- From: Orie Steele <orie@transmute.industries>
- Date: Wed, 18 Jan 2023 07:55:10 -0600
- To: W3C VC Working Group <public-vc-wg@w3.org>
- Message-ID: <CAN8C-_JgpNm5B=6nGxaF+zwjYQneUGpF1aWwsjqg-JWzRuqMnw@mail.gmail.com>
First, there is a proposal to change the name of the spec: https://github.com/w3c/vc-jws-2020/issues/31 https://github.com/w3c/vc-jws-2020/pull/32 Separate from this, we now have a way to secure "application/credential+ld+json", without using URDNA 2015. https://transmute-industries.github.io/vc-jws/ https://github.com/transmute-industries/vc-jws/blob/main/test-vectors/generate.js#L22 This raises questions for me on the value of retaining this "data integrity suite". Perhaps it would be more valuable to just define how to secure the media type for the core data model with JWS. The working group has very limited bandwidth for technical contribution. Since its inception, this work item has received very low contribution. If I had to choose between having JsonWebSignature2020 or having a W3C spec that using JWS to secure the core data model (without URDNA2015), I would happily take the latter... and if enough others made the same choice, I see no value in the former. Wondering if we might drop URDNA2015 from JsonWebSignature2020, and refactor the spec to align with the vc-jws proposal above. Regards, OS -- *ORIE STEELE* Chief Technical Officer www.transmute.industries <https://www.transmute.industries>
Received on Wednesday, 18 January 2023 13:55:34 UTC