From a22d1f7d47fb7be959c8285d14fa2a85c6503fb6 Mon Sep 17 00:00:00 2001
From: Ivan Herman
Date: Wed, 27 Dec 2023 14:35:56 +0100
Subject: [PATCH 1/6] Add initial set of JOSE diagrams.
---
diagrams/vc-jwt.drawio | 166 ++++++++++++++++
diagrams/vc-jwt.svg | 313 ++++++++++++++++++++++++++++++
diagrams/vp-jwt.drawio | 232 ++++++++++++++++++++++
diagrams/vp-jwt.svg | 428 +++++++++++++++++++++++++++++++++++++++++
index.html | 133 ++++++++++---
5 files changed, 1247 insertions(+), 25 deletions(-)
create mode 100644 diagrams/vc-jwt.drawio
create mode 100644 diagrams/vc-jwt.svg
create mode 100644 diagrams/vp-jwt.drawio
create mode 100644 diagrams/vp-jwt.svg
diff --git a/diagrams/vc-jwt.drawio b/diagrams/vc-jwt.drawio
new file mode 100644
index 000000000..92cdacaeb
--- /dev/null
+++ b/diagrams/vc-jwt.drawio
@@ -0,0 +1,166 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/diagrams/vc-jwt.svg b/diagrams/vc-jwt.svg
new file mode 100644
index 000000000..d04f39a10
--- /dev/null
+++ b/diagrams/vc-jwt.svg
@@ -0,0 +1,313 @@
+
+
+
+
+
+
+
+
+
+
+ JWS (Decoded)
+
+
+
+
+
+
+ JWS (Decoded)
+
+
+
+
+
+
+
+
+ Header
+
+
+
+
+
+
+ Payload
+
+
+
+
+
+
+ Signature
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ verifiable credential graph
+
+ (serialized in JSON)
+
+
+
+
+
+
+
+ verifiable credential...
+
+
+
+
+
+
+
+
+
+ Example University
+
+
+
+
+
+
+ Example University
+
+
+
+
+
+
+
+
+
+ 2010-01-01T10:37.24Z
+
+
+
+
+
+
+ 2010-01-01T10:37.24Z
+
+
+
+
+
+
+
+
+
+ Example Alumni Credential
+
+
+
+
+
+
+ Example Alumni Credent...
+
+
+
+
+
+
+
+
+
+ Credential123
+
+
+
+
+
+
+ Credential123
+
+
+
+
+
+
+ Pat
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+ validFrom
+
+
+
+
+
+
+
+ issuer
+
+
+
+
+
+
+
+
+ credentialSubject
+
+
+
+
+ credentialSubject
+
+
+
+
+
+
+
+ alumniOf
+
+
+
+
+
+
+
+
+ DtEhU3ljbEg8L38VWAfUA...
+
+
+
+
+ DtEhU3ljbEg8L38VWAfUA...
+
+
+
+
+
+
+
+
+
+ kid: https://example.com/keys/#1234
+
+
+
+
+
+ kid: https://example.com/keys/#12...
+
+
+
+
+
+
+ alg: E384
+
+
+
+
+
+
+
+
+ cty: vc+ld+json
+
+
+
+
+
+ cty: vc+ld+json
+
+
diff --git a/diagrams/vp-jwt.drawio b/diagrams/vp-jwt.drawio
new file mode 100644
index 000000000..39efa44ed
--- /dev/null
+++ b/diagrams/vp-jwt.drawio
@@ -0,0 +1,232 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/diagrams/vp-jwt.svg b/diagrams/vp-jwt.svg
new file mode 100644
index 000000000..047795328
--- /dev/null
+++ b/diagrams/vp-jwt.svg
@@ -0,0 +1,428 @@
+
+
+
+
+
+
+
+
+
+
+ JWT (Decoded)
+
+
+
+
+
+
+ JWT (Decoded)
+
+
+
+
+
+
+
+
+ Header
+
+
+
+
+
+
+ Payload
+
+
+
+
+
+
+ Signature
+
+
+
+
+
+
+
+
+
+
+
+
+ XaOOh4ljklxH7L99RTVSfOl...
+
+
+
+
+ XaOOh4ljklxH7L99RTVSfOl...
+
+
+
+
+
+
+
+
+
+ kid: https://example.com/keys/#1234
+
+
+
+
+
+ kid: https://example.com/keys/#12...
+
+
+
+
+
+
+ alg: E384
+
+
+
+
+
+
+
+
+ cty: vp+ld+json
+
+
+
+
+
+ cty: vp+ld+json
+
+
+
+
+
+
+
+
+
+
+
+ verifiable presentation graph
+
+ (serialized in JSON)
+
+
+
+
+
+
+
+ verifiable presentation gr...
+
+
+
+
+
+
+
+
+
+
+ Presentation ABC
+
+
+
+
+
+
+ Presentation ABC
+
+
+
+
+
+
+
+
+
+ VerifiablePresentation
+
+
+
+
+
+
+ VerifiablePresentation
+
+
+
+
+
+
+
+
+
+ DoNotArchive
+
+
+
+
+
+
+ DoNotArchive
+
+
+
+
+
+
+
+ termsOfUse
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+
+
+ verifiableCredential
+
+
+
+
+ verifiableCredential
+
+
+
+
+
+
+
+
+
+ Example University
+
+
+
+
+
+
+ Example University
+
+
+
+
+
+
+
+
+
+ 2010-01-01T10:37.24Z
+
+
+
+
+
+
+ 2010-01-01T10:37.24Z
+
+
+
+
+
+
+
+
+
+ Example Alumni Credential
+
+
+
+
+
+
+ Example Alumni Creden...
+
+
+
+
+
+
+
+
+
+ Credential123
+
+
+
+
+
+
+ Credential123
+
+
+
+
+
+
+ Pat
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+ validFrom
+
+
+
+
+
+
+
+ issuer
+
+
+
+
+
+
+
+
+ credentialSubject
+
+
+
+
+ credentialSubject
+
+
+
+
+
+
+
+ alumniOf
+
+
+
+
+
+
+
+
+
+ verifiable credential graph
+
+ (serialized in JSON)
+
+
+
+
+
+
+
+ verifiable credential grap...
+
+
diff --git a/index.html b/index.html
index 8947e8811..aec068fa8 100644
--- a/index.html
+++ b/index.html
@@ -768,15 +768,18 @@ Credentials
above shows the basic components of a
[=verifiable credential=], but abstracts the details about how [=claims=]
are organized into information [=graphs=], which are then organized into
-[=verifiable credentials=]. below shows a
-more complete depiction of a [=verifiable credential=], which is normally
-composed of at least two information [=graphs=]. The first [=graph=]
-(the [=verifiable credential graph=], in this case the [=default graph=])
-expresses the [=verifiable credential=] itself, which contains credential
-metadata and other [=claims=]. The second [=graph=]
-(the proof graph of the [=verifiable credential=], which is a
-named graph ) expresses the digital proof, which is, in this case, a
-digital signature.
