- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Sat, 19 Apr 2025 09:42:51 -0400
- To: Steve Capell <steve.capell@gmail.com>
- Cc: public-credentials@w3.org
On Thu, Apr 17, 2025 at 9:12 PM Steve Capell <steve.capell@gmail.com> wrote: > One requirement I’d like to add to this excellent tender template discussion is about handling credentials with lots of optional data and with repeating structures - so require dynamic template Ah! Yes, we have discussed that lightly. The current thinking seems to be that we'd have a simple static templating system and language (Mustache) for most use cases... and we might have to just depend on a full blown headless HTML+JS rendering engine for dynamic templates. The good news here is that with the selective disclosure schemes, we can do minimized, dynamic, and fully programmable rendering on the client-side. The bad news is that doing so brings in some (debatably) heavy requirements -- it's "just" running Javascript + HTML to produce a dynamic PDF that's printed out via pdf.js. So, yes, we hear you and we're getting those sorts of requirements from others. The big concerns here are 1) the runtime demands, and 2) the correlation and privacy risks. Those sorts of renderings will probably come with guidance that: "You are almost certainly going to be tracked if you hand over this VC with this rendering method" <-- not usually an issue for supply chain, but certainly an issue for personal identity. > Take a trade invoice as a VC for example. Might include payment details and might not - do you tender payment properties with no data or just leave out that block ? Yes, definitely possible w/ ECDSA-SD and BBS cryptographic mechanisms to selectively disclose that information, which would then be used by the HTML rendering engine to generate a minimized PDF. Note: You can also selectively NOT disclose the render templates to prevent verifiers from using them. > Still on the invoice, it might have one line item or a hundred line items so rendering would need to show as many line items as there are in the instance. Yep, definitely do-able. > We are coping with these needs well enough with html rendering. Not sure whether an svg or pdf template can be dynamic like that ? You can write an HTML+JS-based rendering engine to generate an SVG or PDF, certainly, but really you're just in browser-land at that point, so you might as well do the entire rendering in HTML and you can export that to PDF (via something like pdf.js) or SVG, if you really need to... or you can just "Print" at that point to generate something that could go to a bog standard printer. The thing we're struggling the most with right now is the litany of privacy warnings we're going to need to put on any HTML-based rendering approach. -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. https://www.digitalbazaar.com/
Received on Saturday, 19 April 2025 13:43:31 UTC