vc-data-model
vc-data-model copied to clipboard
w3c
first example contains an http url identifying a credential
https://w3c.github.io/vc-data-model/#example-a-simple-example-of-the-contents-of-a-verifiable-credential
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://www.w3.org/ns/credentials/examples/v2"
],
"id": "http://university.example/credentials/1872", // bad idea to recommend this
"type": ["VerifiableCredential", "ExampleAlumniCredential"],
"issuer": "https://university.example/issuers/565049",
"validFrom": "2010-01-01T19:23:24Z",
"credentialSubject": {
"id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
"alumniOf": {
"id": "did:example:c276e12ec21ebfeb1f712ebc6f1",
"name": "Example University"
}
}
}
Other examples reference URNs (e.g. urn:uuid:<uuid-value> perhaps the first should do this too.
But, is it worth adding language to the identifiers section on the risk of a publicly resolvable credential URI?
Will add language on when you might want to use an ID that's public, and other cases may want to not be public. Use cases for both. There may already be privacy considerations for this.
Will also add examples with URNs.
The issue was discussed in a meeting on 2024-03-06
- no resolutions were taken
View the transcript
2.5. first example contains an http url identifying a credential (issue vc-data-model#1432)
See github issue vc-data-model#1432.
Brent Zundel: 1432.
… this is assigned to decentralgabe. Do you need input?
Gabe Cohen: could I state that public URLs for credentials is a Bad Thing, and suggest we recommend URNs would be better.
Dave Longley: it might be a bad idea for "personal credentials" (credentials about people).
Manu Sporny: I think we should not do that, but state that it's nuanced.
… there are all sorts of credentials that should use the ID.
… and many that should not state an ID--when they're for private individuals, etc.
… we may want to put this in the Privacy section--and it may already be covered.
Dave Longley: +1 to what the credential is about should be a strong consideration on what ID/what kinds of IDs you might use.
Gabe Cohen: +1 Manu, understood.
Paul Dietrich: we do use resolvable URIs for public credentials.
… if it's PII, then there are reasons not o.
… but there are certainly reasons to use public URIs.
… and I do think it's already in the Privacy section.
Michael Jones: there are cases where we use these, and without them key discovery breaks.
Brent Zundel: did that help?
Gabe Cohen: yes. I'll incorporate it into a PR.
The issue was discussed in a meeting on 2024-03-13
- no resolutions were taken
View the transcript
4.2. first example contains an http url identifying a credential (issue vc-data-model#1432)
See github issue vc-data-model#1432.
Brent Zundel: Gabe agreed to do a PR, he's not here... I'm marking pending close. Will reach out to Gabe.