+[=verifiable credentials=].
+
+
+ below shows a more complete depiction of a
+[=verifiable credential=] using an [=embedded proof=] based on [[?VC-DATA-INTEGRITY]].
+It is composed of at least two information [=graphs=].
+The first [=graph=] (the [=verifiable credential graph=], in this case the [=default graph=])
+expresses the [=verifiable credential=] itself through credential metadata and other [=claims=].
+The second [=graph=], referred to by the proof
property, is the [=proof graph=]
+of the [=verifiable credential=], and is a separate [=named graph=].
+The [=proof graph=] expresses the digital proof, which is, in this case, a digital
+signature.
@@ -796,7 +799,39 @@ Credentials
parenthetical remark '(the default graph)', the verifiable credential proof
graph is annotated with the parenthetical remark '(a named graph)'.">
-Information graphs associated with a basic verifiable credential.
+Information graphs associated with a basic verifiable credential, using an [=embedded proof=]
+based on [[[VC-DATA-INTEGRITY]]] [[?VC-DATA-INTEGRITY]].
+
+
+
+
+ below shows the same [=verifiable credential=]
+ as , but using an [=enveloping proof=] based on [[?VC-JOSE-COSE]].
+ The payload contains a single information graph, namely the the [=verifiable credential graph=]
+ containing credential metadata and other [=claims=].
+
+
+
+
+
+ Information graphs associated with a basic verifiable credential, using an [=enveloping proof=]
+ based on [[[VC-JOSE-COSE]]] [[?VC-JOSE-COSE]].
@@ -859,20 +894,24 @@ Presentations
below shows a more complete depiction of a
-[=verifiable presentation=], which is normally composed of at least four
-information [=graphs=]. The first of these [=graphs=], the
-[=verifiable presentation graph=] (which is the [=default graph=]),
-expresses the [=verifiable presentation=] itself, and contains presentation
-metadata. The `verifiableCredential` property in the verifiable
-presentation graph refers to one or more [=verifiable credentials=], each
-being one of the second information [=graphs=], i.e., a self-contained
-[=verifiable credential graph=] which in turn contains credential metadata
-and other claims. Each of these graphs are separate [=named graphs=]. The
-third information [=graph=], the verifiable credential [=proof graph=],
-expresses the credential graph proof, which is usually a digital signature. The
-fourth information [=named graph=], the presentation [=proof graph=],
-expresses the presentation's digital proof, which is usually a digital
-signature.
+[=verifiable presentation=] using an embedded proof
+based on [[?VC-DATA-INTEGRITY]].
+It is composed of at least four information [=graphs=].
+The first of these [=graphs=], the [=verifiable presentation graph=]
+(which is the [=default graph=]), expresses the [=verifiable presentation=]
+itself through presentation metadata.
+The verifiable presentation refers, via the verifiableCredential
property,
+to a [=verifiable credential=].
+This credential is a self-contained [=verifiable credential graph=] containing
+credential metadata and other [=claims=].
+This credential refers to a verifiable credential [=proof graph=] via a proof
property,
+expressing the proof of the credential (usually a digital signature).
+This [=verifiable credential graph=], linked to the [=proof graph=], constitute
+the second and third information graphs, respectively, and are both separate [=named graphs=].
+The presentation also refers, via the proof
property, to
+the fourth information [=named graph=], namely the presentation's [=proof graph=].
+This presentation proof graph represents the digital signature of the verifiable presentation graph,
+the credential graph, and the proof graph linked from the credential graph.
@@ -893,14 +932,58 @@ Presentations
'p2KaZ...8Fj3K='. This graph is annotated with the parenthetical remark '(a
named graph)'">
-Information graphs associated with a basic verifiable presentation.
+Information graphs associated with a basic verifiable presentation using an [=embedded proof=]
+based on [[[VC-DATA-INTEGRITY]]] [[?VC-DATA-INTEGRITY]].
+
+ below shows the same [=verifiable presentation=]
+ as , but using an [=enveloping proof=] based on [[?VC-JOSE-COSE]].
+ The payload contains only two information graphs: the [=verifiable presentation graph=]
+ expressing the [=verifiable presentation=] itself through presentation metadata,
+ and the corresponding [=verifiable credential graph=], referred to by
+ the verifiableCredential
property.
+ The verifiable credential graph contains credential metadata and other claims.
+
+
+
+
+
+ Information graphs associated with a basic verifiable presentation, using an [=enveloping proof=]
+ based on [[[VC-JOSE-COSE]]] [[?VC-JOSE-COSE]].
+
+
+
+
It is possible to have a [=presentation=], such as a business persona, which
draws on multiple [=credentials=] about different [=subjects=] that are
often, but not required to be, related.
+This is achieved by using the verifiableCredential
property to
+refer to multiple verifiable credentials. In the [=embedded proof=] case this means adding several verifiable credential
+graphs, each with its own, separate proof graph; the number of information graphs becomes then six, eight, etc.
+In the [=enveloping proof=] case the additional verifiable credential graphs are added to the same payload.
From 9c81a5d5b4186938358ad4d0bf89eb2cfe5a9983 Mon Sep 17 00:00:00 2001
From: Ivan Herman
Date: Thu, 28 Dec 2023 09:04:11 +0100
Subject: [PATCH 2/6] Fix grammar in JWT diagram descriptions.
Co-authored-by: Ted Thibodeau Jr
---
index.html | 59 +++++++++++++++++++++++++++---------------------------
1 file changed, 29 insertions(+), 30 deletions(-)
diff --git a/index.html b/index.html
index aec068fa8..8b7a9d3e5 100644
--- a/index.html
+++ b/index.html
@@ -774,11 +774,11 @@ Credentials
below shows a more complete depiction of a
[=verifiable credential=] using an [=embedded proof=] based on [[?VC-DATA-INTEGRITY]].
It is composed of at least two information [=graphs=].
-The first [=graph=] (the [=verifiable credential graph=], in this case the [=default graph=])
-expresses the [=verifiable credential=] itself through credential metadata and other [=claims=].
-The second [=graph=], referred to by the proof
property, is the [=proof graph=]
+The first of these information [=graphs=], the [=verifiable credential graph=] (which is the [=default graph=]),
+expresses the [=verifiable credential=] itself, through [=credential=] metadata and other [=claims=].
+The second information [=graph=], referred to by the proof
property, is the [=proof graph=]
of the [=verifiable credential=], and is a separate [=named graph=].
-The [=proof graph=] expresses the digital proof, which is, in this case, a digital
+The [=proof graph=] expresses the digital proof, which, in this case, is a digital
signature.
