Dave Longley

Style guide related issue: https://github.com/w3c-ccg/vc-api/issues/35

One way the issuance API could return enveloped (e.g., JWT-secured VCs) is by reusing the `EnvelopedCredentialPattern` here: https://www.w3.org/TR/vc-data-model-2.0/#example-basic-structure-of-a-presentation-0 This should not require any changes to the return value from the...

@OR13, > Seems like `proof` MUST NOT be present in `credential`. > > @msporny @dlongley do you agree? No, I think it needs more consideration. Some further experimentation should be...

A single issuer could use multiple proofs with different cryptosuites to reduce crypto-fragility. > Seems like we are intentionally leaving a security hole in an API definition for a use...

@OR13, >> We know of at least one use case with a single issuer that has multiple proofs with different cryptosuites. > > Is this a VCWG decision or a...

@OR13, > > A credential can most certainly have a proof in it if we're talking about the VCDM generally, but I don't think that's what's being discussed here. >...

One reason to add a callback URL might be to try and eliminate a need to poll an exchange for updates to its state. I imagine that's the main draw....

Note that including information such as the payload in the callback can create problems for consumers that have strict limits on incoming payload size. These same limits are usually more...

I should also note that limits on incoming payload size could be lifted -- but this is usually only done based on authz credentials, which only further adds complexity. Ideally,...

> For `@vocab`, the implications to the Context Processing Algorithm would be in step 5.8 and would need to have "vocabulary mapping" be a structure including some notion of protected,...