above shows the basic components of a
[=verifiable credential=], but abstracts the details about how [=claims=]
are organized into information [=graphs=], which are then organized into
-[=verifiable credentials=]. below shows a
-more complete depiction of a [=verifiable credential=], which is normally
-composed of at least two information [=graphs=]. The first [=graph=]
-(the [=verifiable credential graph=], in this case the [=default graph=])
-expresses the [=verifiable credential=] itself, which contains credential
-metadata and other [=claims=]. The second [=graph=]
-(the proof graph of the [=verifiable credential=], which is a
-named graph) expresses the digital proof, which is, in this case, a
-digital signature.
+[=verifiable credentials=].
+
+
+ below shows a more complete depiction of a
+[=verifiable credential=] using an [=embedded proof=] based on [[?VC-DATA-INTEGRITY]].
+It is composed of at least two information [=graphs=].
+The first of these information [=graphs=], the [=verifiable credential graph=] (which is the [=default graph=]),
+expresses the [=verifiable credential=] itself, through [=credential=] metadata and other [=claims=].
+The second information [=graph=], referred to by the proof property, is the proof graph
+of the [=verifiable credential=], and is a separate [=named graph=].
+The [=proof graph=] expresses the digital proof, which, in this case, is a digital
+signature.
@@ -796,7 +799,39 @@
Credentials
parenthetical remark '(the default graph)', the verifiable credential proof
graph is annotated with the parenthetical remark '(a named graph)'.">
-Information graphs associated with a basic verifiable credential.
+Information graphs associated with a basic verifiable credential, using an [=embedded proof=]
+based on [[[VC-DATA-INTEGRITY]]] [[?VC-DATA-INTEGRITY]].
+
+
+
+
+ below shows the same [=verifiable credential=]
+ as , but using JOSE based on [[?VC-JOSE-COSE]].
+ The payload contains a single information graph, that being the [=verifiable credential graph=]
+ containing [=credential=] metadata and other [=claims=].
+
+
+
+
+
+ Information graphs associated with a basic verifiable credential, using an [=enveloping proof=]
+ based on [[[VC-JOSE-COSE]]] [[?VC-JOSE-COSE]].
@@ -857,22 +892,25 @@
Presentations
[=verifiable credentials=] are organized into information [=graphs=],
which are then organized into [=verifiable presentations=].
-
+
below shows a more complete depiction of a
-[=verifiable presentation=], which is normally composed of at least four
-information [=graphs=]. The first of these [=graphs=], the
-[=verifiable presentation graph=] (which is the [=default graph=]),
-expresses the [=verifiable presentation=] itself, and contains presentation
-metadata. The `verifiableCredential` property in the verifiable
-presentation graph refers to one or more [=verifiable credentials=], each
-being one of the second information [=graphs=], i.e., a self-contained
-[=verifiable credential graph=] which in turn contains credential metadata
-and other claims. Each of these graphs are separate [=named graphs=]. The
-third information [=graph=], the verifiable credential [=proof graph=],
-expresses the credential graph proof, which is usually a digital signature. The
-fourth information [=named graph=], the presentation [=proof graph=],
-expresses the presentation's digital proof, which is usually a digital
-signature.
+[=verifiable presentation=] using an embedded proof
+based on [[?VC-DATA-INTEGRITY]].
+It is composed of at least four information [=graphs=].
+The first of these information [=graphs=], the [=verifiable presentation graph=]
+(which is the [=default graph=]), expresses the [=verifiable presentation=]
+itself through [=presentation=] metadata.
+The [=verifiable presentation=] refers, via the verifiableCredential property,
+to a [=verifiable credential=].
+This [=credential=] is a self-contained [=verifiable credential graph=] containing [=credential=] metadata and other [=claims=].
+This [=credential=] refers to a [=verifiable credential=] [=proof graph=] via a proof property,
+expressing the proof (usually a digital signature) of the [=credential=].
+This [=verifiable credential graph=], and its linked [=proof graph=], constitute
+the second and third information [=graphs=], respectively, and each is a separate [=named graph=].
+The [=presentation=] also refers, via the proof property, to
+the [=presentation=]'s [=proof graph=], which is the fourth information [=graph=] (another [=named graph=]).
+This [=presentation=] [=proof graph=] represents the digital signature of the [=verifiable presentation graph=],
+the [=verifiable credential graph=], and the [=proof graph=] linked from the [=verifiable credential graph=].
