Discovery: OpenAPI spec for server and client #2584
Conversation
docs/_static/usecase/v1.yaml
Outdated
| get: | ||
| summary: Searches a for presentations on the usecase list. | ||
| description: | | ||
| An API of the use case client that searches a for presentations on the usecase list, |
There was a problem hiding this comment.
it's a bit weird to have the client and server api on the same path. Before a client can use it as registry some additional work has to be done (did service resolving). I think the result of the list should feed into the same registry as the network for now. An api can be added later.
There was a problem hiding this comment.
Then we have to build pruning into that store (it's the "VCR store") as well. Maybe we should just search in both stores. Although the current VCR search does not know about the discovery service IDs, so you don't know in which service to search.
Perhaps search in all of them, and deduplicate results?
docs/_static/usecase/v1.yaml
Outdated
| VerifiablePresentation: | ||
| $ref: "../common/ssi_types.yaml#/components/schemas/VerifiablePresentation" | ||
| securitySchemes: | ||
| jwtBearerAuth: |
There was a problem hiding this comment.
security is indeed a question. But'll probably not be a bearer jwt.
the add and delete are "protected" by the VP, what additional protection should we add?
There was a problem hiding this comment.
Not sure we need any additional protection; the "get" is a cheap operation, and to register a VP you need a VC that matches the presentation definition of the service. Risk would be DoS attacks?
reinkrul
changed the title
No description provided.