-
Notifications
You must be signed in to change notification settings - Fork 1
Home
- Align AlastriaID data models for Credendials and Presentations with EBSI initiative
- Normalize data models for projects based on AlastriaID
- Stadarization the use of schemas for vertical and horizontal sectors
- Selective disclosure
- Anti-correlation capabilities
- Offline usage
- Crypto agility
The type and data proof methods are being discussed in EBSI at these moment, as seen in:
Seems that the syntax for modeling Schemas it's gonna be JWTs data proofs with any kind of asymetric algoritm like RSA or ECDSA
W3C resume some of the advantages and problems with this combination:
Current implementation for Credentials (Attestation) are:
- https://ec.europa.eu/digital-building-blocks/wikis/display/EBSIDOC/Data+Models+and+Schemas
- https://ec.europa.eu/digital-building-blocks/wikis/display/EBSIDOC/Defining+JSON+Schema+for+v+eID%2C+vAttestation%2C+vAttestion-Diploma%2C+vPresentation
- https://ec.europa.eu/digital-building-blocks/code/projects/EBSI/repos/json-schema/browse
Credentials, according to the W3C, must express at least one proof mechanism and the details necessary to evaluate that proof in order for a credential or presentation to be a verifiable credential or a verifiable presentation.
This specification proposes two classes of testing mechanisms: external tests and embedded tests.
- an external test is one that wraps an expression of this data model as a JSON web token
- an embedded proof is a mechanism where the proof is included in the data, such as a Linked Data Signature.
When embedding a test, the test property MUST be used accoring with W3C Verifiable Credentials Data Model v1.1.
So, the credentials must be modeled with a JSON-LD that includes the credential in the "vc" field.
EBSI propose extending rfc7519:
- JWT header:
kidproperty - JWT payload:
vcproperty
Example:
{
"alg": "ES256",
"kid": "did:ebsi:z219z1CJKSbtFc69M2jHcFmq#key-1",
"typ": "JWT"
}.{
"iss": "did:ebsi:z219z1CJKSbtFc69M2jHcFmq",
"sub": "did:ebsi:zsSgDXeYPhZ3AuKhTFneDf1",
"jti": "urn:ebsi:status:identity:verifiableID#1dee355d-0432-4910-ac9c-70d89e8d674e",
"iat": 1638360000,
"nbf": 1638360000,
"exp": 1953892800,
"vc": {
"@context": [
"https://www.w3.org/2018/credentials/v1"
],
"id": "urn:ebsi:status:identity:verifiableID#1dee355d-0432-4910-ac9c-70d89e8d674e",
"type": [
"VerifiableCredential",
"VerifiableAttestation",
"VerifiableId"
],
"issuer": "did:ebsi:z219z1CJKSbtFc69M2jHcFmq",
"issuanceDate": "2021-12-01T12:00:00.0Z",
"validFrom": "2021-12-01T12:00:00.0Z",
"expirationDate": "2031-12-01T12:00:00.0Z",
"credentialSubject": {
"id": "did:ebsi:zsSgDXeYPhZ3AuKhTFneDf1",
"familyName": "Doe",
"firstName": "John",
"dateOfBirth": "1999-03-22",
"personalIdentifier": "ES/AT/123456789"
},
"credentialSchema": {
"id": "https://api.preprod.ebsi.eu/trusted-schemas-registry/v1/schemas/0x14b05b9213dbe7d343ec1fe1d3c8c739a3f3dc5a59bae55eb38fa0c295124f49#",
"type": "FullJsonSchemaValidator2021"
},
"credentialStatus": {
"id": "urn:ebsi:status:identity:verifiableID#1dee355d-0432-4910-ac9c-70d89e8d674e",
"type": "CredentialStatusList2020"
},
"evidence": [{
"type": [
"DocumentVerification"
],
"verifier": "did:ebsi:z219z1CJKSbtFc69M2jHcFmq",
"evidenceDocument": [
"Passport"
],
"subjectPresence": "Physical",
"documentPresence": [
"Physical"
]
}]
}
}
If you have an account as a user of the European Commission portal, you can obtain a JWT access token at the following URL:
At the moment schemas can be found, based on the confirmation tests of the wallets supported by EBSI:
- EBSI Verifiable Attestation, https://api.preprod.ebsi.eu/, can be found in https://github.com/alastria/alastria-identity-schemas
FIWARE examples:
- https://github.com/smart-data-models/dataModel.DistributedLedgerTech/blob/master/DLTtxReceipt/schema.json
- https://github.com/smart-data-models/dataModel.DistributedLedgerTech/blob/master/DLTtxReceipt/doc/spec.md
- https://schema.org/
- https://smartdatamodels.org
- W3C Data Models: https://www.w3.org/TR/vc-data-model/#claims
- W3C Data Integrity 1.0 (
LD-Proofs): https://w3c-ccg.github.io/data-integrity-spec/ - JSON-LD + Linked Data Proofs: https://json-ld.org/playground/
- JaDES: https://www.etsi.org/deliver/etsi_ts/119100_119199/11918201/01.01.01_60/ts_11918201v010101p.pdf
- JWT (RFC 7519): https://datatracker.ietf.org/doc/html/rfc7519
- JWA (RFC 7518): https://datatracker.ietf.org/doc/html/rfc7518
- JWK (RFC 7517): https://datatracker.ietf.org/doc/html/rfc7517
- JWE (RFC 7516): https://datatracker.ietf.org/doc/html/rfc7516
- JWS (RFC 7515): https://datatracker.ietf.org/doc/html/rfc7515
- JSON Web Key Thumbprint(RFC 7638): https://datatracker.ietf.org/doc/html/rfc7638
- CBOR - CWT (CBOR Web Token): https://datatracker.ietf.org/doc/html/rfc8392
- CBOR - COSE (CBOR Object Signing and Encryption): https://datatracker.ietf.org/doc/html/rfc8152
- mDL - Mobile Driver’s License - ISO/IEC 18013-5:2021
Signing credentials and presentatios are being discussed in others forums, like Internet Identity Workshop (https://docs.google.com/document/d/1aNHvPhFv85HHlG8Ry2etrw15KdY830oAL804rMFY9bY/edit#heading=h.r(pqzumxlevzk) and W3C (https://docs.google.com/spreadsheets/d/1WJ1pOH6zmZacuWgoAVfIHLI9Q1EPXbScY44w2gqv9vo/edit#gid=0)
- https://www.npmjs.com/package/jose
- https://www.npmjs.com/package/did-jwt-vc
- https://github.com/digitalbazaar/vc-js
- https://github.com/decentralized-identity/did-jwt
- https://w3c.github.io/json-ld-syntax
- https://w3c-ccg.github.io/vc-json-schemas/v1/index.html
- https://w3c-ccg.github.io/vc-json-schemas/v2/index.html
- https://w3c-ccg.github.io/data-integrity-spec/
- https://w3c-ccg.github.io/ldp-bbs2020/context/v1
- https://jwcrypto.readthedocs.io/en/latest/index.html
- http://linkeddatatools.com/index.php
- http://linkeddatatools.com/introducing-rdfs-owl
- https://www.w3.org/TR/owl2-overview/
- https://www.w3.org/2001/sw/wiki/RDFS
- https://github.com/w3c/vc-data-model
- https://github.com/w3c/vc-test-suite
- https://github.com/w3c/vc-imp-guide
- https://github.com/w3c/vc-use-cases
- https://github.com/w3c/vc-wg-charter