@@ -807,8 +807,8 @@ Credentials
below shows the same [=verifiable credential=]
as , but using an [=enveloping proof=] based on [[?VC-JOSE-COSE]].
- The payload contains a single information graph, namely the the [=verifiable credential graph=]
- containing credential metadata and other [=claims=].
+ The payload contains a single information graph, that being the [=verifiable credential graph=]
+ containing [=credential=] metadata and other [=claims=].
@@ -818,13 +818,13 @@ Credentials
The 'Header' label is connected, with an arrow, to a separate rectangle
on the right hand side containing three text fields: 'kid: https://example.com/keys/#1234',
'alg: E384', and 'cty: vc+ld+json'.
- The 'Payload' label of the left side is connected, with an arrow, to a separate rectangle,
+ The 'Payload' label on the left side is connected, with an arrow, to a separate rectangle,
containing a single graph.
The rectangle has a label: 'verifiable credential graph (serialized in JSON)'
The claims in the graph include 'Credential 123' as a subject
- with 4 properties: 'type' of value 'ExampleAlumniCredential',
- 'issuer' of 'Example University', 'validFrom' of '2010-01-01T19:23:24Z', and
- 'credentialSubject' of 'Pat', who also has an 'alumniOf' property with value of
+ with 4 properties: 'type' with value 'ExampleAlumniCredential',
+ 'issuer' with value 'Example University', 'validFrom' with value '2010-01-01T19:23:24Z', and
+ 'credentialSubject' with value 'Pat', who also has an 'alumniOf' property with value
'Example University'.
Finally, the 'Signature' label on the left side is connected, with an
arrow, to a separate rectangle, containing a single text field:
@@ -897,21 +897,20 @@ Presentations
[=verifiable presentation=] using an embedded proof
based on [[?VC-DATA-INTEGRITY]].
It is composed of at least four information [=graphs=].
-The first of these [=graphs=], the [=verifiable presentation graph=]
+The first of these information [=graphs=], the [=verifiable presentation graph=]
(which is the [=default graph=]), expresses the [=verifiable presentation=]
-itself through presentation metadata.
-The verifiable presentation refers, via the verifiableCredential
property,
+itself through [=presentation=] metadata.
+The [=verifiable presentation=] refers, via the verifiableCredential
property,
to a [=verifiable credential=].
-This credential is a self-contained [=verifiable credential graph=] containing
-credential metadata and other [=claims=].
-This credential refers to a verifiable credential [=proof graph=] via a proof
property,
-expressing the proof of the credential (usually a digital signature).
-This [=verifiable credential graph=], linked to the [=proof graph=], constitute
-the second and third information graphs, respectively, and are both separate [=named graphs=].
-The presentation also refers, via the proof
property, to
-the fourth information [=named graph=], namely the presentation's [=proof graph=].
-This presentation proof graph represents the digital signature of the verifiable presentation graph,
-the credential graph, and the proof graph linked from the credential graph.
+This [=credential=] is a self-contained [=verifiable credential graph=] containing [=credential=] metadata and other [=claims=].
+This [=credential=] refers to a [=verifiable credential=] [=proof graph=] via a proof
property,
+expressing the proof (usually a digital signature) of the [=credential=].
+This [=verifiable credential graph=], and its linked [=proof graph=], constitute
+the second and third information [=graphs=], respectively, and each is a separate [=named graph=].
+The [=presentation=] also refers, via the proof
property, to
+the [=presentation=]'s [=proof graph=], which is the fourth information [=graph=] (another [=named graph=]).
+This [=presentation=] [=proof graph=] represents the digital signature of the [=verifiable presentation graph=],
+the [=verifiable credential graph=], and the [=proof graph=] linked from the [=verifiable credential graph=].
@@ -932,7 +931,7 @@ Presentations
'p2KaZ...8Fj3K='. This graph is annotated with the parenthetical remark '(a
named graph)'">
-Information graphs associated with a basic verifiable presentation using an [=embedded proof=]
+Information [=graphs=] associated with a basic [=verifiable presentation=] that is using an [=embedded proof=]
based on [[[VC-DATA-INTEGRITY]]] [[?VC-DATA-INTEGRITY]].
@@ -941,10 +940,10 @@ Presentations
below shows the same [=verifiable presentation=]
as , but using an [=enveloping proof=] based on [[?VC-JOSE-COSE]].
The payload contains only two information graphs: the [=verifiable presentation graph=]
- expressing the [=verifiable presentation=] itself through presentation metadata,
+ expressing the [=verifiable presentation=] itself through presentation metadata;
and the corresponding [=verifiable credential graph=], referred to by
the verifiableCredential
property.
- The verifiable credential graph contains credential metadata and other claims.
+ The [=verifiable credential graph=] contains [=credential=] metadata and other [=claims=].
@@ -970,7 +969,7 @@ Presentations
arrow, to a separate rectangle, containing a single text field:
'XaOOh4ljklxH7L99RTVSfOl...'.">
- Information graphs associated with a basic verifiable presentation, using an [=enveloping proof=]
+ Information graphs associated with a basic [=verifiable presentation=] that is using an [=enveloping proof=]
based on [[[VC-JOSE-COSE]]] [[?VC-JOSE-COSE]].
@@ -981,9 +980,9 @@ Presentations
draws on multiple [=credentials=] about different [=subjects=] that are
often, but not required to be, related.
This is achieved by using the verifiableCredential
property to
-refer to multiple verifiable credentials. In the [=embedded proof=] case this means adding several verifiable credential
-graphs, each with its own, separate proof graph; the number of information graphs becomes then six, eight, etc.
-In the [=enveloping proof=] case the additional verifiable credential graphs are added to the same payload.
+refer to multiple [=verifiable credentials=]. When using an [=embedded proof=], this means adding one or more [=verifiable credential graphs=],
+each with its own, separate [=proof graph=]; the number of information [=graphs=] thus becomes six, eight, etc.
+When using an [=enveloping proof=], the additional [=verifiable credential graphs=] are added to the same payload.
From fbb36451b8dacc8fbfa6215743d30e2175432493 Mon Sep 17 00:00:00 2001
From: Ivan Herman
Date: Mon, 8 Jan 2024 17:02:17 +0100
Subject: [PATCH 3/6] Fix more issues in diagram descriptions.
