Re: Verifiable Requests?

Just wanted to clarify something I noticed that Manu said:

"There may be many different protocols for requesting a VC. Some of the protocols are very simple, like the Query By Example mechanism that many companies used to achieve multi-way interop last spring via CHAPI. Others are more complex, like the DIF Presentation Request specification."

The DIF spec in question is called Presentation *Exchange*, and it is also just a data model specification, not a credential request/response envelope protocol - in fact, the entire concept is that you can use PE objects *inside* any envelope protocol for credential request/response (OIDC SIOP, CHAPI, DIDComm, etc.). PE is like the Borg: it boards your envelope-protocol-ship, assimilates everything related to specifying what credentials a Verifier is demanding + how a Holder evaluates what they have in fulfillment of those demands, and basically turns the outer envelope protocol into a dumb drone so you can reuse the exact same Verifier-demand/Holder-evaluation code across all envelop protocol options (OIDC SIOP, CHAPI, DIDComm, etc.). Join the Borg, write less code, resistance is futile.  :smiley-borg-face:

What Gabe seems to want is something that has replay protection and other features that OIDC SIOP, DIDComm, and various req/res envelope protocols define - the Presentation Exchange spec has no stake in this, as it doesn't care what you pick and will happily assimilate whatever envelop protocol bodies you inject its objects into. The answer could be 'Just use one of the existing envelope porotocols' or 'Someone could make a new thing that looks VP/VC-ish', and I think he is proposing the latter, but would appreciate feedback on what others think before doing anything further.

- Daniel