Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add mechanism to cryptographically secure non-credential VP properties (contexts etc) #1360

Open
dmitrizagidulin opened this issue Nov 23, 2023 · 9 comments
Open

Add mechanism to cryptographically secure non-credential VP properties (contexts etc) #1360

dmitrizagidulin opened this issue Nov 23, 2023 · 9 comments
Labels
future issue left open for a future group to address

Comments

@dmitrizagidulin
Copy link
Contributor

dmitrizagidulin commented Nov 23, 2023
edited

(Extracting from issue #1265, as requested on the previous call.)
Verifiable Presentations need a way to cryptographically secure externally linked resources (such as @contexts) that is similar to the VC relatedResources/digestSRI mechanism.
@dmitrizagidulin
Copy link
Contributor Author

dmitrizagidulin commented Nov 23, 2023
edited

My proposal - we add the relatedResources field to the VP data model. (That is, extend the domain of the relatedResources field to be either VC or VP.)

@dmitrizagidulin dmitrizagidulin mentioned this issue Nov 23, 2023
Closed
@OR13
Copy link
Contributor

OR13 commented Nov 28, 2023

this is not an issue for vc-jose-cose, additional claims can be present, and if not understood they are ignored.

in the context of rdf, they get assigned "issuer dependent terms".

@msporny msporny added the ready for PR This issue is ready for a Pull Request to be created to resolve it label Nov 28, 2023
@OR13
Copy link
Contributor

OR13 commented Nov 28, 2023

@dmitrizagidulin that functionality is still supported by what I said... and it still needs to be interpreted consistently by issuers and verifiers to be useful.

@dmitrizagidulin
Copy link
Contributor Author

@OR13 I agree that schema-wise, it's not an issue for jose/cose serializations. However, we should still highlight its use in VPs, so that verifiers interpret it consistently

@iherman
Copy link
Member

iherman commented Nov 28, 2023

The issue was discussed in a meeting on 2023-11-28

  • no resolutions were taken
View the transcript

1.2. Add mechanism to cryptographically secure non-credential VP properties (contexts etc) (issue vc-data-model#1360)

See github issue vc-data-model#1360.

Dmitri Zagidulin: We want to be able to lock these down cryptographically.
… We have only added this for verifiable credentials.
… But not for related resources.
… We need to do this for VPs.

Brent Zundel: Can the solution be as simple as saying "this section also refers to VPs".

Manu Sporny: Do you mean "related resources"?
… I can volunteer to write a PR for this.

Joe Andrieu: correct. id we need to secure contexts we should do that. arbitrary resources is a layer violation.

Phillip Long: pdl-asu has joined #vcwg-special.

Joe Andrieu: happy to review pr.

@msporny msporny mentioned this issue Dec 3, 2023
Closed
@msporny
Copy link
Member

msporny commented Dec 3, 2023

PR #1370 has been raised to address this issue. This issue will be closed once issue #1370 has been merged.

@msporny msporny added pr exists and removed ready for PR This issue is ready for a Pull Request to be created to resolve it labels Dec 3, 2023
@msporny
Copy link
Member

msporny commented Dec 13, 2023

PR #1370 has failed to gain consensus.

@msporny msporny added pending close Close if no objection within 7 days and removed pending close Close if no objection within 7 days labels Dec 13, 2023
@brentzundel brentzundel added future issue left open for a future group to address and removed pr exists before-CR labels Dec 13, 2023
@iherman
Copy link
Member

iherman commented Dec 13, 2023

The issue was discussed in a meeting on 2023-12-13

  • no resolutions were taken
View the transcript

2.3. Add mechanism to cryptographically secure non-credential VP properties (contexts etc) (issue vc-data-model#1360)

See github issue vc-data-model#1360.

Brent Zundel: add mechanism to secure presentation metadata, related to related resource stuff.
… separated from enveloped credentials.
… seems like we tried, and now its time to decide to close the issue... if it stays open, it will be labeled future work.

Dmitri Zagidulin: I recommend we label future work.
… this seems important, but we should leave a roadmarker for the future us.

Brent Zundel: unless there is objection, I will label as future work.
… I will remove the before CR label, and unassign manu.

@iherman
Copy link
Member

iherman commented Apr 3, 2024

The issue was discussed in a meeting on 2024-04-03

  • no resolutions were taken
View the transcript

2.1. Add mechanism to cryptographically secure non-credential VP properties (contexts etc) (issue vc-data-model#1360)

See github issue vc-data-model#1360.

Manu Sporny: we deferred this to a future WG.

Gabe Cohen: ok. no worries there.
… current issues don't seem pressing. there are two PRs.

Manu Sporny: can we turn to status list issues?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
future issue left open for a future group to address
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@msporny @iherman @dmitrizagidulin @OR13 @brentzundel