---
diagrams/vc-jwt.drawio | 52 +++++++----
diagrams/vc-jwt.svg | 204 +++++++++++++++++++++++++----------------
diagrams/vp-jwt.drawio | 63 ++++++++-----
diagrams/vp-jwt.svg | 146 +++++++++++++++++++----------
index.html | 14 +--
5 files changed, 306 insertions(+), 173 deletions(-)
diff --git a/diagrams/vc-jwt.drawio b/diagrams/vc-jwt.drawio
index 92cdacaeb..446eb275b 100644
--- a/diagrams/vc-jwt.drawio
+++ b/diagrams/vc-jwt.drawio
@@ -1,13 +1,13 @@
-
+
-
+
-
+
-
+
@@ -16,10 +16,10 @@
-
+
-
+
@@ -37,7 +37,7 @@
-
+
@@ -145,20 +145,38 @@
-
-
+
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
+
+
-
-
+
+
-
-
+
+
diff --git a/diagrams/vc-jwt.svg b/diagrams/vc-jwt.svg
index d04f39a10..f14b34338 100644
--- a/diagrams/vc-jwt.svg
+++ b/diagrams/vc-jwt.svg
@@ -1,28 +1,28 @@
-
-
-
+
+
+
-
+
- JWS (Decoded)
+ SD-JWT (Decoded)
-
JWS (Decoded)
+
SD-JWT (Decoded)
-
-
-
+
+
+
-
+
Header
@@ -30,12 +30,12 @@
-
Header
+
Header
-
+
-
+
Payload
@@ -43,12 +43,12 @@
-
Payload
+
Payload
-
+
-
+
Signature
@@ -56,17 +56,17 @@
-
Signature
+
Signature
-
-
-
-
-
-
+
+
+
+
+
+
-
+
-
verifiable credential...
+
verifiable credential...
-
+
-
+
-
Example University
+
Example University
-
+
-
+
-
2010-01-01T10:37.24Z
+
2010-01-01T10:37.24Z
-
+
-
+
-
Example Alumni Credent...
+
Example Alumni Credent...
-
+
-
+
-
Credential123
+
Credential123
-
+
-
+
-
Pat
+
Pat
-
-
+
+
-
+
type
@@ -180,13 +180,13 @@
-
type
+
type
-
-
+
+
-
+
type
@@ -194,11 +194,11 @@
-
type
+
type
-
+
validFrom
@@ -206,13 +206,13 @@
-
validFrom
+
validFrom
-
-
+
+
-
+
issuer
@@ -220,13 +220,13 @@
-
issuer
+
issuer
-
-
+
+
-
+
credentialSubject
@@ -234,13 +234,13 @@
-
credentialSubject
+
credentialSubject
-
-
+
+
-
+
alumniOf
@@ -248,13 +248,13 @@
-
alumniOf
+
alumniOf
-
-
+
+
-
+
DtEhU3ljbEg8L38VWAfUA...
@@ -262,43 +262,76 @@
-
DtEhU3ljbEg8L38VWAfUA...
+
DtEhU3ljbEg8L38VWAfUA...
-
-
+
+
-
+
- kid: https://example.com/keys/#1234
+ kid: aB8J-_Z
-
kid: https://example.com/keys/#12...
+
kid: aB8J-_Z
-
+
-
+
+
+
+
+ iss: https://example.com
+
+
+
+
+
+
iss: https://example.com
+
+
+
+
+
- alg: E384
+ alg: ES384
+
+
+
+
+
+ alg: ES384
+
+
+
+
+
+
+
+
+ iat:
+
+ 1704690029
+
- alg: E384
+ iat: 1704690029
-
+
-
+
-
cty: vc+ld+json
+
cty: vc+ld+json
+
+
+
+
+
+
+
+
+ typ: vc+ld-json+sd-jwt
+
+
+
+
+
+ typ: vc+ld-json+sd-jwt
diff --git a/diagrams/vp-jwt.drawio b/diagrams/vp-jwt.drawio
index 39efa44ed..2fd2a8336 100644
--- a/diagrams/vp-jwt.drawio
+++ b/diagrams/vp-jwt.drawio
@@ -1,13 +1,13 @@
-
+
-
+
-
+
-
+
@@ -45,22 +45,7 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
@@ -223,9 +208,45 @@
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/diagrams/vp-jwt.svg b/diagrams/vp-jwt.svg
index 047795328..789145da2 100644
--- a/diagrams/vp-jwt.svg
+++ b/diagrams/vp-jwt.svg
@@ -1,5 +1,5 @@
-
-
+
+
@@ -8,14 +8,14 @@
- JWT (Decoded)
+ SD-JWT (Decoded)
- JWT (Decoded)
+ SD-JWT (Decoded)
@@ -76,52 +76,6 @@
XaOOh4ljklxH7L99RTVSfOl...
-
-
-
-
-
-
-
-
- kid: https://example.com/keys/#1234
-
-
-
-
-
- kid: https://example.com/keys/#12...
-
-
-
-
-
-
- alg: E384
-
-
-
-
-
-
-
-
- cty: vp+ld+json
-
-
-
-
-
- cty: vp+ld+json
-
@@ -425,4 +379,96 @@
verifiable credential grap...
+
+
+
+
+
+
+ kid: aB8J-_Z
+
+
+
+
+
+
+
+
+ iss: https://example.com
+
+
+
+
+
+ iss: https://example.c...
+
+
+
+
+
+
+ alg: ES384
+
+
+
+
+
+
+
+
+ iat:
+
+ 1704690029
+
+
+
+
+ iat: 1704690029
+
+
+
+
+
+
+
+
+ cty: vp+ld+json
+
+
+
+
+
+ cty: vp+ld+json
+
+
+
+
+
+
+
+
+ typ: vp+ld-json+sd-jwt
+
+
+
+
+
+ typ: vp+ld-json+sd-jwt
+
diff --git a/index.html b/index.html
index 8b7a9d3e5..46a3bec0f 100644
--- a/index.html
+++ b/index.html
@@ -806,18 +806,18 @@
Credentials
below shows the same [=verifiable credential=]
- as , but using an [=enveloping proof=] based on [[?VC-JOSE-COSE]].
+ as , but using JOSE based on [[?VC-JOSE-COSE]].
The payload contains a single information graph, that being the [=verifiable credential graph=]
containing [=credential=] metadata and other [=claims=].
Information graphs associated with a basic [=verifiable presentation=] that is using an [=enveloping proof=]
- based on [[[VC-JOSE-COSE]]] [[?VC-JOSE-COSE]].
+ based on JOSE [[?VC-JOSE-COSE]].
From b31a220e92e1c44ce5c8837aff76e74090b9298c Mon Sep 17 00:00:00 2001
From: Ivan Herman
Date: Wed, 10 Jan 2024 10:31:49 +0100
Subject: [PATCH 4/6] Example diagrams multiple credentials (#1407)
* Created the new diagrams
* Invalid term
* Added the reference and explanations to the text
* Apply suggestions from code review
Co-authored-by: Ted Thibodeau Jr
* Manually added Ted's changes on the alt text.
