Registry for VP and VC types

decentralized-identity / presentation-exchange

Specification that codifies an inter-related pair of data formats for defining proof presentations (Presentation Definition) and subsequent proof submissions (Presentation Submission)

https://identity.foundation/presentation-exchange

Apache License 2.0

84 stars 37 forks source link

Registry for VP and VC types #340

Closed tlodderstedt closed 2 years ago

tlodderstedt commented 2 years ago

The PE spec currently "hard-codes" format identifiers for a couple of credential and presentation formats. This prevents implementers from using PE with other formats. As discussed at IIW, I suggest to introduce a registry to allow for extensibility.

Here are examples of how PEW could be used for other credentials: https://openid.net/specs/openid-connect-4-verifiable-presentations-1_0.html#name-alternative-credential-form

brentzundel commented 2 years ago

for v2, we will raise a PR to clarify the claim format section to indicate that the formats listed may not be the only acceptable options, SHOULD use the ones in the spec.

bumblefudge commented 2 years ago

@tlodderstedt on re-reading, I think the idea of a registry might be an interesting option, and DIF has lately been trying to establish a precedent and method for registry management, maybe we should discuss out-of-band what a registry would look like that facilitated harmonization between non-PE OIDC implementations and non-OIDC PE implementations? seems a broader issue than the one-line editorial PR that will close this issue 😄

kimdhamilton commented 2 years ago

I'm interested in a registry as well. Question: is that a new work item / repo?

bumblefudge commented 2 years ago

It certainly would be a separate repo tracked by the C&C WG as a distinct work item, although it would probably be discussed on the same call by the same group...

bumblefudge commented 2 years ago

@tlodderstedt , if you're asking for this group (the PE work item) to open a lightweight repo and point to it from the spec before v2 is finalized, i think we could. Unless you were asking for something different?

tlodderstedt commented 2 years ago

Hi,

at IIW we discussed the idea of using an IANA registry for that purpose. Mike Jones offered assistance as he is very experienced with this kind of registries.

best regards, Torsten.

selfissued commented 2 years ago

Creating an IANA registry takes an RFC. But there's precedent for creating such RFCs to establish registries. For instance, the W3C WebAuthn WG created https://datatracker.ietf.org/doc/html/rfc8809 to establish IANA registries that it could use. We could do the same.