- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Fri, 24 Jul 2020 10:42:34 -0400
- To: public-credentials@w3.org
On 7/24/20 9:57 AM, Leonard Rosenthol wrote: > In our world where (standard) schemas are being created & edited > daily, let alone the existence of custom ones - I just don't see how > this will work for the types of data being considered here (eg. > VC's) > > Accordingly, I don’t see this as a viable option. You are correct, if the schema changes out from under you, you're in trouble. There is one mitigation for this that you may not be aware of: Every W3C global standard JSON-LD Context that I know of is frozen in time. We go as far as publishing cryptographic hashes for the JSON-LD Contexts in the specifications themselves. Example for Verifiable Credentials here: https://www.w3.org/TR/vc-data-model/#base-context We should point this out in the CBOR-LD specification as I'm sure some poor soul will step on that particular landmine. The other protection that we have in place is that things like Verifiable Credentials are digitally signed, so if you deserialize and check the signature on the receiving end, a context change will be detected (digital signature verification failure). That doesn't mean that this stuff isn't useful even while developing... if you only go to CBOR-LD for vanishingly small periods of time (transmission via QRCode and then immediately back to JSON-LD), it is highly unlikely that you're going to be the unlucky person that received a message right as someone pressed "Save" a context. So, if you plan to use CBOR-LD as an archival format using unstable JSON-LD Context files, then yes, you shouldn't do that and yes, we should warn about it in the specification. However, that doesn't mean that the solution isn't viable for a subset of use cases. :) -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. blog: Veres One Decentralized Identifier Blockchain Launches https://tinyurl.com/veres-one-launches
Received on Friday, 24 July 2020 14:42:48 UTC