- From: Markus Sabadello <markus@danubetech.com>
- Date: Tue, 6 Dec 2022 21:03:49 +0100
- To: public-vc-wg@w3.org
- Message-ID: <2a7fe982-e01a-9ced-7b42-349cabe6032f@danubetech.com>
Very interesting. I like how this cleanly separates the data model layer from the security layer. Markus On 11/30/22 20:30, Orie Steele wrote: > Friends, > > Here is the link to the proposal to protect the core data model with a > JWS *instead of or in addition to* a JWT. > > https://transmute-industries.github.io/vc-jws/ > > I shared this link in today's meeting, you can see some of the related > discussions in the minutes: > > https://www.w3.org/2017/vc/WG/Meetings/Minutes/2022-11-30-vcwg > > As we consider additional security formats, including SD-JWT, ACDCs or > JWEs, it's important to be clear on "what" we are securing. > > I believe it's helpful for the WG to consider defining and registering > media types to make this clearer, especially in scenarios where > multiple security formats might apply to the same media type. > > I am preparing a COSE signature companion draft to explain this > approach further. > > I'm happy to explain this approach further on a special topic call if > that would help the > WG evaluate if this approach should be pulled in as one of the > securing the core data model specs, our charter authorizes us to consider. > > Regards, > > OS > > -- > *ORIE STEELE* > Chief Technical Officer > www.transmute.industries > > <https://www.transmute.industries>
Received on Tuesday, 6 December 2022 20:04:05 UTC