You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: specifications/credential.issuance.protocol.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -76,7 +76,7 @@ the client's [=DID=] to obtain cryptographic material for validation and credent
76
76
77
77
The ID Token MUST contain a `token` claim that is a bearer token granting write privileges for the
78
78
requested [=Verifiable Credentials=] into the client's `Credential Service` as defined
79
-
by[[[#verifiable-presentation-protocol]]]
79
+
by[[[#verifiable-presentation-protocol]]]
80
80
81
81
The bearer token MAY also be used by the [=Issuer Service=] to resolve [=Verifiable Presentations=] the client is
82
82
required to hold for issuance of the requested [=Verifiable Credentials=].
@@ -234,7 +234,7 @@ The following is a non-normative example of a credential offer request:
234
234
|| - `credentialType`: A single string specifying type of credential being offered |
235
235
|**Optional**| - `@context`: Specifies a valid Json-Ld context ([[json-ld11]], sect. 3.1). As the `credentialObject` is usually embedded, its context is provided by the enveloping object. |
236
236
|| - `bindingMethods`: An array of strings defining the key material that an issued credential is bound to |
237
-
|| - `credentialSubject`: A URL pointing to the credential schema of the object in a VC's `credentialSubject` property.|
237
+
|| - `credentialSchema`: A URL pointing to the credential schema of the object in a VC's `credentialSubject` property.|
238
238
|| - `profiles`: An array of strings containing the aliases of the [profiles](#profiles-of-the-decentralized-claims-protocol), e.g. `"vc20-bssl/jwt"`|
239
239
|| - `issuancePolicy`: A [presentation definition](https://identity.foundation/presentation-exchange/spec/v2.0.0/#presentation-definition)[[presentation-ex]] signifying the required [=Verifiable Presentation=] for issuance. |
240
240
|| - `offerReason`: A reason for the offer as a string. Valid values may include `reissue` and `proof-key-revocation`|
Copy file name to clipboardExpand all lines: specifications/verifiable.presentation.protocol.md
+12-12Lines changed: 12 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -192,15 +192,15 @@ when a `presentationDefinition`
192
192
is provided in the [[[#presentation-query-message]]].
193
193
194
194
### Presentation Validation
195
-
[=Verifier=] SHOULD validate the [=Verifiable-Presentation=] in the following manner:
196
-
197
-
1. The [=Verifier=] MUST assert that the [=Verifiable-Presentation=] is created either according to the `scope` or `presentationDefinition`
198
-
2. The [=Verifier=] MUST validate the signature of the [=Verifiable-Presentation=] by using the key obtained from the resolved `VerificationMethod` of the [=Verifiable-Presentation=]. [=DID=] resolution is performed according to the [=DID=] Method specified in the [=DID=] part of the `VerificationMethod` of the [=Verifiable-Presentation=].
199
-
3. The [=Verifier=] MUST validate that the `VerificationMethod` of the [=Verifiable-Presentation=] has the `Authentication`[Verification Relationship](https://www.w3.org/TR/did-1.0/#authentication)
200
-
4. The [=Verifier=] MUST assert that the [=DID=] in the `VerificationMethod` of the [=Verifiable-Credential=] has the same value as the `issuer` of the [=Verifiable-Credential=].
201
-
5. The [=Verifier=] MUST validate the signature of the [=Verifiable-Credential=] by using the key obtained from the resolved `VerificationMethod` of the [=Verifiable-Credential=]. [=DID=] resolution is performed according to the [=DID=] Method specified in the [=DID=] part of the `VerificationMethod` of the [=Verifiable-Presentation=].
202
-
6. If the [=Verifiable-Credential=] contains a revocation mechanism, such as `StatusList2021`, the [=Verifier=] MUST validate the status of the [=Verifiable-Credential=] according to the revocation mechanism.
203
-
7. If the [=Verifiable-Presentation=] contains any claims regarding its `expiryDate` or `validity`, the [=Verifier=] MUST validate those claims.
204
-
8. If any of the steps fail, the [=Verifier=] MUST consider the [=Verifiable-Presentation=] invalid.
205
-
206
-
Additionally, if the specific semantics of a data space and credentials require cryptographic holder binding, the [=Verifier=] MUST assert that the `credentialSubject.id` in the [=Verifiable-Credential=] and the [=DID=] part of the `VerificationMethod` of the [=Verifiable-Presentation=] have the same value.
195
+
[=Verifier=] SHOULD validate the [=VerifiablePresentation=] in the following manner:
196
+
197
+
1. The [=Verifier=] MUST assert that the [=VerifiablePresentation=] is created either according to the `scope` or `presentationDefinition`
198
+
2. The [=Verifier=] MUST validate the signature of the [=VerifiablePresentation=] by using the key obtained from the resolved `VerificationMethod` of the [=VerifiablePresentation=]. [=DID=] resolution is performed according to the [=DID=] Method specified in the [=DID=] part of the `VerificationMethod` of the [=VerifiablePresentation=].
199
+
3. The [=Verifier=] MUST validate that the `VerificationMethod` of the [=VerifiablePresentation=] has the `Authentication`[Verification Relationship](https://www.w3.org/TR/did-1.0/#authentication)
200
+
4. The [=Verifier=] MUST assert that the [=DID=] in the `VerificationMethod` of the [=VerifiableCredential=] has the same value as the `issuer` of the [=VerifiableCredential=].
201
+
5. The [=Verifier=] MUST validate the signature of the [=VerifiableCredential=] by using the key obtained from the resolved `VerificationMethod` of the [=VerifiableCredential=]. [=DID=] resolution is performed according to the [=DID=] Method specified in the [=DID=] part of the `VerificationMethod` of the [=VerifiablePresentation=].
202
+
6. If the [=VerifiableCredential=] contains a revocation mechanism, such as `StatusList2021`, the [=Verifier=] MUST validate the status of the [=VerifiableCredential=] according to the revocation mechanism.
203
+
7. If the [=VerifiablePresentation=] contains any claims regarding its `expiryDate` or `validity`, the [=Verifier=] MUST validate those claims.
204
+
8. If any of the steps fail, the [=Verifier=] MUST consider the [=VerifiablePresentation=] invalid.
205
+
206
+
Additionally, if the specific semantics of a data space and credentials require cryptographic holder binding, the [=Verifier=] MUST assert that the `credentialSubject.id` in the [=VerifiableCredential=] and the [=DID=] part of the `VerificationMethod` of the [=VerifiablePresentation=] have the same value.
0 commit comments