Closed decentralgabe closed 1 year ago
What about having a fixed credentialSchema
property instead? Something to validate that it's actually jsonschema within the credentialSubject
.
Below is an example
{
"credentialSchema": {
"type": "JsonCredentialSchema2023",
"id": "https://github.com/w3c/CredentialSchema2023.json"
}
}
And then the contents of https://github.com/w3c/CredentialSchema2023.json
would be like the ones below:
{
"$schema": "...",
"type": "object",
"properties": {
"credentialSubject": {
"$ref": "http://json-schema.org/draft-04/schema"
},
"credentialSchema": {
// ... something to say that it must be fixed
}
}
}
The problem with doing that, is the schema it points to would need to be a meta-schema that is a oneOf
for the schema versions we support such as
{
"oneOf": [
{
"$ref": "https://json-schema.org/draft/2020-12/schema",
},
{
"$ref": "https://json-schema.org/draft/2019-09/schema",
},
{
"$ref": "https://json-schema.org/draft/7/schema",
}
]
}
and validating this each time would result in a few network requests (sure we can encourage caching) -- and generally more room for error.
I'm not completely opposed to this approach but I think it may be simpler to just say no schema.
I still side on having it. Since the added but if complexity is actually small, and there is strong intent being communicated when you specify a machine readable schema for the schema credential itself.
I see implementers would appreciate making sure that the schema they are applying is actually valid. Otherwise they are likely to implement this, just outside the spec.
OK, I agree, it seems worth it to define this meta-schema we can point to.
Still, we should add language on limiting nesting.
The spec does not yet provide guidance on nesting, which could pose an issue during validation.
Consider a credential representing a
CredentialSchema2023
. That credential could have acredentialSchema
property where the type is alsoCredentialSchema2023
, and so on, and so on... This could lead to an endless validation loop.I propose adding language to specify that when using
CredentialSchema2023
the associated VC must not have acredentialSchema
property.