- From: Orie Steele <orie@transmute.industries>
- Date: Tue, 6 Dec 2022 17:42:59 -0600
- To: Manu Sporny <msporny@digitalbazaar.com>
- Cc: W3C VC Working Group <public-vc-wg@w3.org>
- Message-ID: <CAN8C-_K7rDWySdkRqkwXTyUw2DGfwHvZd+pZzJQGLHtA6dCMrQ@mail.gmail.com>
Looks like things have progressed a bit, I had originally created this response to Mike's initial comment: > The “coupling” that you’re not in favor will result in more natural implementations, at least as I see it. There are currently 0 examples of a CBOR core data model, all the verifiable credential formats that meet TR 1.0 or 1.1 are in JSON. The core data model should define a concrete serialization for JSON. The content type of this serialization should be `application/credential+json` Securing JSON might be accomplished with either JWS or COSE Sign1 (which would be more compact than a JWS, but potentially less well supported by off the shelf tooling). I don't see why it would be "more natural" to start by defining a data model that has never existed before, and that nobody is using today. Especially while we don't have a good solution for securing the one that we have today, which is JSON. I also question if the working group has the expertise or bandwidth to do a CBOR based data model, it's certainly not a priority for us right now. Our primary focus is on making it very easy and very safe to secure JSON. Perhaps in our next charter we might consider adding a core data model representation for CBOR. I think it's a mistake to load up on that in the current charter, and with the current issues with VC-JWT... Better to solve the current can of worms before opening a new one. Regards, OS On Tue, Dec 6, 2022 at 4:34 PM Manu Sporny <msporny@digitalbazaar.com> wrote: > On Tue, Dec 6, 2022 at 5:09 PM Mike Jones <Michael.Jones@microsoft.com> > wrote: > > As extensively discussed in the special topic calls, an "open world > model" is not a interoperability requirement and is not a deliverable in > our charter. We can (and I believe will) do better than that. > > The specification has asserted that it supports an "open world model" from > v1.0: > > https://www.w3.org/TR/vc-data-model/#extensibility > > The VCWG has repeatedly achieved consensus on that during the VC 1.0 work. > > Here is the decision from April 2019 when what you are stating above > was raised (by Microsoft) the first time, discussed by the WG, and a > consensus position to support open world was made: > > https://github.com/w3c/vc-data-model/issues/483#issuecomment-482910429 > > and the resulting text, that achieved WG consensus: > > https://www.w3.org/TR/2019/REC-vc-data-model-20191119/#extensibility > > and then again in the VC 1.1 work: > > https://www.w3.org/TR/2022/REC-vc-data-model-20220303/#extensibility > > Asserting the opposite of what the consensus position has been in the > group for years doesn't make it true. > > -- manu > > -- > Manu Sporny - https://www.linkedin.com/in/manusporny/ > Founder/CEO - Digital Bazaar, Inc. > News: Digital Bazaar Announces New Case Studies (2021) > https://www.digitalbazaar.com/ > > -- *ORIE STEELE* Chief Technical Officer www.transmute.industries <https://www.transmute.industries>
Received on Tuesday, 6 December 2022 23:43:23 UTC