Patrick St-Louis

You are correct, ACA-py only supports `ED25519Signature2018`/`ED25519Signature2020`. Support for `EcdsaSecp256k1Signature2019` would be a good addition to, and should be simpler to implement on the verification side. If you're interested to...

Proof set or proof chain, I think regardless it should be an array, even if only 1 proof is present...Due to the complexity of proof chains over proof set, maybe...

I was looking into this as well, I also landed on `application/octet-stream` as there is no registered MIME type for jsonlines. Is there documentation about `text/jsonl`?

I think regardless of the decision we use in the spec, it's not an official media type. I have settled for `text/jsonl` in the tdw server. This can easily be...

@crajapakshe pysha3 is a separate package, and we won't likely be able to update this package in a timely manner as there is some breaking changes introduced in >=1.0. Current...

@kukgini plenum uses jsonpickle version 3.0.3 which isn't vulnerable. The [NVD](https://nvd.nist.gov/vuln/detail/CVE-2020-22083) states that the vulnerability only affects version 1.4.1 and below.

I'm currently not convinced by this solution as this assumes that the first verification method corresponds to the keypair used to sign the document. I would rather see a field...

@dbluhm wasn't there a way to bind a `verificationMethod` to a did in the didcomm-v2 PR? I think this is a much better approach, when a client creates a did,...

Thanks for clarifying. One way to create a binding is to ensure that the `verificationMethod` matches at least one of the `ldp_vp.proof_type`. In your example, you use the `Ed25519Signature2018` proof_type....

In the current state, this feature is undocumented and is inserting a behavior which could be problematic in some cases. But this is definitely something that needs to be addressed...