From 91bdf57d050b24985f8388b601e8cff4d66cffd5 Mon Sep 17 00:00:00 2001 From: Stefan Charsley Date: Fri, 15 Nov 2024 08:09:01 +0000 Subject: [PATCH 1/3] change media type `vc+sd-jwt` to `dc+sd-jwt` Signed-off-by: Stefan Charsley --- .../client_metadata/sd_jwt_vc_verifier_metadata.json | 2 +- .../signed_request_payload.json | 2 +- examples/query_lang/claims_alternatives.json | 2 +- examples/query_lang/credentials_alternatives.json | 10 +++++----- examples/query_lang/multi_credentials.json | 2 +- examples/query_lang/simple.json | 2 +- examples/query_lang/value_matching_simple.json | 2 +- examples/request/pd_sd_jwt_vc.json | 2 +- .../response/presentation_submission_multiple_vps.json | 2 +- examples/response/ps_sd_jwt_vc.json | 2 +- openid-4-verifiable-presentations-1_0.md | 9 +++++---- 11 files changed, 19 insertions(+), 18 deletions(-) diff --git a/examples/client_metadata/sd_jwt_vc_verifier_metadata.json b/examples/client_metadata/sd_jwt_vc_verifier_metadata.json index b3bd6682..162f75da 100644 --- a/examples/client_metadata/sd_jwt_vc_verifier_metadata.json +++ b/examples/client_metadata/sd_jwt_vc_verifier_metadata.json @@ -1,6 +1,6 @@ { "vp_formats": { - "vc+sd-jwt": { + "dc+sd-jwt": { "sd-jwt_alg_values": ["ES256", "ES384"], "kb-jwt_alg_values": ["ES256", "ES384"] } diff --git a/examples/digital_credentials_api/signed_request_payload.json b/examples/digital_credentials_api/signed_request_payload.json index 60a7fd18..4aa80d4c 100644 --- a/examples/digital_credentials_api/signed_request_payload.json +++ b/examples/digital_credentials_api/signed_request_payload.json @@ -9,7 +9,7 @@ "nonce": "n-0S6_WzA2Mj", "client_metadata": { "vp_formats": { - "vc+sd-jwt": { + "dc+sd-jwt": { "sd-jwt_alg_values": [ "PS256" ], "kb-jwt_alg_values": [ "PS256" ] } diff --git a/examples/query_lang/claims_alternatives.json b/examples/query_lang/claims_alternatives.json index 36ac2217..7a31ca69 100644 --- a/examples/query_lang/claims_alternatives.json +++ b/examples/query_lang/claims_alternatives.json @@ -2,7 +2,7 @@ "credentials": [ { "id": "pid", - "format": "vc+sd-jwt", + "format": "dc+sd-jwt", "meta": { "vct_values": [ "https://credentials.example.com/identity_credential" ] }, diff --git a/examples/query_lang/credentials_alternatives.json b/examples/query_lang/credentials_alternatives.json index cdbec8df..f93049a2 100644 --- a/examples/query_lang/credentials_alternatives.json +++ b/examples/query_lang/credentials_alternatives.json @@ -2,7 +2,7 @@ "credentials": [ { "id": "pid", - "format": "vc+sd-jwt", + "format": "dc+sd-jwt", "meta": { "vct_values": ["https://credentials.example.com/identity_credential"] }, @@ -14,7 +14,7 @@ }, { "id": "other_pid", - "format": "vc+sd-jwt", + "format": "dc+sd-jwt", "meta": { "vct_values": ["https://othercredentials.example/pid"] }, @@ -26,7 +26,7 @@ }, { "id": "pid_reduced_cred_1", - "format": "vc+sd-jwt", + "format": "dc+sd-jwt", "meta": { "vct_values": ["https://credentials.example.com/reduced_identity_credential"] }, @@ -37,7 +37,7 @@ }, { "id": "pid_reduced_cred_2", - "format": "vc+sd-jwt", + "format": "dc+sd-jwt", "meta": { "vct_values": ["https://cred.example/residence_credential"] }, @@ -49,7 +49,7 @@ }, { "id": "nice_to_have", - "format": "vc+sd-jwt", + "format": "dc+sd-jwt", "meta": { "vct_values": ["https://company.example/company_rewards"] }, diff --git a/examples/query_lang/multi_credentials.json