---------
Co-authored-by: Ted Thibodeau Jr
---
diagrams/vp-graph-mult-creds.drawio | 635 ++++++++++++++
diagrams/vp-graph-mult-creds.svg | 1197 +++++++++++++++++++++++++++
index.html | 63 +-
3 files changed, 1885 insertions(+), 10 deletions(-)
create mode 100644 diagrams/vp-graph-mult-creds.drawio
create mode 100644 diagrams/vp-graph-mult-creds.svg
diff --git a/diagrams/vp-graph-mult-creds.drawio b/diagrams/vp-graph-mult-creds.drawio
new file mode 100644
index 000000000..530c6de87
--- /dev/null
+++ b/diagrams/vp-graph-mult-creds.drawio
@@ -0,0 +1,635 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/diagrams/vp-graph-mult-creds.svg b/diagrams/vp-graph-mult-creds.svg
new file mode 100644
index 000000000..1ea8d470f
--- /dev/null
+++ b/diagrams/vp-graph-mult-creds.svg
@@ -0,0 +1,1197 @@
+
+
+
+
+
+
+
+
+
+
+ Presentation ABC
+
+
+
+
+
+
+ Presentation ABC
+
+
+
+
+
+
+
+
+
+ VerifiablePresentation
+
+
+
+
+
+
+ VerifiablePresentation
+
+
+
+
+
+
+
+
+
+ DoNotArchive
+
+
+
+
+
+
+ DoNotArchive
+
+
+
+
+
+
+
+ termsOfUse
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+
+
+ verifiableCredential
+
+
+
+
+ verifiableCredential
+
+
+
+
+
+
+
+ proof
+
+
+
+
+
+
+
+
+
+ verifiable presentation graph
+
+ (the default graph)
+
+
+
+
+
+
+
+ verifiable presentation gra...
+
+
+
+
+
+
+
+
+
+
+ Signature 8920
+
+
+
+
+
+
+ Signature 8920
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+ verificationMethod
+
+
+
+
+ verificationMethod
+
+
+
+
+
+
+
+ created
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+
+ nonce
+
+
+
+
+
+
+
+ proofValue
+
+
+
+
+
+
+
+
+
+ Example University Public Key 11
+
+
+
+
+
+
+ Example University P...
+
+
+
+
+
+
+
+
+
+ 2024-01-02T12:43.56Z
+
+
+
+
+
+
+ 2024-01-02T12:43.56Z
+
+
+
+
+
+
+
+
+
+ Data Integrity Proof
+
+
+
+
+
+
+ Data Integrity Proof
+
+
+
+
+
+
+
+
+
+ hasdkyruod87j
+
+
+
+
+
+
+ hasdkyruod87j
+
+
+
+
+
+
+
+
+
+ zpweJHoan87
+
+
+
+
+
+
+ zpweJHoan87
+
+
+
+
+
+
+
+
+
+ verifiable presentation proof graph
+
+ (a named graph)
+
+
+
+
+
+
+
+ verifiable presentation proof graph...
+
+
+
+
+
+
+
+
+ verifiableCredential
+
+
+
+
+ verifiableCredential
+
+
+
+
+
+
+
+
+
+
+
+ Signature 456
+
+
+
+
+
+
+ Signature 456
+
+
+
+
+
+
+
+
+
+
+ Example University Public Key 7
+
+
+
+
+
+
+
+ Example Unive...
+
+
+
+
+
+
+
+
+
+ 2022-06-18T21:19.10Z
+
+
+
+
+
+
+ 2022-06-18T21:19...
+
+
+
+
+
+
+
+
+
+ Data Integrity Proof
+
+
+
+
+
+
+ Data Integrity...
+
+
+
+
+
+
+
+
+
+ 34dj239dsj328
+
+
+
+
+
+
+ 34dj239dsj328
+
+
+
+
+
+
+
+
+
+ zBavE110…3JT2pq
+
+
+
+
+
+
+ zBavE110…3JT2pq
+
+
+
+
+
+
+
+
+
+ verificationMethod
+
+
+
+
+
+ verificationMethod
+
+
+
+
+
+
+
+ created
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+
+ nonce
+
+
+
+
+
+
+
+ proofValue
+
+
+
+
+
+
+
+
+
+
+
+ verifiable credential proof graph
+
+
+
+ (a named graph)
+
+
+
+
+
+
+
+
+
+ verifiable credential proo...
+
+
+
+
+
+
+
+
+
+
+ verifiable credential graph
+
+ (a named graph)
+
+
+
+
+
+
+
+
+ verifiable cred...
+
+
+
+
+
+
+
+
+
+ Example University
+
+
+
+
+
+
+ Example Unive...
+
+
+
+
+
+
+
+
+
+ 2010-01-01T10:37.24Z
+
+
+
+
+
+
+ 2010-01-01T10:37...
+
+
+
+
+
+
+
+
+
+
+ Example Alumni Credential
+
+
+
+
+
+
+
+ Example Alumni...
+
+
+
+
+
+
+
+
+
+ Credential123
+
+
+
+
+
+
+ Credential123
+
+
+
+
+
+
+ Pat
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+
+ validFrom
+
+
+
+
+
+
+
+ issuer
+
+
+
+
+
+
+
+
+
+ credentialSubject
+
+
+
+
+
+ credentialSubject
+
+
+
+
+
+
+
+ alumniOf
+
+
+
+
+
+
+
+ proof
+
+
+
+
+
+
+
+
+
+
+
+ Signature 789
+
+
+
+
+
+
+ Signature 789
+
+
+
+
+
+
+
+
+
+
+ Example University Public Key 7
+
+
+
+
+
+
+
+ Example Unive...
+
+
+
+
+
+
+
+
+
+ 2024-01-01T10:50.10Z
+
+
+
+
+
+
+ 2024-01-01T10:50...
+
+
+
+
+
+
+
+
+
+ Data Integrity Proof
+
+
+
+
+
+
+ Data Integrity...
+
+
+
+
+
+
+
+
+
+ 45jhei78j0ei
+
+
+
+
+
+
+ 45jhei78j0ei
+
+
+
+
+
+
+
+
+
+ zHbNml98dnao
+
+
+
+
+
+
+ zHbNml98dnao
+
+
+
+
+
+
+
+
+
+ verificationMethod
+
+
+
+
+
+ verificationMethod
+
+
+
+
+
+
+
+ created
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+
+ nonce
+
+
+
+
+
+
+
+ proofValue
+
+
+
+
+
+
+
+
+
+
+
+ verifiable credential proof graph
+
+
+
+ (a named graph)
+
+
+
+
+
+
+
+
+
+ verifiable credential proo...
+
+
+
+
+
+
+
+
+
+
+ verifiable credential graph
+
+ (a named graph)
+
+
+
+
+
+
+
+
+ verifiable cred...
+
+
+
+
+
+
+
+
+
+ Example University
+
+
+
+
+
+
+ Example Unive...
