Open npdoty opened 1 week ago
committing to support of the ISO mDoc format or associated protocols
If we removed from the text the reference to e.g. ISO mDocs
, but kept the requirement of at least two formats
, would that address your concern (of the fact that those specs aren't easily publicly accessible
)?
Are there multiple formats beyond W3C VC and ISO mDoc being considered?
Are there multiple formats beyond W3C VC and ISO mDoc being considered?
I think any format that is usable by OpenID4VP is fair game to be considered [0].
I think it would be fair to say that ISO mDocs does come up more often than not, specifically in the context of European deployments, but I don't think we need to, as you suggest, "over-commit" on a specific one (whereas I do believe that we should "over-commit" on the fact that the WG should assume that there will be more than one).
[0]
This specification supports any Credential format used in the Issuer-Holder-Verifier Model, including, but not limited to those defined in [VC_DATA] (VCDM), [ISO.18013-5] (mdoc), [I-D.ietf-oauth-sd-jwt-vc] (SD-JWT VC), and [Hyperledger.Indy] (AnonCreds). Credentials of multiple formats can be presented in the same transaction. The examples given in the main part of this specification use W3C Verifiable Credentials, while examples in other Credential formats are given in Appendix A.
Hi all,
This is the latest PR to integrate also the OpenID4VP thing.
https://github.com/w3c/charter-drafts/pull/542
We'll review today in the call
My concern was that the group might choose to support formats that don't provide the necessary privacy capabilities for selective disclosure or unlinkable presentation or formats that aren't publicly accessible or haven't received broad review for issues like privacy.
The charter could commit the group to coming up with a design agnostic to formats, but also note that it should only support formats that satisfy the group's requirements.
The charter could commit the group to coming up with a design agnostic to formats, but also note that it should only support formats that satisfy the group's requirements.
I think this would work.
I'm not sure there is consensus on which formats or whether multiple formats will be supported.
I would be concerned about committing to support of the ISO mDoc format or associated protocols, as those specs aren't easily publicly accessible, and haven't gone through our privacy reviews.