b/examples/query_lang/multi_credentials.json index b62b25eb..09542244 100644 --- a/examples/query_lang/multi_credentials.json +++ b/examples/query_lang/multi_credentials.json @@ -2,7 +2,7 @@ "credentials": [ { "id": "pid", - "format": "vc+sd-jwt", + "format": "dc+sd-jwt", "meta": { "vct_values": ["https://credentials.example.com/identity_credential"] }, diff --git a/examples/query_lang/simple.json b/examples/query_lang/simple.json index 8c0a00e7..a26cfebe 100644 --- a/examples/query_lang/simple.json +++ b/examples/query_lang/simple.json @@ -2,7 +2,7 @@ "credentials": [ { "id": "my_credential", - "format": "vc+sd-jwt", + "format": "dc+sd-jwt", "meta": { "vct_values": [ "https://credentials.example.com/identity_credential" ] }, diff --git a/examples/query_lang/value_matching_simple.json b/examples/query_lang/value_matching_simple.json index b4d26f3f..1aca76bd 100644 --- a/examples/query_lang/value_matching_simple.json +++ b/examples/query_lang/value_matching_simple.json @@ -2,7 +2,7 @@ "credentials": [ { "id": "my_credential", - "format": "vc+sd-jwt", + "format": "dc+sd-jwt", "meta": { "vct_values": [ "https://credentials.example.com/identity_credential" ] }, diff --git a/examples/request/pd_sd_jwt_vc.json b/examples/request/pd_sd_jwt_vc.json index 20419253..0595e3a2 100644 --- a/examples/request/pd_sd_jwt_vc.json +++ b/examples/request/pd_sd_jwt_vc.json @@ -4,7 +4,7 @@ { "id": "identity_credential", "format": { - "vc+sd-jwt": { + "dc+sd-jwt": { "sd-jwt_alg_values": ["ES256", "ES384"], "kb-jwt_alg_values": ["ES256", "ES384"] } diff --git a/examples/response/presentation_submission_multiple_vps.json b/examples/response/presentation_submission_multiple_vps.json index f02d6e1a..70e4e8f1 100644 --- a/examples/response/presentation_submission_multiple_vps.json +++ b/examples/response/presentation_submission_multiple_vps.json @@ -13,7 +13,7 @@ }, { "id": "Example credential disclosing only address", - "format": "vc+sd-jwt", + "format": "dc+sd-jwt", "path": "$[1]" } ] diff --git a/examples/response/ps_sd_jwt_vc.json b/examples/response/ps_sd_jwt_vc.json index eae78b78..1876d22f 100644 --- a/examples/response/ps_sd_jwt_vc.json +++ b/examples/response/ps_sd_jwt_vc.json @@ -5,7 +5,7 @@ { "id": "identity_credential", "path": "$", - "format": "vc+sd-jwt" + "format": "dc+sd-jwt" } ] } \ No newline at end of file diff --git a/openid-4-verifiable-presentations-1_0.md b/openid-4-verifiable-presentations-1_0.md index 16c33ff6..f815dc37 100644 --- a/openid-4-verifiable-presentations-1_0.md +++ b/openid-4-verifiable-presentations-1_0.md @@ -929,7 +929,7 @@ claims: ## DCQL Examples {#dcql_query_example} The following is a non-normative example of a DCQL query that requests a Verifiable -Credential of the format `vc+sd-jwt` with a type value of +Credential of the format `dc+sd-jwt` with a type value of `https://credentials.example.com/identity_credential` and the claims `last_name`, `first_name`, and `address.street_address`: @@ -2242,7 +2242,7 @@ This section defines how Credentials complying with [@!I-D.ietf-oauth-sd-jwt-vc] ### Format Identifier -The Credential format identifier is `vc+sd-jwt`. +The Credential format identifier is `dc+sd-jwt`. #### Example Credential @@ -2287,7 +2287,7 @@ __Claim `birthdate`__: ### Verifier Metadata -The `format` value in the `vp_formats` parameter of the Verifier