- From: Mike Prorock <mprorock@mesur.io>
- Date: Wed, 18 Jan 2023 07:30:01 -0700
- To: Orie Steele <orie@transmute.industries>
- Cc: W3C VC Working Group <public-vc-wg@w3.org>
- Message-ID: <CAGJKSNRrVbMZk2Et7dBHYngxYdZv1DLU_71Otzm08LGL_bTOjQ@mail.gmail.com>
Orie, Thanks for this. I am strongly in favor of "dropping URDNA2015 from JsonWebSignature2020, and refactor the spec to align with the vc-jws proposal above." This would make things significantly easier to work with for our team. Mike Prorock CTO, Founder https://mesur.io/ On Wed, Jan 18, 2023 at 6:55 AM Orie Steele <orie@transmute.industries> wrote: > First, there is a proposal to change the name of the spec: > > https://github.com/w3c/vc-jws-2020/issues/31 > https://github.com/w3c/vc-jws-2020/pull/32 > > Separate from this, we now have a way to secure > "application/credential+ld+json", without using URDNA 2015. > > https://transmute-industries.github.io/vc-jws/ > > https://github.com/transmute-industries/vc-jws/blob/main/test-vectors/generate.js#L22 > > This raises questions for me on the value of retaining this "data > integrity suite". > > Perhaps it would be more valuable to just define how to secure the media > type for the core data model with JWS. > > The working group has very limited bandwidth for technical contribution. > > Since its inception, this work item has received very low contribution. > > If I had to choose between having JsonWebSignature2020 or having a W3C > spec that using JWS to secure the core data model (without URDNA2015), > I would happily take the latter... and if enough others made the same > choice, I see no value in the former. > > Wondering if we might drop URDNA2015 from JsonWebSignature2020, and > refactor the spec to align with the vc-jws proposal above. > > Regards, > > OS > > > -- > *ORIE STEELE* > Chief Technical Officer > www.transmute.industries > > <https://www.transmute.industries> >
Received on Wednesday, 18 January 2023 14:30:26 UTC