search

nuts-foundation / nuts-node

The reference implementation of the Nuts specification. A decentralized identity network based on the w3c ssi concepts with practical functionality for the healthcare domain.
https://nuts-foundation.gitbook.io
GNU General Public License v3.0
23 stars 15 forks source link

VCR: Make VC validators pluggable (and not hardcoded) #1505

Closed reinkrul closed 2 weeks ago

reinkrul commented 1 year ago

We have hardcoded validators for NutsAuthorizationCredentials and NutsOrganizationCredentials (and a base validator for any credential). These VC-type-specific validators shouldn't be hardcoded into the Nuts Node: it makes introducing new versions (through releasing a new JSON-LD context version) error-prone and unpractical, because it requires a Nuts Node released.

Validating VC types is a good feature to prevent (hard to debug) mistakes, but the validation rules should be externalized, so they become configuration of the Nuts Node, rather than hardcoded functionality.

Options:

woutslakhorst commented 2 weeks ago

Won't fix. Issuers are responsible and if self issued then the authorization policy should do it.