metadata MUST have the key `vc+sd-jwt`, and the value is an object consisting of the following name/value pairs: +The `format` value in the `vp_formats` parameter of the Verifier metadata MUST have the key `dc+sd-jwt`, and the value is an object consisting of the following name/value pairs: * `sd-jwt_alg_values`: OPTIONAL. A JSON array containing identifiers of cryptographic algorithms the Verifier supports for signing of an Issuer-signed JWT of an SD-JWT. If present, the `alg` JOSE header (as defined in [@!RFC7515]) of the Issuer-signed JWT of the presented SD-JWT MUST match one of the array values. * `kb-jwt_alg_values`: OPTIONAL. A JSON array containing identifiers of cryptographic algorithms the Verifier supports for signing of a Key Binding JWT (KB-JWT). If present, the `alg` JOSE header (as defined in [@!RFC7515]) of the presented KB-JWT MUST match one of the array values. @@ -2313,7 +2313,7 @@ The following is a non-normative example of the contents of a `presentation_defi <{{examples/request/pd_sd_jwt_vc.json}} -The presentation of an IETF SD-JWT VC is requested by adding an object named `vc+sd-jwt` to the `format` object of an `input_descriptor`. The `input_descriptor` value is applied to the unsecured payload of the IETF SD-JWT VC which correspond to the disclosures of the presented SD-JWT VC. +The presentation of an IETF SD-JWT VC is requested by adding an object named `dc+sd-jwt` to the `format` object of an `input_descriptor`. The `input_descriptor` value is applied to the unsecured payload of the IETF SD-JWT VC which correspond to the disclosures of the presented SD-JWT VC. Setting `limit_disclosure` property defined in [@!DIF.PresentationExchange] to `required` enables selective release by instructing the Wallet to submit only the disclosures for the matching claims specified in the fields array. The unsecured payload of an IETF SD-JWT VC is used to perform the matching. @@ -2677,6 +2677,7 @@ The technology described in this specification was made available from contribut -23 * add `transaction_data` & `dcql_query` to list of allowed parameters in W3C Digital Credentials API appendix + * change media type `vc+sd-jwt` to `dc+sd-jwt` to align with draft 06 of [@!I-D.ietf-oauth-sd-jwt-vc] -22 From 8dccab035ccbab81fee5c8065e30742467d55379 Mon Sep 17 00:00:00 2001 From: Stefan Charsley Date: Fri, 15 Nov 2024 09:27:33 +0000 Subject: [PATCH 2/3] update example Signed-off-by: Stefan Charsley --- examples/response/token_response_vp_token_sd_jwt_vc.txt | 6 +++--- examples/response/vp_token_multiple_vps.json | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/examples/response/token_response_vp_token_sd_jwt_vc.txt b/examples/response/token_response_vp_token_sd_jwt_vc.txt index d99aca82..a590df21 100644 --- a/examples/response/token_response_vp_token_sd_jwt_vc.txt +++ b/examples/response/token_response_vp_token_sd_jwt_vc.txt @@ -1,4 +1,4 @@ -eyJhbGciOiAiRVMyNTYiLCAidHlwIjogInZjK3NkLWp3dCIsICJraWQiOiAiZG9jLXNp +eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImRjK3NkLWp3dCIsICJraWQiOiAiZG9jLXNp Z25lci0wNS0yNS0yMDIyIn0.eyJfc2QiOiBbIjNvVUNuYUt0N3dxREt1eWgtTGdRb3p6 ZmhnYjhnTzVOaS1SQ1dzV1cydkEiLCAiOHo4ejlYOWpVdGI5OWdqZWpDd0ZBR3o0YXFs SGYtc0NxUTZlTV9xbXBVUSIsICJDeHE0ODcyVVhYbmdHVUxUX2tsOGZkd1ZGa3lLNkFK @@ -13,8 +13,8 @@ bXBsZS5jb20vaWRlbnRpdHlfY3JlZGVudGlhbCIsICJfc2RfYWxnIjogInNoYS0yNTYi