Open Sakurann opened 1 year ago
@Sakurann @tplooker Do you have any updates on this topic?
The absolute DID URI vs relative DID URI for the kid is causing ambiguity. It would be good if this profile explicitly stated support for relative URIs (and any needed implementation guidance on how to support relative URIs for the kid).
From the above, I assume there to be a preference for relative URI.
Is it also the case that absolute URIs continue to need acceptance? If so, should we restrict the absolute URIs to also contain (be prefixed by) the issuer URI.
Topics:
The
kid
MAY be a relative URI. In this case, thekid
is treated as being relative to the issuer URI contained withiniss
.
The
kid
SHOULD be a relative URI...
The
kid
MAY be an absolute URI. In this case, thekid
MUST be a URI that is prefixed by the issuer URI contained withiniss
.
Im in favour of less options here, the value of kid should be relative to the iss value, absolute urls is just a recipe for implementation mistakes, is there any reason we wouldn't just require relative URL's here?
I think we need to wait for a resolution on https://github.com/w3c/vc-data-model/issues/914 before we merge this PR.
FWIW, I agree with Tobias, it should be relative or absolute, not either. and I am personally in favor of relative URL
breaking change for the wallet, if we make this change, the header must change.
Use relative DID URL instead of an absolute DID URL to prevent verifiers not checking
iss
in the body and only DID inkid
. (cc @tplooker )