@@ -886,21 +924,65 @@
Presentations
graph is connected, through 'verifiableCredential', to the part of the figure
which is identical to Figure 6, except that the verifiable credential graph is
annotated to be a named graph instead of a default graph.
-The verifiable presentation proof graph, has and object with 'Signature 8910'
-with 5 properties: 'type' of DataIntegrityProof, 'verificationMethod' of Example
-Presenter Public Key 11, 'created' of 2018-01-15T12:43:56Z, 'challenge' of
-d28348djsj3239, a 'nonce' of 'd28348djsj3239', and 'proofValue' of
-'p2KaZ...8Fj3K='. This graph is annotated with the parenthetical remark '(a
+The verifiable presentation proof graph has an object with 'Signature 8910'
+with 5 properties: 'type' with value 'DataIntegrityProof'; 'verificationMethod' with value 'Example
+Presenter Public Key 11'; 'created' with value '2018-01-15T12:43:56Z';
+'nonce' with value 'd28348djsj3239'; and 'proofValue' with value
+'zp2KaZ...8Fj3K='. This graph is annotated with the parenthetical remark '(a
named graph)'">
-Information graphs associated with a basic verifiable presentation.
+Information [=graphs=] associated with a basic [=verifiable presentation=] that is using an [=embedded proof=]
+based on [[[VC-DATA-INTEGRITY]]] [[?VC-DATA-INTEGRITY]].
+
+
+
+
+ below shows the same [=verifiable presentation=]
+ as , but using an [=enveloping proof=] based on [[?VC-JOSE-COSE]].
+ The payload contains only two information graphs: the [=verifiable presentation graph=]
+ expressing the [=verifiable presentation=] itself through presentation metadata;
+ and the corresponding [=verifiable credential graph=], referred to by
+ the `verifiableCredential` property.
+ The [=verifiable credential graph=] contains a single
+ `EnvelopedVerifiableCredential` instance
+ referring, via a `data:` URL [[RFC2397]], to the verifiable credential secured via
+ an [=enveloping proof=] shown on .
+
+
+
+
+
+ Information graphs associated with a basic [=verifiable presentation=] that is using an [=enveloping proof=]
+ based on JOSE [[?VC-JOSE-COSE]]. The `data:` URL refers to
+ the [=verifiable credential=] shown on .
+
-It is possible to have a [=presentation=], such as a business persona, which
+It is possible to have a [=presentation=], such as a collection of university credentials, which
draws on multiple [=credentials=] about different [=subjects=] that are
often, but not required to be, related.
+This is achieved by using the `verifiableCredential` property to
+refer to multiple [=verifiable credentials=].
+See Appendix for more details.
@@ -7064,6 +7146,88 @@
application/vp+ld+json
+
+
Additional Diagrams for Verifiable Presentations
+
+
+ below is a variant of :
+ a [=verifiable presentation=] referring to two [=verifiable credentials=], and using embedded proofs
+ based on [[?VC-DATA-INTEGRITY]].
+ Each [=verifiable credential graph=] is connected to
+ its own separate [=proof graph=]; the verifiableCredential property is used
+ to connect the [=verifiable presentation=] to the [=verifiable credential graphs=].
+ The [=presentation=] [=proof graph=] represents the digital signature of the [=verifiable presentation graph=],
+ both [=verifiable credential graphs=], and the [=proof graphs=] linked from the [=verifiable credential graphs=].
+ The complete [=verifiable presentation=]
+ consists, in this case, of six information [=graphs=].
+
+
+
+
+
+ A variant of : information [=graphs=] associated with a [=verifiable presentation=]
+ referring to two
+ verifiable credentials, using an [=embedded proof=] based on [[[VC-DATA-INTEGRITY]]] [[?VC-DATA-INTEGRITY]].
+
+
+
+
+ below shows the same [=verifiable presentation=]
+ as , but using an [=enveloping proof=] based on [[?VC-JOSE-COSE]].
+ Each [=verifiable credential graph=] contains a single
+ `EnvelopedVerifiableCredential` instance,
+ referring, via a data: URL [[RFC2397]], to a verifiable credential secured via
+ an [=enveloping proof=].
+
+
+
+
+
+ A variant of : information [=graphs=] associated with a [=verifiable presentation=]
+ referring to two verifiable credentials using [=enveloping proofs=] based on JOSE [[?VC-JOSE-COSE]].
+
+
+
+
+
+
+ 
+ 
+ 
+