Use of ARF (EUDI wallet) techno

[ThierryThevenet]

The EU has chosen VC with the jwt format and the OIDC4VC protocols for authentication, issuance and exchange for VCs. Gaia-x will also use it as it is now the EU framework for SSI throuhj the EUDI wallet. er.

[jdsika]

https://openid.net/specs/openid-connect-self-issued-v2-1_0.html

https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html

https://www.npmjs.com/package/jose

[jdsika]

Rephrasing it in order to see if I get it:

The verified credential(VC) defined by W3C DID Core is currently encoded into a json-ld schema. The verification is done by a library which is the DIDKit from Spruce (SIWE). There are other specifications from the OpenID Group which define the encoding of the VC into a jwt like schema (link of the spec above). We should move to the vc-jwt schema and use a library like jose to verifiy it and drop the DID Kit?

[ThierryThevenet]

Yes Jsonld format VCs has been rejected by EU as too complex, not matured enough, etc They decided to us JWT format VCs which are also in the w3c specifications For protocols the only real open standards is OpenID4VC . The other choice was DIDcomm too complex and not matured enough. The JWT format includes a jdonld vc as an attribut "vc" in the JWT but the signature is a standard JoSE signature. No context needed to sign. No need of didkit.

[jdsika]

Questions: 1) by "the EU" do you mean this consortia here? https://eudiwalletconsortium.org/about-us/members/ 2) JoSE is referring to the standards and not the library (npm package "jose")?

Article: https://www.redhat.com/en/blog/jose-json-object-signing-and-encryption

[ThierryThevenet]

From my point of view that is a good choice to make SSI mainstream. Pure player will say that is not as clean as jsonld/didcomm but id SSI is too complex to implement that will be an issue with end users

[ThierryThevenet]

https://digital-strategy.ec.europa.eu/en/library/european-digital-identity-wallet-architecture-and-reference-framework 

Le mercredi, juin 28, 2023, 2:53 PM, Carlo van Driesten @.***> a écrit :

by "the EU" do you mean this consortia here? https://eudiwalletconsortium.org/about-us/members/

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you authored the thread.Message ID: @.***>

[jdsika]

https://digital-strategy.ec.europa.eu/en/library/european-digital-identity-wallet-architecture-and-reference-framework

@singhparshant this is something you could have a look at if you have time and create Issues describing the necessary changes to gx-credentials

[jdsika]

https://ec.europa.eu/commission/presscorner/detail/en/ip_23_5651