Potentially illegal configurations

[jogu]

I think some configurations should be illegal but I'm not sure the spec says that today. An example would be an 'address' object that is marked authoritative, but also has a field within it that's marked as self-attested, i.e.

 "claims":{
    "/address":{
      "display":{
        "en-US":{
          "label":"Address",
          "description":"Address at the time of graduation"
        }
      },
      "verification":"authoritative",
      "sd":"always"
    },
    "/address/street_address":{
      "display":{
        "en-US":{
          "label":"Street Address"
        }
      },
      "verification":"self-attested",
      "sd":"always"
    }

I think that probably shouldn't be allowed, it feels difficult to verifiers to reason about.

[babisRoutis]

Perhaps, there should be some rules for the verification values of sub-claims.

Some ideas :

• If a sub-claim omits verification attribute, the verification value of its parent is being inherited
• A claim with verification X (not null) can contain only sub-claims of the same verification value (explicit or implicit)

Furthermore, would it make sense to have a top-level optional verification attribute, effectively marking all claims ? For example, marking all claims of PID or mDL as authoritative