Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: section Media Type Registration for wallet-attestation+jwt #86

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
35 changes: 34 additions & 1 deletion draft-oid4vc-haip-sd-jwt-vc.md
Original file line number Diff line number Diff line change
Expand Up @@ -287,7 +287,7 @@ The following additional Credential Issuer metadata are defined for this Credent
* `vct`: REQUIRED. JSON string designating the type of a credential as defined in [@!I-D.ietf-oauth-sd-jwt-vc], Section 4.2.2.1.
* `claims`: OPTIONAL. A JSON object containing a list of name/value pairs, where each name identifies a claim offered in the Credential. The value can be another such object (nested data structures), or an array of such objects. To express the specifics about the claim, the most deeply nested value MAY be a JSON object that includes a following non-exhaustive list of parameters defined by this specification:
* `mandatory`: OPTIONAL. Boolean which when set to `true` indicates the claim MUST be present in the issued Credential. If the `mandatory` property is omitted its default should be assumed to be `false`.
* `value_type`: OPTIONAL. String value determining type of value of the claim. A non-exhaustive list of valid values defined by this specification are `string`, `number`, and image media types such as `image/jpeg` as defined in IANA media type registry for images (https://www.iana.org/assignments/media-types/media-types.xhtml#image).
* `value_type`: OPTIONAL. String value determining type of value of the claim. A non-exhaustive list of valid values defined by this specification are `string`, `number`, and image media types such as `image/jpeg` as defined in [IANA media type registry for images](https://www.iana.org/assignments/media-types/media-types.xhtml#image).
peppelinux marked this conversation as resolved.
Show resolved Hide resolved
peppelinux marked this conversation as resolved.
Show resolved Hide resolved
* `display`: OPTIONAL. An array of objects, where each object contains display properties of a certain claim in the Credential for a certain language. Below is a non-exhaustive list of valid parameters that MAY be included:
* `name`: OPTIONAL. String value of a display name for the claim.
* `locale`: OPTIONAL. String value that identifies language of this object represented as language tag values defined in BCP47 [@!RFC5646]. There MUST be only one object for each language identifier.
Expand Down Expand Up @@ -374,6 +374,39 @@ Note: When using this profile with other cryptosuites, it is recommended to be e

`iat` and `exp` JWT claims express both the validity period of both the signature and the claims about the subject, unless there is a separate claim used to express the validity of the claims.

# Security Considerations
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this change does not belong to this PR, please revert


TBD.
peppelinux marked this conversation as resolved.
Show resolved Hide resolved

## Media Type Registration

This section requests registration of the following media types [@RFC2046] in
the ["Media Types" registry](https://www.iana.org/assignments/media-types/media-types.xhtml#application) in the manner described
in [@RFC6838].

To indicate that the content of a JWS is a Wallet Instance Attestation:
peppelinux marked this conversation as resolved.
Show resolved Hide resolved

* Type name: application
* Subtype name: wallet-attestation+jwt
* Required parameters: n/a
* Optional parameters: n/a
* Encoding considerations: binary; A JWT-based Wallet Instance Attestation object is a JWT; JWT values are encoded as a series of base64url-encoded values (some of which may be the empty string) separated by period ('.') characters.
peppelinux marked this conversation as resolved.
Show resolved Hide resolved
* Security considerations: See (#security-considerations) of [[ this specification ]]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this attestation is defined in Section {#wallet-attestation-schema}, security considerations related to the attestation should be specified there

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just have changed the link/ref to #wallet-attestation-schema

peppelinux marked this conversation as resolved.
Show resolved Hide resolved
* Interoperability considerations: n/a
* Published specification: [[ this specification ]]
* Applications that use this media type: Applications using [[ this specification ]] for issuing and validating Wallet Instance Attestations.
* Fragment identifier considerations: n/a
* Additional information:
* File extension(s): n/a
* Macintosh file type code(s): n/a
* Person & email address to contact for further information: Torsten Lodderstedt, [email protected]
peppelinux marked this conversation as resolved.
Show resolved Hide resolved
* Intended usage: COMMON
* Restrictions on usage: none
* Author: Torsten Lodderstedt
* Change controller: IETF
* Provisional registration? No


{backmatter}

<reference anchor="OIDF.OID4VCI" target="https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html">
Expand Down