Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Conformance classes #231

Merged
merged 11 commits into from
Feb 20, 2024
Merged

Add Conformance classes #231

Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
45d2ebf
Add Conformance classes
brentzundel Feb 13, 2024
8bc1b9b
fix conforming CWT verifier
brentzundel Feb 13, 2024
bc6f2d9
fix COSE->CWT
brentzundel Feb 13, 2024
776c486
remove extra quote
brentzundel Feb 13, 2024
489f2b5
remove extra quote
brentzundel Feb 13, 2024
6e6e696
move conforming verifier to securing sections
brentzundel Feb 13, 2024
525bd52
Apply suggestions from code review
brentzundel Feb 14, 2024
60f670d
remove conformance section to see if it builds
brentzundel Feb 14, 2024
6045bb2
add section back in
brentzundel Feb 14, 2024
aad0e6d
comnine confomrance sections
brentzundel Feb 14, 2024
e17638d
Merge branch 'main' into issue-202
brentzundel Feb 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 50 additions & 7 deletions index.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -189,6 +189,7 @@ <h2>Introduction</h2>
confidentiality of CBOR data by encrypting it with symmetric or
asymmetric encryption algorithms.
</p>

</section>

<section>
Expand Down Expand Up @@ -228,7 +229,7 @@ <h2>Securing the VC Data Model</h2>
<p>
If implementations do not know which media type to use, media types defined in this specification MUST be used.
</p>
<section>
<section id="secure-with-jose">
<h2>With JOSE</h2>
<section>
<h2>Securing JSON-LD Verifiable Credentials with JOSE</h2>
Expand All @@ -237,14 +238,16 @@ <h2>Securing JSON-LD Verifiable Credentials with JOSE</h2>
to [[VC-DATA-MODEL-2.0]].
</p>
<p>
[[RFC7515]] MAY be used to secure this media type.
A [=conforming JWS issuer implementation=] MUST use [[RFC7515]] to secure this media type.
The <code>typ</code> header parameter SHOULD be <code>vc+ld+json+sd-jwt</code>.
When present, the <code>cty</code> header parameter SHOULD be <code>vc+ld+json</code>.
See <a data-cite="RFC7515#section-4.1">Registered Header Parameter Names</a>
for additional details regarding usage of <code>typ</code> and
<code>cty</code>.
</p>

<p>
A [=conforming JWS verifier implementation=] MUST use [[RFC7515]] to verify [=conforming JWS documents=] that use this media type.
</p>
<pre class="example vc-jose-cose" title="A simple example of a verifiable credential">
{
"@context": [
Expand Down Expand Up @@ -283,13 +286,16 @@ <h2>Securing JSON-LD Verifiable Presentations with JOSE</h2>
to [[VC-DATA-MODEL-2.0]].
</p>
<p>
[[RFC7515]] MAY be used to secure this media type.
A [=conforming JWS issuer implementation=] MUST use [[RFC7515]] to secure this media type.
The <code>typ</code> header parameter SHOULD be <code>vp+ld+json+sd-jwt</code>.
When present, the <code>cty</code> header parameter SHOULD be <code>vp+ld+json</code>.
See <a data-cite="RFC7515#section-4.1">Registered Header Parameter Names</a>
for additional details regarding usage of <code>typ</code> and
<code>cty</code>.
</p>
<p>
A [=conforming JWS verifier implementation=] MUST use [[RFC7515]] to verify [=conforming JWS documents=] that use this media type.
</p>
<p>
Credentials in verifiable presentations MUST use the <a data-cite="VC-DATA-MODEL-2.0/#defn-EnvelopedVerifiableCredential">Enveloped Verifiable Credential</a>
type defined by the [[VC-DATA-MODEL-2.0]].
Expand Down Expand Up @@ -325,7 +331,7 @@ <h2>Securing JSON-LD Verifiable Presentations with JOSE</h2>
</p>
</section>
</section>
<section>
<section id="secure-with-cose">
<h2>With COSE</h2>
<p>
COSE [[RFC9052]] is a common approach to encoding and securing
Expand All @@ -342,14 +348,17 @@ <h2>Securing JSON-LD Verifiable Credentials with COSE</h2>
with COSE.
</p>
<p>
[[RFC9052]] MAY be used to secure this media type.
A [=conforming CWT issuer implementation=] MUST use COSE_Sign1 as specified in [[RFC9052]] to secure this media type.
The <code>typ</code> header parameter SHOULD be <code>application/vc+ld+json+cose</code>.
See <a href="https://www.ietf.org/archive/id/draft-ietf-cose-typ-header-parameter-01.html">I-D.ietf-cose-typ-header-parameter</a>
for the COSE "<code>typ</code>" (type) header parameter.
When present, the <code>content type (3)</code> header parameter
SHOULD be <code>application/vc+ld+json</code>.
See <a data-cite="RFC9052#section-3.1">Common COSE Header Parameters</a> for additional details.
</p>
<p>
A [=conforming CWT verifier implementation=] MUST use COSE_Sign1 as specified in [[RFC9052]] to verify [=conforming CWT documents=] that use this media type.
</p>
</section>

