- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Mon, 21 Aug 2023 17:01:14 +0000
- To: public-credentials@w3.org
- Message-Id: <E1qY8HC-009k7X-QC@uranus.w3.org>
Issues ------ * w3c/vc-data-model (+5/-7/💬62) 5 issues created: - N3 rendering of Verifiable Claims Examples raises some questions (by bblfish) https://github.com/w3c/vc-data-model/issues/1248 - Addressing Verifier Stored Data Vulnerabilities and Legal Compliance (by awoie) https://github.com/w3c/vc-data-model/issues/1247 [privacy-tracker] [security-tracker] [HorizontalReview] [privacy-needs-resolution] [security-needs-resolution] - Security Concern: Strengthening Trust Boundaries for Holder Software in Verifiable Credential Processing (by awoie) https://github.com/w3c/vc-data-model/issues/1246 [privacy-tracker] [security-tracker] [HorizontalReview] [privacy-needs-resolution] [security-needs-resolution] - Mitigating Location Correlation via Common Issuers (by awoie) https://github.com/w3c/vc-data-model/issues/1245 [privacy-tracker] [HorizontalReview] [privacy-needs-resolution] - Address Metadata-Driven Correlation (by awoie) https://github.com/w3c/vc-data-model/issues/1244 [privacy-tracker] [HorizontalReview] [privacy-needs-resolution] 26 issues received 62 new comments: - #1248 N3 rendering of Verifiable Claims Examples raises some questions (1 by bblfish) https://github.com/w3c/vc-data-model/issues/1248 - #1243 Recommend that DIDs are used with VCs (5 by OR13, decentralgabe, iherman, jandrieu, selfissued) https://github.com/w3c/vc-data-model/issues/1243 [discuss] [post-CR] - #1240 Address normative concept of VerifiableCredentialGraph (10 by OR13, iherman) https://github.com/w3c/vc-data-model/issues/1240 [before-CR] - #1239 `expires` header for https://www.w3.org/2018/credentials/v1 is in the past (7 by OR13, iherman, msporny) https://github.com/w3c/vc-data-model/issues/1239 [post-CR] - #1237 Add references to Sub-Resource Integrity (1 by iherman) https://github.com/w3c/vc-data-model/issues/1237 [editorial] [post-CR] - #1235 Revert language change on the definition of Subject (3 by RieksJ, iherman, jandrieu) https://github.com/w3c/vc-data-model/issues/1235 [ready for PR] [before-CR] - #1233 [VC-JWT] Reference is wrong (1 by iherman) https://github.com/w3c/vc-data-model/issues/1233 [pr exists] [before-CR] - #1232 Revisit validation vs verification (2 by decentralgabe, iherman) https://github.com/w3c/vc-data-model/issues/1232 [before-CR] - #1231 Minor change to validFrom requested (2 by iherman, msporny) https://github.com/w3c/vc-data-model/issues/1231 [ready for PR] [before-CR] - #1227 Document the value of processing as JSON-LD (2 by OR13, iherman) https://github.com/w3c/vc-data-model/issues/1227 [before-CR] - #1224 VCDM editors draft has incorrect link for published version (2 by brentzundel, iherman) https://github.com/w3c/vc-data-model/issues/1224 - #1214 Spec does not contain "name" and "description" terms in the context (3 by iherman, msporny, selfissued) https://github.com/w3c/vc-data-model/issues/1214 [ready for PR] [before-CR] - #1206 Allowing expanded `type` values in conforming documents (2 by iherman, msporny) https://github.com/w3c/vc-data-model/issues/1206 [before-CR] - #1205 Define Controller Documents in the Core Data Model (2 by decentralgabe, selfissued) https://github.com/w3c/vc-data-model/issues/1205 [before-CR] - #1193 `validFrom` and `validUntil` fields need better specification of `dateTime` (1 by