+
+
+
+
+
+
+
+
+
+ 2024-01-01T10:37.24Z
+
+
+
+
+
+
+ 2024-01-01T10:37...
+
+
+
+
+
+
+
+
+
+
+ Example Alumni Credent
+
+
+ ial
+
+
+
+
+
+
+
+ Example Alumni...
+
+
+
+
+
+
+
+
+
+ Credential456
+
+
+
+
+
+
+ Credential456
+
+
+
+
+
+
+ Ted
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+
+
+
+
+
+
+ validFrom
+
+
+
+
+
+
+
+ issuer
+
+
+
+
+
+
+
+
+
+ credentialSubject
+
+
+
+
+
+ credentialSubject
+
+
+
+
+
+
+
+ alumniOf
+
+
+
+
+
+
+
+ proof
+
+
diff --git a/index.html b/index.html
index 46a3bec0f..a6355b6c9 100644
--- a/index.html
+++ b/index.html
@@ -892,7 +892,7 @@ Presentations
[=verifiable credentials=] are organized into information [=graphs=],
which are then organized into [=verifiable presentations=].
-
+
below shows a more complete depiction of a
[=verifiable presentation=] using an embedded proof
based on [[?VC-DATA-INTEGRITY]].
@@ -924,11 +924,11 @@
Presentations
graph is connected, through 'verifiableCredential', to the part of the figure
which is identical to Figure 6, except that the verifiable credential graph is
annotated to be a named graph instead of a default graph.
-The verifiable presentation proof graph, has and object with 'Signature 8910'
-with 5 properties: 'type' of DataIntegrityProof, 'verificationMethod' of Example
-Presenter Public Key 11, 'created' of 2018-01-15T12:43:56Z, 'challenge' of
-d28348djsj3239, a 'nonce' of 'd28348djsj3239', and 'proofValue' of
-'p2KaZ...8Fj3K='. This graph is annotated with the parenthetical remark '(a
+The verifiable presentation proof graph has an object with 'Signature 8910'
+with 5 properties: 'type' with value 'DataIntegrityProof'; 'verificationMethod' with value 'Example
+Presenter Public Key 11'; 'created' with value '2018-01-15T12:43:56Z';
+'nonce' with value 'd28348djsj3239'; and 'proofValue' with value
+'zp2KaZ...8Fj3K='. This graph is annotated with the parenthetical remark '(a
named graph)'">
Information [=graphs=] associated with a basic [=verifiable presentation=] that is using an [=embedded proof=]
@@ -976,13 +976,13 @@ Presentations
-It is possible to have a [=presentation=], such as a business persona, which
+It is possible to have a [=presentation=], such as a collection of university credentials, which
draws on multiple [=credentials=] about different [=subjects=] that are
often, but not required to be, related.
This is achieved by using the verifiableCredential
property to
-refer to multiple [=verifiable credentials=]. When using an [=embedded proof=], this means adding one or more [=verifiable credential graphs=],
-each with its own, separate [=proof graph=]; the number of information [=graphs=] thus becomes six, eight, etc.
-When using an [=enveloping proof=], the additional [=verifiable credential graphs=] are added to the same payload.
+refer to multiple [=verifiable credentials=].
+See , a variant of above,
+for more details.
@@ -7146,6 +7146,49 @@ application/vp+ld+json
+
+
Revision History
From a2a7d3f86ba49b593b40d9aff29e43fa075a17a7 Mon Sep 17 00:00:00 2001
From: Ivan Herman
Date: Wed, 10 Jan 2024 12:30:56 +0100
Subject: [PATCH 5/6] Update diagrams with Enveloped VC language.
---
diagrams/vp-graph-mult-creds.drawio | 6 +-
diagrams/vp-graph-mult-creds.svg | 6 +-
diagrams/vp-jwt-mult-creds.drawio | 238 +++++++++++++++
diagrams/vp-jwt-mult-creds.svg | 442 ++++++++++++++++++++++++++++
diagrams/vp-jwt.drawio | 254 ++++++----------
diagrams/vp-jwt.svg | 351 ++++++++--------------
index.html | 81 +++--
7 files changed, 958 insertions(+), 420 deletions(-)
create mode 100644 diagrams/vp-jwt-mult-creds.drawio
create mode 100644 diagrams/vp-jwt-mult-creds.svg
diff --git a/diagrams/vp-graph-mult-creds.drawio b/diagrams/vp-graph-mult-creds.drawio
index 530c6de87..50930badf 100644
--- a/diagrams/vp-graph-mult-creds.drawio
+++ b/diagrams/vp-graph-mult-creds.drawio
@@ -1,6 +1,6 @@
-
+
-
+
@@ -190,7 +190,7 @@
-
+
diff --git a/diagrams/vp-graph-mult-creds.svg b/diagrams/vp-graph-mult-creds.svg
index 1ea8d470f..8bde40160 100644
--- a/diagrams/vp-graph-mult-creds.svg
+++ b/diagrams/vp-graph-mult-creds.svg
@@ -312,10 +312,10 @@
zpweJHoan87
-
+
-
+
-
verifiable presentation proof graph...
+
verifiable presentation proof graph...
diff --git a/diagrams/vp-jwt-mult-creds.drawio b/diagrams/vp-jwt-mult-creds.drawio
new file mode 100644
index 000000000..8f04c8016
--- /dev/null
+++ b/diagrams/vp-jwt-mult-creds.drawio
@@ -0,0 +1,238 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/diagrams/vp-jwt-mult-creds.svg b/diagrams/vp-jwt-mult-creds.svg
new file mode 100644
index 000000000..d44f9606f
--- /dev/null
+++ b/diagrams/vp-jwt-mult-creds.svg
@@ -0,0 +1,442 @@
+
+
+
+
+
+
+
+
+
+
+ SD-JWT (Decoded)
+
+
+
+
+
+
+ SD-JWT (Decoded)
+
+
+
+
+
+
+
+
+ Header
+
+
+
+
+
+
+ Payload
+
+
+
+
+
+
+ Signature
+
+
+
+
+
+
+
+
+
+
+
+
+ cYjaSdfIoJH45NIqw3MYnasGIba...
+
+
+
+
+ cYjaSdfIoJH45NIqw3MYnasGIba...
+
+
+
+
+
+
+
+ kid: aB8J-_Z
+
+
+
+
+
+
+
+
+ iss: https://example.com
+
+
+
+
+
+ iss: https://example.c...
