search

openid / OpenID4VCI

60 stars 16 forks source link

Update to W3C VC DMv2 #194

Open David-Chadwick opened 7 months ago

David-Chadwick commented 7 months ago

The current specification is based on the W3C VC DM v1.

The W3C VC DM v2 is about to be published as a Candidate Recommendation. It contains a number of differences to the v1 DM. Importantly all VC DM v2 VCs must have an @context property. More importantly, securing them using SD-JWT is indicated in a different way to securing a non-W3C VC with SD-JWT. Specifically the typ is set to vc+ld+json+sd-jwt (in the latest draft version of the specification), rather than vc+sd-jwt which is used by the SD-JWT VC draft.

Therefore a number of changes will be needed to the OpenID4VCI specification if it is to cater for the W3C VC DM v2.

This issue is a placeholder to indicate that some changes will be needed in order to accommodate the W3C VC DM v2.

selfissued commented 7 months ago

The spec actually refers to both VCDM 1.1 and VCDM 2.0 at present. I agree that we will probably want to do a harmonization pass once VCDM 2.0 is a Candidate Recommendation.

babisRoutis commented 5 months ago

Importantly all VC DM v2 VCs must have an @context property. More importantly, securing them using SD-JWT is indicated in a different way to securing a non-W3C VC with SD-JWT. Specifically the typ is set to vc+ld+json+sd-jwt (in the latest draft version of the specification), rather than vc+sd-jwt which is used by the SD-JWT VC draft.

@David-Chadwick Given that SD-JWT-VC is a credential format, not related to W3C VC DM (1.1 or 2.0) and given that VCI has already different appendixes for them, I don't understand your point. Why would somebody confuse W3C VC 2.0 that use SD-JWT, with SD-JWT-VC?

David-Chadwick commented 5 months ago

They already do confuse the two!

Sakurann commented 5 months ago

Why would somebody confuse W3C VC 2.0 that use SD-JWT, with SD-JWT-VC?

+1. the payload is very different.

Sakurann commented 5 months ago

we'll probably need to discuss if we want to replace VCDM v1.1 credential format profile with VCDM v2.0 (pretty big change) or add a new credential format profile for VCDM v2.0. technically, the former is probably more appropriate because VCDM 2.0 is supposed to replace v1.1, but I think it will be more confusing because it's not like all v1.1 implementations will upgrade to v2.0 at the same time, so I do see the benefit of keeping VCDM v1.1 format profile

David-Chadwick commented 5 months ago

I am happy if you add a new VCDMv2 profile so that the spec can cater for both W3C VC implementations.