msporny) https://github.com/w3c/vc-data-model/issues/1193 [pr exists] [i18n-needs-resolution] [before-CR] - #1177 Provide guidance for when hash values do not match specification text (1 by msporny) https://github.com/w3c/vc-data-model/issues/1177 [ready for PR] [before-CR] - #1175 Ensure the base context doesn't constrain lower-maturity specifications (1 by msporny) https://github.com/w3c/vc-data-model/issues/1175 [ready for PR] [before-CR] - #1157 Security and Privacy Self-Review Questionnaire (1 by awoie) https://github.com/w3c/vc-data-model/issues/1157 [privacy-tracker] [security-tracker] [HorizontalReview] [before-CR] - #1150 Protected term errors when supporting v1 and v2 (1 by iherman) https://github.com/w3c/vc-data-model/issues/1150 [before-CR] - #1126 Address "Credential" vs "VerifiableCredential" (1 by msporny) https://github.com/w3c/vc-data-model/issues/1126 [pr exists] [before-CR] - #1105 How should we refer to the Securing specifications? (1 by msporny) https://github.com/w3c/vc-data-model/issues/1105 [editorial] [pr exists] [before-CR] - #1089 Why does the Data Model context file define a DataIntegrityProof RDF class? (3 by brentzundel, iherman) https://github.com/w3c/vc-data-model/issues/1089 [pending close] [before-CR] - #1010 `termsOfUse` is insufficiently specified (1 by David-Chadwick) https://github.com/w3c/vc-data-model/issues/1010 [conversation] [directory] [before-CR] - #1009 Clarifying credential from verifiable credential (1 by msporny) https://github.com/w3c/vc-data-model/issues/1009 [editorial] [pr exists] [terminology] [before-CR] - #995 [Terminology] claim (1 by iherman) https://github.com/w3c/vc-data-model/issues/995 [terminology] [post-CR] - #870 Evidence extension point (was: Improve tests for Evidence) (6 by OR13, TallTed, iherman, longpd) https://github.com/w3c/vc-data-model/issues/870 [evidence] [before-CR] 7 issues closed: - `validFrom` and `validUntil` fields need better specification of `dateTime` https://github.com/w3c/vc-data-model/issues/1193 [pr exists] [i18n-needs-resolution] [before-CR] - Clarifying credential from verifiable credential https://github.com/w3c/vc-data-model/issues/1009 [editorial] [pr exists] [terminology] [before-CR] - How should we refer to the Securing specifications? https://github.com/w3c/vc-data-model/issues/1105 [editorial] [pr exists] [before-CR] - Address "Credential" vs "VerifiableCredential" https://github.com/w3c/vc-data-model/issues/1126 [pr exists] [before-CR] - [VC-JWT] Reference is wrong https://github.com/w3c/vc-data-model/issues/1233 [pr exists] [before-CR] - Why does the Data Model context file define a DataIntegrityProof RDF class? https://github.com/w3c/vc-data-model/issues/1089 [pending close] [before-CR] - VCDM editors draft has incorrect link for published version https://github.com/w3c/vc-data-model/issues/1224 * w3c/vc-json-schema (+4/-4/💬8) 4 issues created: - Formalize the jsonSchema property in the VCDM vocabulary? (by iherman) https://github.com/w3c/vc-json-schema/issues/206 - Encourage usage of OHTTP during schema resolution (by andresuribe87) https://github.com/w3c/vc-json-schema/issues/203 - Add guidance for wallets when using JsonSchemaCredential and selected disclosure (by andresuribe87) https://github.com/w3c/vc-json-schema/issues/202 - Add guidance on inclusion of unique tracking identifiers (by andresuribe87) https://github.com/w3c/vc-json-schema/issues/201 5 issues received 8 new comments: - #206 Formalize the jsonSchema property in the VCDM vocabulary? (3 by andresuribe87, decentralgabe, iherman) https://github.com/w3c/vc-json-schema/issues/206 [pre-cr] - #201 Add guidance on inclusion of unique tracking identifiers (2 by andresuribe87, decentralgabe) https://github.com/w3c/vc-json-schema/issues/201 [privacy-needs-resolution] [pre-cr] - #197 Clarify the usage of the `id` property in `credentialSubject` when using `JsonSchemaCredential` (1 by decentralgabe) https://github.com/w3c/vc-json-schema/issues/197 [pre-cr] - #194 JSON schema's `type` and VC.context.JsonSchema.type (1 by decentralgabe) https://github.com/w3c/vc-json-schema/issues/194 [pre-cr] - #167 Security and Privacy Self-Review Questionnaire (1 by andresuribe87) https://github.com/w3c/vc-json-schema/issues/167 [horizontal-review] 4 issues closed: - Support YAML schema representations https://github.com/w3c/vc-json-schema/issues/142 [pre-cr] - Clarify the usage of the `id` property in `credentialSubject` when using `JsonSchemaCredential` https://github.com/w3c/vc-json-schema/issues/197 [pre-cr] - JSON schema's `type` and VC.context.JsonSchema.type https://github.com/w3c/vc-json-schema/issues/194 [pre-cr] - Add note about media types https://github.com/w3c/vc-json-schema/issues/157 [enhancement] [pre-cr] * w3c/vc-data-integrity (+4/-4/💬13) 4 issues created: - Add normative guidance that @context files SHOULD be cached (by msporny) https://github.com/w3c/vc-data-integrity/issues/170 [before CR] - Add Security Consideration to avoid key reuse (by msporny) https://github.com/w3c/vc-data-integrity/issues/169 [before CR] - Add Privacy Consideration for previous signers in proof chains (by msporny) https://github.com/w3c/vc-data-integrity/issues/168 [during CR] - Add reference back to VC Data Model Security and Privacy Considerations sections (by msporny) https://github.com/w3c/vc-data-integrity/issues/167 8 issues received 13 new comments: - #170 Add normative guidance that @context files SHOULD be cached (1 by msporny) https://github.com/w3c/vc-data-integrity/issues/170 [before CR] - #169 Add Security Consideration to avoid key reuse (3 by Wind4Greg, msporny) https://github.com/w3c/vc-data-integrity/issues/169 [security-needs-resolution] [during CR] - #167 Add reference back to VC Data Model Security and Privacy Considerations sections (1 by msporny) https://github.com/w3c/vc-data-integrity/issues/167 [privacy-needs-resolution] [security-needs-resolution] [during CR] - #164 Is a another context required to express JsonWebKey or Multikey? (4 by OR13, msporny) https://github.com/w3c/vc-data-integrity/issues/164 [pending close (7 days)] [before CR] - #161 Add sec:cryptosuiteString data type to vocabulary (1 by msporny) https://github.com/w3c/vc-data-integrity/issues/161 [pr exists] [before CR] - #120 Expand use of `previousProof` to allow an array, define in security vocabulary (1 by msporny) https://github.com/w3c/vc-data-integrity/issues/120 [pr exists] [before CR] - #87 Potential attacks on `previousProof` and algorithmic mitigations (1 by msporny) https://github.com/w3c/vc-data-integrity/issues/87 [pr exists] [before CR] - #78 Expiration Date (1 by msporny) https://github.com/w3c/vc-data-integrity/issues/78 [pr exists] [before CR] 4 issues closed: - Add sec:cryptosuiteString data type to vocabulary https://github.com/w3c/vc-data-integrity/issues/161 [pr exists] [before CR] - Expand use of `previousProof` to allow an array, define in security vocabulary https://github.com/w3c/vc-data-integrity/issues/120 [pr exists] [before CR] - Potential attacks on `previousProof` and algorithmic mitigations https://github.com/w3c/vc-data-integrity/issues/87 [pr exists] [before CR] - Expiration Date https://github.com/w3c/vc-data-integrity/issues/78 [pr exists] [before CR] * w3c/vc-di-eddsa (+2/-0/💬0) 2 issues created: - Highlight security/privacy trade-offs between RDF-CANON and JCS (by msporny) https://github.com/w3c/vc-di-eddsa/issues/58 - Point Privacy and Security Considerations section back to Data Integrity (by msporny) https://github.com/w3c/vc-di-eddsa/issues/57 [before CR] * w3c/vc-di-ecdsa (+4/-0/💬7) 4 issues created: - Ensure to pass SHA-384 param and fetch verification method early to get key size (by dlongley) https://github.com/w3c/vc-di-ecdsa/issues/32 - Highlight security/privacy trade-offs between RDF-CANON and JCS (by msporny) https://github.com/w3c/vc-di-ecdsa/issues/30 [during CR] - Point Privacy and Security Considerations section back to Data Integrity (by msporny) https://github.com/w3c/vc-di-ecdsa/issues/29 [before CR] - Add normative guidance that Deterministic signatures SHOULD be used (by msporny) https://github.com/w3c/vc-di-ecdsa/issues/28 3 issues received 7 new comments: - #29 Point Privacy and Security Considerations section back to Data Integrity (1 by msporny) https://github.com/w3c/vc-di-ecdsa/issues/29 [privacy-needs-resolution] [security-needs-resolution] [before CR] [ready for pr] - #26 Clarifying `publicKeyMultibase` encoding: `did:key` style with multicodec code, or not? (2 by bnewbold, msporny) https://github.com/w3c/vc-di-ecdsa/issues/26 [question] - #22 Confirming `EcdsaSecp256r1VerificationKey2019` -> `Multikey` transition (4 by OR13, bnewbold, peacekeeper) https://github.com/w3c/vc-di-ecdsa/issues/22 [question] [during CR] * w3c/vc-jwt (+1/-0/💬2) 1 issues created: - Define Controller Documents in the Core Data Model (by OR13) https://github.com/w3c/vc-jose-cose/issues/140 1 issues received 2 new comments: - #136 signature profiles (2 by OR13, TallTed) https://github.com/w3c/vc-jose-cose/issues/136 Pull requests ------------- * w3c/vc-data-model (+5/-4/💬44) 5 pull requests submitted: - Vocabulary fixes — replacement of #1241 (by iherman) https://github.com/w3c/vc-data-model/pull/1253 - Add section about Names and Descriptions of credentials. (by msporny) https://github.com/w3c/vc-data-model/pull/1252 - Mitigate context risk when transitioning to Proposed Recommendation. (by msporny) https://github.com/w3c/vc-data-model/pull/1251 - Apply range requirements to validFrom/validUntil. (by msporny) https://github.com/w3c/vc-data-model/pull/1250 - Provide actionable guidance related to base context hash value. (by msporny) https://github.com/w3c/vc-data-model/pull/1249 11 pull requests received 44 new comments: - #1253 Vocabulary fixes — replacement of #1241 (2 by OR13, iherman) https://github.com/w3c/vc-data-model/pull/1253 - #1252 Add section about Names and Descriptions of credentials. (5 by aphillips, iherman, msporny) https://github.com/w3c/vc-data-model/pull/1252 - #1242 Add sd-jwt registered claim names to v2 context (14 by OR13, Sakurann, TallTed, brentzundel, iherman, msporny, peacekeeper) https://github.com/w3c/vc-data-model/pull/1242 - #1241 Vocabulary fixes (2 by iherman) https://github.com/w3c/vc-data-model/pull/1241 - #1238 Add language on mitm, replay, spoofing attacks (3 by decentralgabe, iherman) https://github.com/w3c/vc-data-model/pull/1238 - #1236 Added an SVG diagram of the vocabulary. (6 by iherman, msporny) https://github.com/w3c/vc-data-model/pull/1236 - #1234 Update links from VC-JWT to VC-JOSE-COSE (2 by iherman, msporny) https://github.com/w3c/vc-data-model/pull/1234 - #1212 Refer to VC-SPECS-DIR for proof types. (2 by iherman, msporny) https://github.com/w3c/vc-data-model/pull/1212 - #1211 Clarify the difference between a "credential" and a "verifiable credential" (4 by TallTed, dlongley, iherman, msporny) https://github.com/w3c/vc-data-model/pull/1211 - #1199 Add validation section regarding holder (1 by iherman) https://github.com/w3c/vc-data-model/pull/1199 - #1172 Add "author" and "party" to terminology, rewrite "claim" terminology (3 by RieksJ, TallTed, iherman) https://github.com/w3c/vc-data-model/pull/1172 4 pull requests merged: - Added an SVG diagram of the vocabulary. https://github.com/w3c/vc-data-model/pull/1236 - Update links from VC-JWT to VC-JOSE-COSE https://github.com/w3c/vc-data-model/pull/1234 - Refer to VC-SPECS-DIR for proof types. https://github.com/w3c/vc-data-model/pull/1212 - Clarify the difference between a "credential" and a "verifiable credential" https://github.com/w3c/vc-data-model/pull/1211 * w3c/vc-json-schema (+3/-4/💬7) 3 pull requests submitted: - Encourage OHTTP to prevent linking schema requests (by andresuribe87) https://github.com/w3c/vc-json-schema/pull/207 - Updated the respec plugin version (by andresuribe87) https://github.com/w3c/vc-json-schema/pull/205 - Clarified the value of `credentialSchema` when type is JsonSchemaCredential (by andresuribe87) https://github.com/w3c/vc-json-schema/pull/204 4 pull requests received 7 new comments: - #205 Updated the respec plugin version (1 by OR13) https://github.com/w3c/vc-json-schema/pull/205 - #204 Clarified the value of `credentialSchema` when type is JsonSchemaCredential (1 by OR13) https://github.com/w3c/vc-json-schema/pull/204 - #200 Add OpenAPI/YAML Representation (4 by TallTed, decentralgabe) https://github.com/w3c/vc-json-schema/pull/200 - #199 Guidance on using JsonSchemaCredential (1 by decentralgabe) https://github.com/w3c/vc-json-schema/pull/199 4 pull requests merged: - Add OpenAPI/YAML Representation https://github.com/w3c/vc-json-schema/pull/200 - Guidance on using JsonSchemaCredential https://github.com/w3c/vc-json-schema/pull/199 - Media types for plain json schema, JWT, and SD-JWT https://github.com/w3c/vc-json-schema/pull/198 - Change plugin to one that supports vc-jose-cose with VCDM 2.0 https://github.com/w3c/vc-json-schema/pull/196 * w3c/vc-data-integrity (+5/-3/💬15) 5 pull requests submitted: - Add section on Resource Integrity and `digestMultibase`. (by msporny) https://github.com/w3c/vc-data-integrity/pull/174 - Add section on "Other" Security and Privacy Considerations (by msporny) https://github.com/w3c/vc-data-integrity/pull/173 - Add guidance on context and URL caching in general (by msporny) https://github.com/w3c/vc-data-integrity/pull/172 - Updated the vocabulary and added a diagram (by iherman) https://github.com/w3c/vc-data-integrity/pull/171 - Fix basic requirements of `proof` (by TallTed) https://github.com/w3c/vc-data-integrity/pull/166 5 pull requests received 15 new comments: - #171 Updated the vocabulary and added a diagram (7 by dlongley, iherman) https://github.com/w3c/vc-data-integrity/pull/171 [before CR] - #163 Adding domain and defined_by to revoked (1 by msporny) https://github.com/w3c/vc-data-integrity/pull/163 - #162 Add `cryptosuiteString` subtype for the `cryptosuite` property. (1 by msporny) https://github.com/w3c/vc-data-integrity/pull/162 - #155 Add text on difference between proof and VC validity periods. (4 by David-Chadwick, TallTed, msporny) https://github.com/w3c/vc-data-integrity/pull/155 - #145 Extended proof chain algorithms (2 by Wind4Greg) https://github.com/w3c/vc-data-integrity/pull/145 3 pull requests merged: - Adding domain and defined_by to revoked https://github.com/w3c/vc-data-integrity/pull/163 - Add `cryptosuiteString` subtype for the `cryptosuite` property. https://github.com/w3c/vc-data-integrity/pull/162 - Add text on difference between proof and VC validity periods. https://github.com/w3c/vc-data-integrity/pull/155 * w3c/vc-di-eddsa (+1/-1/💬1) 1 pull requests submitted: - Simplify language that warns of invalid examples (by seabass-labrax) https://github.com/w3c/vc-di-eddsa/pull/59 1 pull requests received 1 new comments: - #55 Cryptosuite Naming: Update example 3 and data integrity test vectors (1 by msporny) https://github.com/w3c/vc-di-eddsa/pull/55 1 pull requests merged: - Cryptosuite Naming: Update example 3 and data integrity test vectors https://github.com/w3c/vc-di-eddsa/pull/55 * w3c/vc-di-ecdsa (+3/-1/💬7) 3 pull requests submitted: - Add pointers back to Data Integrity Privacy and Security Considerations sections (by msporny) https://github.com/w3c/vc-di-ecdsa/pull/33 - Simplify language that warns of invalid examples (by seabass-labrax) https://github.com/w3c/vc-di-ecdsa/pull/31 - Update selective disclosure functions and their use in ecdsa-sd sign, derive, verify. (by dlongley) https://github.com/w3c/vc-di-ecdsa/pull/27 2 pull requests received 7 new comments: - #27 Update selective disclosure functions and their use in ecdsa-sd sign, derive, verify. (6 by TallTed, Wind4Greg, dlongley) https://github.com/w3c/vc-di-ecdsa/pull/27 - #24 Change poison graph mitigation into advisement (1 by msporny) https://github.com/w3c/vc-di-ecdsa/pull/24 1 pull requests merged: - Change poison graph mitigation into advisement https://github.com/w3c/vc-di-ecdsa/pull/24 * w3c/vc-jwt (+3/-2/💬3) 3 pull requests submitted: - Update examples (by OR13) https://github.com/w3c/vc-jose-cose/pull/139 - Editorial clean up (by OR13) https://github.com/w3c/vc-jose-cose/pull/138 - Add section on wallets / clients (by OR13) https://github.com/w3c/vc-jose-cose/pull/137 2 pull requests received 3 new comments: - #137 Add section on wallets / clients (1 by OR13) https://github.com/w3c/vc-jose-cose/pull/137 - #123 Address Ambiguity Regarding Multiple Structured Suffixes (2 by OR13, Sakurann) https://github.com/w3c/vc-jose-cose/pull/123 2 pull requests merged: - Editorial clean up https://github.com/w3c/vc-jose-cose/pull/138 - Address Ambiguity Regarding Multiple Structured Suffixes https://github.com/w3c/vc-jose-cose/pull/123 Repositories tracked by this digest: ----------------------------------- * https://github.com/w3c/vc-data-model * https://github.com/w3c/vc-test-suite * https://github.com/w3c/vc-imp-guide * https://github.com/w3c/vc-use-cases * https://github.com/w3c/vc-json-schema * https://github.com/w3c/vc-data-integrity * https://github.com/w3c/vc-di-eddsa * https://github.com/w3c/vc-di-ecdsa * https://github.com/w3c/vc-di-bbs * https://github.com/w3c/vc-jwt * https://github.com/w3c/vc-status-list-2021 -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 21 August 2023 17:01:18 UTC