+
+
+
+
+
+
+ alg: ES384
+
+
+
+
+
+
+
+
+ iat:
+
+ 1704690029
+
+
+
+
+ iat: 1704690029
+
+
+
+
+
+
+
+
+ cty: vp+ld+json
+
+
+
+
+
+ cty: vp+ld+json
+
+
+
+
+
+
+
+
+ typ: vp+ld-json+sd-jwt
+
+
+
+
+
+ typ: vp+ld-json+sd-jwt
+
+
+
+
+
+
+
+
+
+
+
+ verifiable presentation graph
+
+ (serialized in JSON)
+
+
+
+
+
+
+
+ verifiable presentation gr...
+
+
+
+
+
+
+
+
+
+ Presentation ABC
+
+
+
+
+
+
+ Presentation ABC
+
+
+
+
+
+
+
+
+
+ VerifiablePresentation
+
+
+
+
+
+
+ VerifiablePresentation
+
+
+
+
+
+
+
+
+
+ DoNotArchive
+
+
+
+
+
+
+ DoNotArchive
+
+
+
+
+
+
+
+ termsOfUse
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+
+
+ verifiableCredential
+
+
+
+
+ verifiableCredential
+
+
+
+
+
+
+
+
+
+
+ EnvelopedVerifiableCredential
+
+
+
+
+
+
+ EnvelopedVerifiable...
+
+
+
+
+
+
+
+
+
+ data:application/vc+ld+json+sd-jwt;QzVjV...RMjU
+
+
+
+
+
+
+ data:application/vc+ld+json+sd-jw...
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+
+
+
+ enveloped verifiable credential graph
+
+ (serialized in JSON)
+
+
+
+
+
+
+
+ enveloped verifia...
+
+
+
+
+
+
+
+
+
+
+ EnvelopedVerifiableCredential
+
+
+
+
+
+
+ EnvelopedVerifiable...
+
+
+
+
+
+
+
+
+
+ data:application/vc+ld+json+sd-jwt;RkOyT...KjOl
+
+
+
+
+
+
+ data:application/vc+ld+json+sd-jwt...
+
+
+
+
+
+
+
+ type
+
+
+
+
+
+
+
+
+
+ enveloped verifiable credential graph
+
+ (serialized in JSON)
+
+
+
+
+
+
+
+ enveloped verifia...
+
+
+
+
+
+
+
+
+ verifiableCredential
+
+
+
+
+ verifiableCredential
+
+
diff --git a/diagrams/vp-jwt.drawio b/diagrams/vp-jwt.drawio
index 2fd2a8336..e21e3c426 100644
--- a/diagrams/vp-jwt.drawio
+++ b/diagrams/vp-jwt.drawio
@@ -1,11 +1,11 @@
-
+
-
+
-
+
@@ -19,10 +19,10 @@
-
+
-
+
@@ -37,7 +37,7 @@
-
+
@@ -45,49 +45,85 @@
-
-
+
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
+
+
-
+
+
+
+
+
+
+
-
-
+
+
-
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
+
@@ -95,10 +131,10 @@
-
+
-
-
+
+
@@ -106,10 +142,10 @@
-
+
-
-
+
+
@@ -117,135 +153,39 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
-
-
-
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
-
-
+
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
-
-
+
+
diff --git a/diagrams/vp-jwt.svg b/diagrams/vp-jwt.svg
index 789145da2..8b3c644dc 100644
--- a/diagrams/vp-jwt.svg
+++ b/diagrams/vp-jwt.svg
@@ -1,5 +1,5 @@
-
-
+
+
@@ -17,8 +17,8 @@
SD-JWT (Decoded)
-
-
+
+
@@ -32,10 +32,10 @@
Header
-
+
-
+
Payload
@@ -43,12 +43,12 @@
-
Payload
+
Payload
-
+
-
+
Signature
@@ -56,17 +56,17 @@
-
Signature
+
Signature
-
-
-
-
-
-
+
+
+
+
+
+
-
+
XaOOh4ljklxH7L99RTVSfOl...
@@ -74,228 +74,193 @@
-
XaOOh4ljklxH7L99RTVSfOl...
+
XaOOh4ljklxH7L99RTVSfOl...
-
-
-
+
+
-
-
+
+
-
-
- verifiable presentation graph
-
- (serialized in JSON)
-
-
+
+ kid: aB8J-_Z
-
verifiable presentation gr...
+
kid: aB8J-_Z
-
-
+
-
-
+
+
-
- Presentation ABC
-
+ iss: https://example.com
-
Presentation ABC
+
iss: https://example.c...
-
+
-
-
+
+
-
- VerifiablePresentation
-
+ alg: ES384
-
VerifiablePresentation
+
alg: ES384
-
+
-
-
+
+
-
- DoNotArchive
-
+ iat:
+ 1704690029
-
DoNotArchive
-
-
-
-
-
-
-
- termsOfUse
-
-
-
-
-
-
-
- type
+ iat: 1704690029
-
-
+
-
-
-
- verifiableCredential
+
-
verifiableCredential
+
cty: vp+ld+json
-
+
-
-
+
+
-
- Example University
-
+ typ: vp+ld-json+sd-jwt
-
Example University
+
typ: vp+ld-json+sd-jwt
-
+
+
+
-
+
-
-
- 2010-01-01T10:37.24Z
+
+
+ verifiable presentation graph
+
+ (serialized in JSON)
+
-
2010-01-01T10:37.24Z
+
verifiable presentation gr...
-
+
+
-
+
- Example Alumni Credential
+ Presentation ABC
-
Example Alumni Creden...
+
Presentation ABC
-
+
-
+
- Credential123
+ VerifiablePresentation
-
Credential123
+
VerifiablePresentation
-
+
-
+
-
Pat
+
DoNotArchive
-
-
+
+
-
+
-
type
+
termsOfUse
-
-
+
+
-
+
type
@@ -303,71 +268,31 @@
-
type
+
type
+
+
-
+
-
-
validFrom
-
-
-
-
-
-
-
- issuer
-
-
-
-
-
-
-
-
- credentialSubject
-
-
-
-
- credentialSubject
-
-
-
-
-
-
-
-
- alumniOf
+ verifiableCredential
- alumniOf
+ verifiableCredential
-
+
-
+
- verifiable credential graph
+ enveloped verifiable credential graph
(serialized in JSON)
@@ -377,98 +302,52 @@
-
verifiable credential grap...
-
-
-
-
-
-
-
- kid: aB8J-_Z
-
-
-
-
-
-
-
-
- iss: https://example.com
-
-
-
-
-
- iss: https://example.c...
-
-
-
-
-
-
- alg: ES384
+ enveloped verifiable credent...
-
+
-
-
+
+
- iat:
+ EnvelopedVerifiableCredential
- 1704690029
-
iat: 1704690029
+
EnvelopedVerifiableCredential
-
+
-
-
+
+
- cty: vp+ld+json
+ data:application/vc+ld+json+sd-jwt;QzVjV...RMjU
-
cty: vp+ld+json
+
data:application/vc+ld+json+sd-jwt;QzVjV...RMjU
-
+
+
-
-
-
-
- typ: vp+ld-json+sd-jwt
-
+
-
typ: vp+ld-json+sd-jwt
+
type
diff --git a/index.html b/index.html
index a6355b6c9..064cc124b 100644
--- a/index.html
+++ b/index.html
@@ -776,7 +776,7 @@
Credentials
It is composed of at least two information [=graphs=].
