Request registration of vp content type

w3c / vc-jose-cose

Verifiable Credentials Working Group — VC JSON Web Tokens specification

https://w3c.github.io/vc-jose-cose/

Other

31 stars 13 forks source link

Request registration of vp content type #103

Closed OR13 closed 1 year ago

OR13 commented 1 year ago

Preview | Diff

jandrieu commented 1 year ago

Shouldn't this follow the pattern we use for securing VCs? With a base media type for VPs.

iherman commented 1 year ago

The issue was discussed in a meeting on 2023-06-07

no resolutions were taken

View the transcript

#### 1.2. JWT PRs. **Orie Steele:** There are 2 new PRs on VC-JWT, 103 and 104. _See github pull request [vc-jwt#103](https://github.com/w3c/vc-jwt/pull/103)._ _See github pull request [vc-jwt#104](https://github.com/w3c/vc-jwt/pull/104)._ **Orie Steele:** There are 2 new PRs on VC-JWT, 103 and 104. _See github pull request [vc-data-model#1144](https://github.com/w3c/vc-data-model/pull/1144)._ **Orie Steele:** PRs up in the core data model 1144. > *Phillip Long:* pdl-ASU has joined #vcwg. **Joe Andrieu:** Added a comment to 103. Would it be useful to reuse the pattern for VCs. A base media type plus securing? … both securing mechanisms will need a payload with a common basis. > *Dmitri Zagidulin:* +1 Joe, I was wondering about that as well. > *Orie Steele:* correct, that is what it is doing. **Dave Longley:** agrees it is following the same pattern. **Orie Steele:** talking about confidence method in registry. > *Dave Longley:* +1 to adding confidence method to the reserved terms table + v2 context, sounds good. **Brent Zundel:** 9 open PRs, please review and look thru them. … moving on to final topic, issues. **Ted Thibodeau Jr.:** suggest that we call out specific issues and PRs in agenda ahead of time. > *Orie Steele:* There are also several open PRs here: [https://github.com/w3c/vc-status-list-2021/pulls](https://github.com/w3c/vc-status-list-2021/pulls) which can be discussed.

OR13 commented 1 year ago

@jandrieu as we discussed on the call, this approach does align with the approach we took previously:

application/vp+ld+jwt

See https://github.com/w3c/vc-data-model/pull/1144

jandrieu commented 1 year ago

@jandrieu as we discussed on the call, this approach does align with the approach we took previously:

application/vp+ld+jwt

See w3c/vc-data-model#1144

Interesting.

I was expecting a base media type, e.g., application/vp+ld+json which would then be secured by JWT, DI, etc. which show up as 'application/vp+jwt', but I'm not seeing any reference to a base media type.

I do see that application/vp+ld+json is mentioned in the other PR you mention https://github.com/w3c/vc-data-model/pull/1144, but application/vc+jwt and application/vp+ld+jwt do not use the same pattern.

If it were using the same pattern, I would expect application/vp-jwt which secures application/vp-ld-json just as application/vc+jwt secures application/vc+ld+json

OR13 commented 1 year ago

@jandrieu i don't think your suggestion would be following the convention we have so far.

We defined a JSON media type for VCs:

vc+ld+json we use vc+ld+jwt to secure it.

We define a JSON media type for VPs:

vp+ld+json we use vp+ld+jwt to secure it.

We don't use "-" because we are trying to leverage the multiple suffixes draft, that we hope will be an RFC one day.

+json+jwt would be redundant.

Hopefully the examples in the other PRs will make this clearer.