did:web for issuer?

[bluesteens]

wallet criteria 4.1.4 Vetted Credential Issuer, Root of Trust & Securing DID:web a. These sentences should be removed, as conflicts with the point I raised in #31 (4.1.2. point b) + issuer requirements should not sit in the wallet criteria.

Credential Issuers SHALL use a DID method implementation that supports a Well-Known Uniform Resource Identifier [RFC8615] to make the identifiers well-known among the OCI trading partner. To provide the well-known mechanism, Digital Wallet Providers SHALL support the DID:web method for Credential Issuers.

CI conformance criteria are also affected 2.6 Role of Credential Issuer

OCI uses the DID:web method for the Credential Issuers as this is a method built upon proven, well-known instruments. The initial OCI implementation includes a registry with the names and DIDs of vetted Credential Issuers that have demonstrated and proven adherence with the OCI Credential Issuer Conformance Criteria. ... should be rewritten to refer to ETH-based VDR, remove did:web requirement

6.1 General Requirements

A Credential Issuer SHALL: Use the DID:web method.

[bluesteens]

relates to ticket #31 loosely related to issue: https://github.com/Open-Credentialing-Initiative/Credential-Issuer-Conformance-Criteria/issues/12

[bluesteens]

• [x] Is Issue appropriate for OCI Architecture
• [x] Create Steering-Level summary of request
• [x] Assign Size
• [x] Assign Priority
• [x] Assign Label (if needed)
• [x] OCI affected Artifacts Identified
• [ ] Assign Triage - Artifact Version Target (v x.x.x Milestone)
• [ ] Assign Triage - Interop Profile Version Target (v x.x.x Milestone)
• [ ] Create sub-project (if needed)

Affected Parties (help determine Sunrise/Sunset):

• [ ] Trading Partners
• [ ] Issuers
• [ ] Wallet Solutions
• [ ] PI Verification Solutions

[rceleste125]

Steering Summary:

1. Remove the limitation for issuers to be limited to use DID:Web method only (allow all OCI supported methods)
2. Define what "Support" means for a Wallet.

[bluesteens]

4.1.4 also states

To enable Digital Wallet Providers to accept credentials issued from a vetted Credential Issuer only, OCI SHALL implement and maintain a Trusted Credential Issuer registry (see next section).

this is not a wallet criterion but was an OCI aspiration, which has now materialsed and is explained in section 4.1.5 the review of 4.1.4 should question whether this section is still needed.

[bluesteens]

edits on branch https://github.com/Open-Credentialing-Initiative/Digital-Wallet-Conformance-Criteria/tree/bluesteens-did-methods

[bluesteens]

edits to issuer criteria: https://github.com/Open-Credentialing-Initiative/Credential-Issuer-Conformance-Criteria/pull/15

[bluesteens]

repeated edits to issuer criteria: https://github.com/Open-Credentialing-Initiative/Credential-Issuer-Conformance-Criteria/pull/20