LCAiY25mIjogeyJqd2siOiB7Imt0eSI6ICJFQyIsICJjcnYiOiAiUC0yNTYiLCAieCI6 ICJUQ0FFUjE5WnZ1M09IRjRqNFc0dmZTVm9ISVAxSUxpbERsczd2Q2VHZW1jIiwgInki OiAiWnhqaVdXYlpNUUdIVldLVlE0aGJTSWlyc1ZmdWVjQ0U2dDRqVDlGMkhaUSJ9fX0. -hBeB-fuMsIQ82QIE_674CSPIufs7w0D9CdfGdP_tGyBVp_vTSlbWb9MInFKSZ6Y3ie-r -0MMeSSEHyuUz9WNGSQ~WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uY +8eHLENOFGlZ7dcHSOCYzTu6BuBN8PqYnJCcPgGUh6XoxF6U6S5NVZq40cuLyvJqHZ56x +DGeQch0lBjLRKvS4Rw~WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uY W1lIiwgIkRvZSJd~WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUi LCAiSm9obiJd~eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImtiK2p3dCJ9.eyJub25jZS I6ICJuLTBTNl9XekEyTWoiLCAiYXVkIjogImh0dHBzOi8vZXhhbXBsZS5jb20vdmVyaW diff --git a/examples/response/vp_token_multiple_vps.json b/examples/response/vp_token_multiple_vps.json index 0a8bf239..c4d314f2 100644 --- a/examples/response/vp_token_multiple_vps.json +++ b/examples/response/vp_token_multiple_vps.json @@ -47,7 +47,7 @@ "verificationMethod": "did:example:holder#key-1" } }, - "eyJhbGciOiAiRVMyNTYiLCAidHlwIjogInZjK3NkLWp3dCIsICJraWQiOiAiZG9jLXNp + "eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImRjK3NkLWp3dCIsICJraWQiOiAiZG9jLXNp Z25lci0wNS0yNS0yMDIyIn0.eyJfc2QiOiBbIjA5dktySk1PbHlUV00wc2pwdV9wZE9C VkJRMk0xeTNLaHBINTE1blhrcFkiLCAiMnJzakdiYUMwa3k4bVQwcEpyUGlvV1RxMF9k YXcxc1g3NnBvVWxnQ3diSSIsICJFa084ZGhXMGRIRUpidlVIbEVfVkNldUM5dVJFTE9p @@ -62,9 +62,9 @@ LmNvbS9pZGVudGl0eV9jcmVkZW50aWFsIiwgIl9zZF9hbGciOiAic2hhLTI1NiIsICJj bmYiOiB7Imp3ayI6IHsia3R5IjogIkVDIiwgImNydiI6ICJQLTI1NiIsICJ4IjogIlRD QUVSMTladnUzT0hGNGo0VzR2ZlNWb0hJUDFJTGlsRGxzN3ZDZUdlbWMiLCAieSI6ICJa - eGppV1diWk1RR0hWV0tWUTRoYlNJaXJzVmZ1ZWNDRTZ0NGpUOUYySFpRIn19fQ.D43eE - W1ae2yAzhzriJuBz-_cgX1wwNJIgNMjsdO28QE0fU8KC8ugjTPaylIp48HMVS0xV2wDQ - 9bl1zFzlbDULg~WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImFkZHJlc3MiLCB7In + eGppV1diWk1RR0hWV0tWUTRoYlNJaXJzVmZ1ZWNDRTZ0NGpUOUYySFpRIn19fQ.BfCz7 + bTCeExVLQUXuOUNSlPTD_xMraWG1nb7hPx-jbHXNY9hnu6sl3idGcqHF8LIKWD9OOvO- + oJMS0XfLlBwsg~WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImFkZHJlc3MiLCB7In N0cmVldF9hZGRyZXNzIjogIjEyMyBNYWluIFN0IiwgImxvY2FsaXR5IjogIkFueXRvd2 4iLCAicmVnaW9uIjogIkFueXN0YXRlIiwgImNvdW50cnkiOiAiVVMifV0~eyJhbGciOi AiRVMyNTYiLCAidHlwIjogImtiK2p3dCJ9.eyJub25jZSI6ICIxMjM0NTY3ODkwIiwgI From 9093e992fcfbc202f65b3c577cc0ff3c46916cb3 Mon Sep 17 00:00:00 2001 From: Stefan Charsley Date: Tue, 19 Nov 2024 19:43:09 +0000 Subject: [PATCH 3/3] apply changes from pr review Signed-off-by: Stefan Charsley --- openid-4-verifiable-presentations-1_0.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openid-4-verifiable-presentations-1_0.md b/openid-4-verifiable-presentations-1_0.md index 9ab21649..42ef8396 100644 --- a/openid-4-verifiable-presentations-1_0.md +++ b/openid-4-verifiable-presentations-1_0.md @@ -2678,7 +2678,7 @@ The technology described in this specification was made available from contribut * fixed percent-encoding of URI examples * add `transaction_data` & `dcql_query` to list of allowed parameters in W3C Digital Credentials API appendix - * change media type `vc+sd-jwt` to `dc+sd-jwt` to align with draft 06 of [@!I-D.ietf-oauth-sd-jwt-vc] + * change credential format identifier `vc+sd-jwt` to `dc+sd-jwt` to align with the media type in draft -06 of [@I-D.ietf-oauth-sd-jwt-vc] and update `typ` accordingly in examples -22