Open dwight-holman opened 2 years ago
In addition to the requirements of section 9.1.1, the POST must include the header "content-type: application/json"
Note that the expected format of the "entries" is Commit or Write messages, so the "data" field is required and contains the encoded credential.
@Sakurann to clarify and add to profile for client implementers
@dwight-holman to make a PR instead
I think we need add something to the effect of
I'm not sure if verifiers need or want to implement permissions grants and whatnot given that status list credentials should be world readable, and authenticating as a particular verifier could have privacy concerns.