but I'm doubtful we're going to come to consensus.
Manu Sporny: I tried puting this in a PR in the reserved tables and that was objected to.
Manu Sporny: So if we couldn't get consensus there, we probably won't here. Brent Zundel: anyone opposed to pending close. David Chadwick: I thought we didn't want to lose the conversation to date. Manu Sporny: to be clear, I suggested moving to CCG as an option. Brent Zundel: I'll market this as pending close. Which will retain the conversation. Next step would be to transfer to CCG and continue incubating there. |
No objections raised to closing since being marked |
Added the presentationSchema property for presentations to complement the credentialSchema property for credentials
Preview | Diff