- From: Kim Hamilton <kimdhamilton@gmail.com>
- Date: Tue, 19 Mar 2024 17:41:34 -0700
- To: Orie Steele <orie@transmute.industries>
- Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
- Message-ID: <CAFmmOzcPmi73az=VSRsde+D0yW6LdQu6-_-D9_Bk-c8=7aP9Mg@mail.gmail.com>
Right, in the base media type. But SD-JWT describes a mechanism for performing SD on JSON. It would be good to have a more transparent mechanism to allow anchoring statements in something reference-able. It seems a bit muddy now. Perhaps DIF, CCG, OIDF, and more can collaborate on some rubric here. On Tue, Mar 19, 2024 at 5:35 PM Orie Steele <orie@transmute.industries> wrote: > The VCDM is JSON-LD, and both JSON and RDF do not support selective > disclosure in their base media types. > > SD-JWT only supports selective disclosure on JSON. > > ECDSA-SD only supports selective disclosure in JSON-LD (I think). > > MDoc only supports selective disclosure of in CBOR. > > There are basically 2 ways to secure media types... You can secure them in > a media type agnostic manner, like JWS or COSE Sign1. Or you can secure > them in a media type aware manner, like JWT, SD-JWT, mDoc, SD-CWT etc. > > The W3C VCDM is a media type that is built on +ld+json meaning it's always > JSON-LD that you are securing... Regardless of how you secure it. > > OS > > On Wed, Mar 20, 2024, 10:27 AM Kim Hamilton <kimdhamilton@gmail.com> > wrote: > >> Thanks for stating it clearly. This is why the statement "VCDM lacks >> selective disclosure" trips the brain wires. It belongs at the >> signature/proof level. And of course, selective disclosure can be performed >> in different ways. Just wondering if I missed the boat on any >> considerations that make the credential data model itself more or less >> conducive to selective disclosure, which that statement appears to say. >> >> Or maybe it refers to a specific brand of selective disclosure, and not >> selective disclosure in the general sense. >> >> Does SD-JWT-VC imply a landscape in which there will be a different VC >> format for each signature suite? This is very different from my mental >> model of VC data model, with the possibility of using different signature >> suites. I'd be eager to learn more about the advantages of that. >> >> On Tue, Mar 19, 2024 at 5:10 PM Orie Steele <orie@transmute.industries> >> wrote: >> >>> Selective disclosure is a property of the securing format, not the data >>> model. >>> >>> Sd-jwt and ecdsa-sd both support selective disclosure, but with very >>> different performance and security trade offs. >>> >>> It's not correct to say that CBOR, YAML, JSON, XML or JSON-LD support >>> selective disclosure. >>> >>> It is correct to say SD-JWT, SD-CWT, mDoc, goridan envelopes or ecdsa-sd >>> support selective disclosure. >>> >>> It seems jades as a requirement precludes the use of CBOR or Data >>> Integrity Proofs, or even JWT, given JWTs are always compact (no JSON >>> Serialization). >>> >>> OS >>> >>> On Wed, Mar 20, 2024, 9:53 AM Kim Hamilton <kimdhamilton@gmail.com> >>> wrote: >>> >>>> Hi all, >>>> I'm trying to get my head around the variety of VC formats. I ran >>>> across this deck and I'm curious why it would say VCDM lacks selective >>>> disclosure (included screenshot and deck). It does via signature suites, so >>>> in a sense the statement "does not compute". >>>> >>>> Eager to learn about the new VC formats, similarities and differences. >>>> >>>> Thanks, >>>> Kim >>>> [image: Screenshot 2024-03-19 at 4.36.16 PM.png] >>>> >>>
Attachments
- image/png attachment: Screenshot_2024-03-19_at_4.36.16___PM.png
Received on Wednesday, 20 March 2024 00:41:52 UTC