The first of these information [=graphs=], the [=verifiable credential graph=] (which is the [=default graph=]),
expresses the [=verifiable credential=] itself, through [=credential=] metadata and other [=claims=].
-The second information [=graph=], referred to by the
proof
property, is the [=proof graph=]
+The second information [=graph=], referred to by the
proof
property, is the
proof graph
of the [=verifiable credential=], and is a separate [=named graph=].
The [=proof graph=] expresses the digital proof, which, in this case, is a digital
signature.
@@ -942,8 +942,11 @@
Presentations
The payload contains only two information graphs: the [=verifiable presentation graph=]
expressing the [=verifiable presentation=] itself through presentation metadata;
and the corresponding [=verifiable credential graph=], referred to by
- the
verifiableCredential
property.
- The [=verifiable credential graph=] contains [=credential=] metadata and other [=claims=].
+ the `verifiableCredential` property.
+ The [=verifiable credential graph=] contains a single
+
`EnvelopedVerifiableCredential` instance
+ referring, via a `data:` URL [[RFC2397]], to the verifiable credential secured via
+ an [=enveloping proof=] shown on
.
@@ -956,21 +959,19 @@ Presentations
The 'Payload' label of the left side is connected, with an arrow, to a separate rectangle,
consisting of two related graphs (stacked vertically) connected
by a an arrow labeled 'verifiableCredential'.
- The two graphs have each a label 'verifiable presentation graphs (serialized in JSON)' and
+ The two graphs have each a label 'verifiable presentation graph (serialized in JSON)' and
'verifiable credential graph (serialized in JSON)', respectively.
The top graph in the rectangle has and object 'Presentation ABC' with 3 properties: 'type'
of value VerifiablePresentation, 'termsOfUse' of value 'Do Not Archive'.
- The bottom graph includes 'Credential 123' as a subject
- with 4 properties: 'type' of value ExampleAlumniCredential,
- 'issuer' of Example University, 'validFrom' of 2010-01-01T19:23:24Z, and
- credentialSubject of Pat, who also has an 'alumniOf' property with value of
- 'Example University'.
+ The bottom graph includes 'data:application/vc+ld+json+sd-jwt;QzVjV...RMjU' as a subject
+ with a single property: 'type' of value `EnvelopedVerifiableCredential`.
Finally, the 'Signature' label on the left side is connected, with an
arrow, to a separate rectangle, containing a single text field:
'XaOOh4ljklxH7L99RTVSfOl...'.">
Information graphs associated with a basic [=verifiable presentation=] that is using an [=enveloping proof=]
- based on JOSE [[?VC-JOSE-COSE]].
+ based on JOSE [[?VC-JOSE-COSE]]. The `data:` URL refers to
+ the [=verifiable credential=] shown on .
@@ -979,10 +980,9 @@
Presentations
It is possible to have a [=presentation=], such as a collection of university credentials, which
draws on multiple [=credentials=] about different [=subjects=] that are
often, but not required to be, related.
-This is achieved by using the
verifiableCredential
property to
-refer to multiple [=verifiable credentials=].
-See
, a variant of
above,
-for more details.
+This is achieved by using the `verifiableCredential` property to
+refer to multiple [=verifiable credentials=].
+See Appendix
for more details.
@@ -7147,17 +7147,17 @@
application/vp+ld+json
From 88183bf61069a8eb28017aac525340896b47b505 Mon Sep 17 00:00:00 2001
From: Ivan Herman
Date: Wed, 10 Jan 2024 17:35:28 +0100
Subject: [PATCH 6/6] Fix JWT media types.
Co-authored-by: Ted Thibodeau Jr
---
diagrams/vc-jwt.drawio | 2 +-
diagrams/vc-jwt.svg | 4 ++--
diagrams/vp-jwt-mult-creds.drawio | 2 +-
diagrams/vp-jwt-mult-creds.svg | 4 ++--
diagrams/vp-jwt.drawio | 2 +-
diagrams/vp-jwt.svg | 4 ++--
6 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/diagrams/vc-jwt.drawio b/diagrams/vc-jwt.drawio
index 446eb275b..11e6f8983 100644
--- a/diagrams/vc-jwt.drawio
+++ b/diagrams/vc-jwt.drawio
@@ -175,7 +175,7 @@
-
+
diff --git a/diagrams/vc-jwt.svg b/diagrams/vc-jwt.svg
index f14b34338..b9ecb45ee 100644
--- a/diagrams/vc-jwt.svg
+++ b/diagrams/vc-jwt.svg
@@ -350,12 +350,12 @@
- typ: vc+ld-json+sd-jwt
+ typ: vc+ld+json+sd-jwt
-
typ: vc+ld-json+sd-jwt
+
typ: vc+ld+json+sd-jwt
diff --git a/diagrams/vp-jwt-mult-creds.drawio b/diagrams/vp-jwt-mult-creds.drawio
index 8f04c8016..3f65351cc 100644
--- a/diagrams/vp-jwt-mult-creds.drawio
+++ b/diagrams/vp-jwt-mult-creds.drawio
@@ -78,7 +78,7 @@
-
+
diff --git a/diagrams/vp-jwt-mult-creds.svg b/diagrams/vp-jwt-mult-creds.svg
index d44f9606f..f5aefd1de 100644
--- a/diagrams/vp-jwt-mult-creds.svg
+++ b/diagrams/vp-jwt-mult-creds.svg
@@ -160,13 +160,13 @@
- typ: vp+ld-json+sd-jwt
+ typ: vp+ld+json+sd-jwt
-
typ: vp+ld-json+sd-jwt
+
typ: vp+ld+json+sd-jwt
diff --git a/diagrams/vp-jwt.drawio b/diagrams/vp-jwt.drawio
index e21e3c426..c0dd2a257 100644
--- a/diagrams/vp-jwt.drawio
+++ b/diagrams/vp-jwt.drawio
@@ -78,7 +78,7 @@
-
+
diff --git a/diagrams/vp-jwt.svg b/diagrams/vp-jwt.svg
index 8b3c644dc..008bf0425 100644
--- a/diagrams/vp-jwt.svg
+++ b/diagrams/vp-jwt.svg
@@ -160,13 +160,13 @@
- typ: vp+ld-json+sd-jwt
+ typ: vp+ld+json+sd-jwt
- typ: vp+ld-json+sd-jwt
+ typ: vp+ld+json+sd-jwt