Remove duplicate descriptive language #183
Conversation
selfissued
requested review from
mprorock,
decentralgabe,
OR13,
tplooker and
brentzundel
There was a problem hiding this comment.
As noted many other places, just as there is no such thing as application/jpg+zip, the application/vp+ld+json+sd-jwt media type should not exist; this media type should be simply application/sd-jwt. The described reasoning behind wanting media types like application/vp+ld+json+sd-jwt would be well satisfied and better conform to RFC history by specifying profiles for the application/sd-jwt media type.
Co-authored-by: Ted Thibodeau Jr <[email protected]>
|
@TallTed wrote:
This PR does not change the media types in the specification, nor is it the right place to do so. Therefore, @TallTed, I'd ask you to withdraw your suggestions to change the media types here, since that's not the topic of the PR. If you want to discuss media types, I believe that issue #179 is already the right place to do so. Thanks. |
| @@ -700,7 +751,7 @@ <h2>Verification Methods</h2> | |||
| <h3>Verification Material</h3> | |||
|
|
|||
| <p> | |||
| Verification material SHOULD be expressed in the <code>publicKeyJwk</code> property | |||
| Verification material MUST be expressed in the <code>publicKeyJwk</code> property | |||
There was a problem hiding this comment.
I'm not sure about this. Does this prevent DIDs that do not use publicKeyJwK from creating vc-jose-cose objects?
There was a problem hiding this comment.
I'd turn the statement around. It makes it clear that DIDs used with vc-jose-cose need to support the JWK key representation. This increases interoperability.
There was a problem hiding this comment.
I prefer the SHOULD, since I don't plan to be working with JSON in the future, whenever possible.
| See <a href="https://www.ietf.org/archive/id/draft-ietf-cose-typ-header-parameter-00.html/">I-D.ietf-cose-typ-header-parameter</a> | ||
| <p> | ||
| [[RFC9052]] MAY be used to secure this media type. | ||
| The <code>typ</code> header parameter SHOULD be <code>application/vc+ld+json+cose</code>. |
There was a problem hiding this comment.
For the sake of consistency this will also need to update, depending on #184
There was a problem hiding this comment.
Overall, these changes seem excellent.
I don't think there is any normative changes here, except for the SHOULD to MUST regarding key representations...
I note that this would prevent future implementers from using a COSE Key to verify a SD-JWT.. perhaps that is acceptable.
|
@TallTed I sent some emails to the relevant lists regarding your proposal, lets continue the media type parameter discussion on #184. Can you review again (assuming we will address 184 separately before CR) ? Edit: I changed my mind, I think we need to address @TallTed 's comments in this PR, or at least have a path forward regarding profile and |
|
Open for a week, no objections, merging. |
This removes duplicate language in the description of the use of JOSE header parameters and JWT claims. In the process, I moved the "JOSE Header Parameters" section before the "Key Discovery" section.
I added missing COSE content that corresponds to existing JOSE content.
I moved the "Wallets" section nearer to the end.
I believe that this is the last thing that we must do before submitting for CR.
Fixes #135
Preview | Diff