Open kdimak opened 4 years ago
@peacekeeper @awoie Do you know which key was used to sign example-016-jwt.jwt
?
@troyronda @kdimak the tests don't assume that the generator verifies the JWT, so you won't need the public key. The output should be a credential without a proof
property. This is a data model test suite and the group agreed to not test the cryptographic proofs themselves.
@awoie The JWT structure contains a normal JWS signature - is this JWS signature also not being validated in the test case?
@troyronda Exactly, the JWS is not validated.
@troyronda However, the JWT must be a valid JWT (JWS in compact serialization) by following the <header>.<payload>.<signature>
convention.
@kdimak @troyronda Can we close this issue?
@awoie makes sense for me, thank you.
@awoie unfortunately, the VC inside JWS (example-016-jwt.jwt
) is buggy:
{
"@context": [
"https://w3.org/2018/credentials/v1",
"https://example.com/examples/v1"
],
"credentialSubject": {
"degree": {
"name": "Bachelor of Science in Mechanical Engineering",
"type": "BachelorDegree"
}
},
"expirationDate": "2019-11-06T08:42:03Z",
"id": "http://example.edu/credentials/3732",
"issuanceDate": "2018-11-06T08:42:04Z",
"issuer": "did:example:abfe13f712120431c276e12ecab",
"type": [
"VerifiableCredential",
"UniversityDegreeCredential"
]
}
as the first context must be https://www.w3.org/2018/credentials/v1
(https://w3c.github.io/vc-data-model/#contexts).
And here www
is missing (currently the context is https://w3.org/2018/credentials/v1
).
Can we apply https://github.com/w3c/vc-test-suite/pull/102 where the @context
has correct values?
@awoie filed a separate issue #103 we can close the current issue
What is correct JWK for the decoding JWS into the credentials data model tests (
--jwt-decode
parameter),example-016-jwt.jwt
? It's RS256 but the one defined atconfig.json.example
is not valid: