- From: Orie Steele <orie@transmute.industries>
- Date: Tue, 14 Mar 2023 13:27:21 -0500
- To: Ganesh Annan <gannan@digitalbazaar.com>
- Cc: W3C Credentials CG <public-credentials@w3.org>
- Message-ID: <CAN8C-_+CeU++Q-i5gcswcehmsGuDEhjhFN+zkHim2mOC_fKdSA@mail.gmail.com>
Inline: On Tue, Mar 14, 2023 at 12:30 PM Ganesh Annan <gannan@digitalbazaar.com> wrote: > On Tue, Mar 14, 2023 at 12:29 PM Orie Steele <orie@transmute.industries> > wrote: > >> My question is: >> >> Does the chapi playground use the exchange endpoints: >> >> - https://w3c-ccg.github.io/vc-api/#exchange-discovery >> > > Yes, we use the exchanges endpoint. > Can you point to the code / tests you have for these endpoints, this will help us (traceability api implementers), to determine if we should upgrade to what you are doing or abandon the approach entirely. > > >> Or the prove endpoint: >> >> - https://w3c-ccg.github.io/vc-api/#prove-presentation >> > > No, we don't use the prove endpoint and currently don't have plans to. > Good to know, I assume the vc-api has no need for HSM backed ECDSA keys to be used to produce verifiable presentations, or for service identity applications to construct verifiable presentations? I also assume that the current exchange endpoint based flows have to round trip through a client that has access to signing keys outside of hardware isolation, perhaps in software isolation, or via a separate api. Perhaps you use a "web kms" endpoint instead of a vc-api endpoint for this part?... where the web kms endpoint has support for hardware isolation / ECDSA signatures? Perhaps you are using https://w3c-ccg.github.io/webkms/#sign-options-code-lt-string-gt-code- instead of the prove endpoint?.. Why not use this endpoint for VC issuance as well? Is this the reason you do not plan to implement that specific endpoint? Regards, OS -- *ORIE STEELE* Chief Technical Officer www.transmute.industries <https://www.transmute.industries>
Received on Tuesday, 14 March 2023 18:27:45 UTC