Skip to content

Add guidance for credential+ld+json for externalproof #1033

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Mar 6, 2023
Merged

Add guidance for credential+ld+json for externalproof #1033

merged 9 commits into from
Mar 6, 2023

Conversation

OR13
Copy link
Contributor

@OR13 OR13 commented Feb 10, 2023
edited by pr-preview bot
Loading

Remove proposed guidance that lacked consensus per @dlongley on: #1014

Preview | Diff

@OR13 OR13 requested a review from msporny as a code owner February 10, 2023 22:23
@OR13 OR13 mentioned this pull request Feb 10, 2023
Closed
dlongley
dlongley reviewed Feb 10, 2023
View reviewed changes
mprorock
mprorock requested changes Feb 10, 2023
View reviewed changes
@mprorock
Copy link
Contributor

added some suggestions to make it very clear what can and can't be done to make things very simple and hopefully avoid 1) confusion, 2) resulting type confusion issues (i.e. like what we keep seeing in x509 and related openssl CVEs)

@OR13 @dlongley
Update index.html
2e64534 
Co-authored-by: Dave Longley <[email protected]>
@dlongley
Copy link
Contributor

dlongley commented Feb 10, 2023
edited
Loading

added some suggestions to make it very clear what can and can't be done to make things very simple and hopefully avoid 1) confusion, 2) resulting type confusion issues (i.e. like what we keep seeing in x509 and related openssl CVEs)

Of course, adding restrictions do define what can and can't be done. However, the specific restrictions added should have a clear rationale and be technologically defensible.

So, the specific suggestion that you cannot use this media type with a verifiable credential that has an embedded proof ... serves what purpose? Where is that useful and what are the pros / cons?

EDIT: Perhaps it's best to keep this thread of the conversation in #1014.

@mprorock
Copy link
Contributor

added some suggestions to make it very clear what can and can't be done to make things very simple and hopefully avoid 1) confusion, 2) resulting type confusion issues (i.e. like what we keep seeing in x509 and related openssl CVEs)

Of course, adding restrictions do define what can and can't be done. However, the specific restrictions added should have a clear rationale and be technologically defensible.

So, the specific suggestion that you cannot use this media type with a verifiable credential that has an embedded proof ... serves what purpose? Where is that useful and what are the pros / cons?

converting to approve - did not mean to take discussion out of #1014

mprorock
mprorock reviewed Feb 11, 2023
View reviewed changes
@mprorock mprorock mentioned this pull request Feb 11, 2023
Merged
msporny
msporny approved these changes Feb 12, 2023
View reviewed changes
Copy link
Member

@msporny msporny left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Don't know about @mprorock's addition... on the fence about that one (but wouldn't object if it was merged w/ the corrections).

iherman
iherman requested changes Feb 21, 2023
View reviewed changes
Copy link
Member

@iherman iherman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR seems to be unfinished. It refers to the term of "external proof", but it does not define what this means. Until that is properly defined, this is incomplete and should not be merged imho.

@OR13 @TallTed
Update index.html
3c4f94e 
Co-authored-by: Ted Thibodeau Jr <[email protected]>
@OR13
Copy link
Contributor Author

OR13 commented Feb 24, 2023

@iherman external proof is defined here:

https://w3c.github.io/vc-data-model/#proofs-signatures

However I agree that proof is in general not defined sufficiently in the core data model.

Which is why people can't understand its relationship to credential vs verifiable credential.

iherman
iherman requested changes Feb 25, 2023
View reviewed changes
@iherman
Copy link
Member

iherman commented Feb 25, 2023

@iherman external proof is defined here:

https://w3c.github.io/vc-data-model/#proofs-signatures

I stand corrected. But #1033 (comment) explains why I went wrong: in the new section the term "external proof" appeared as a definition and not as a reference.

@OR13 @iherman
Update index.html
1cb1218 
Co-authored-by: Ivan Herman <[email protected]>
@OR13
Copy link
Contributor Author

OR13 commented Mar 1, 2023

@iherman accepted your change suggestion, can you please re-review

@iherman iherman self-requested a review March 2, 2023 11:53
dlongley
dlongley reviewed Mar 2, 2023
View reviewed changes
@OR13 @dlongley
Update index.html
b0d7938 
Co-authored-by: Dave Longley <[email protected]>
@msporny
Copy link
Member

msporny commented Mar 6, 2023

Editorial, multiple reviews, changes requested and made, no objections, merging.

@msporny msporny merged commit f12c4a1 into main Mar 6, 2023
@msporny msporny deleted the feat/remove-guidance-for-embedded-proof branch March 6, 2023 23:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@msporny msporny msporny approved these changes

@dlongley dlongley dlongley approved these changes

@TallTed TallTed TallTed left review comments

@iherman iherman iherman approved these changes

@brentzundel brentzundel brentzundel approved these changes

@dmitrizagidulin dmitrizagidulin Awaiting requested review from dmitrizagidulin

@mprorock mprorock Awaiting requested review from mprorock

@peacekeeper peacekeeper Awaiting requested review from peacekeeper

@Sakurann Sakurann Awaiting requested review from Sakurann

@awoie awoie Awaiting requested review from awoie

@decentralgabe decentralgabe Awaiting requested review from decentralgabe

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@OR13 @mprorock @dlongley @iherman @msporny @TallTed @brentzundel