<section>
Expand All @@ -359,11 +368,14 @@ <h2>Securing JSON-LD Verifiable Presentations with COSE</h2>
to [[VC-DATA-MODEL-2.0]].
</p>
<p>
[[RFC9052]] MAY be used to secure this media type.
A [=conforming CWT issuer implementation=] MUST use COSE_Sign1 as specified in [[RFC9052]] to secure this media type.
The <code>typ</code> header parameter SHOULD be <code>application/vp+ld+json+sd-jwt</code>.
When present, the <code>cty</code> header parameter SHOULD be <code>application/vp+ld+json</code>.
See <a data-cite="RFC9052#section-3.1">Common COSE Header Parameters</a> for additional details.
</p>
<p>
A [=conforming CWT verifier implementation=] MUST use COSE_Sign1 as specified in [[RFC9052]] to verify [=conforming CWT documents=] that use this media type.
</p>
<p>
Credentials in verifiable presentations MUST use the <a data-cite="VC-DATA-MODEL-2.0/#defn-EnvelopedVerifiableCredential">Enveloped Verifiable Credential</a>
type defined by the [[VC-DATA-MODEL-2.0]].
Expand Down Expand Up @@ -1121,6 +1133,37 @@ <h2>Assertion</h2>
</section>

<section id="conformance">
<section class="normative">
<h2>Conformance Classes</h2>
<p>
A <dfn>conforming JWS document</dfn> is one that conforms to all of the
"MUST" statements in Section <a href="secure-with-jose"></a>.
</p>
<p>
A <dfn>conforming CWT document</dfn> is one that conforms to all of the
"MUST" statements in Section <a href="secure-with-cose"></a>.
</p>
<p>
A <dfn>conforming JWS issuer implementation</dfn> produces
[=conforming JWS documents=] and MUST secure them as described in Section
<a href="secure-with-jose"></a>.
</p>
<p>
A <dfn>conforming JWS verifier implementation</dfn> verifies
[=conforming JWS documents=] as described in Section
<a href="secure-with-jose"></a>.
</p>
<p>
A <dfn>conforming CWT issuer implementation</dfn> produces
[=conforming CWT documents=] and MUST secure them as described in Section
<a href="secure-with-cose"></a>.
</p>
<p>
A <dfn>conforming CWT verifier implementation</dfn> verifies
[=conforming CWT documents=] as described in Section
<a href="secure-with-cose"></a>.
</p>
</section>
<section class="normative">
<h2>Securing Verifiable Credentials</h2>
<p>The <a data-cite="VC-DATA-MODEL-2.0#proof-formats"></a> describes the approach taken by JSON Web
Expand Down
Loading