From cad8bae4b30a197d45481d19343214ed7555f721 Mon Sep 17 00:00:00 2001 From: Brent Zundel Date: Sun, 23 Jul 2023 06:20:30 -0700 Subject: [PATCH] Add interoperable way for holder-asserted claims in a VP. * Add section on holder-derived creds in VP. * Soften requirement for 'type', clarify two methods for VC. * Add paragraph clarifying subjects of self-asserted VCs. * Update title for holder-asserted example. * Modify example 2 with Joe's language. Co-authored-by: Dave Longley Co-authored-by: Ted Thibodeau Jr Co-authored-by: Manu Sporny --- index.html | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) diff --git a/index.html b/index.html index 68ac26440..f49278f17 100644 --- a/index.html +++ b/index.html @@ -2085,6 +2085,101 @@

Presentations Using Derived Credentials

+
+

Presentations Including Holder Claims

+

+A holder MAY use the verifiableCredential property in +a verifiable presentation to include verifiable credentials from +any issuer, including themselves. When the issuer of a +verifiable credential is the holder, the claims in that +verifiable credential are considered to be self-asserted. +Such self-asserted claims can be secured by the same mechanism that secures +the verifiable presentation in which they are included or by any +mechanism usable for other verifiable credentials. +

+

+The subject(s) of these self-asserted claims are not limited, so +these claims can include statements about the holder, one of the +other included verifiable credentials, or even the verifiable +presentation in which the self-asserted verifiable credential is +included. In each case, the id property +is used to identify the specific subject, in the object where the +claims about it are made, just as it is done in +verifiable credentials that are not self-asserted. +

+

+A verifiable presentation that includes a self-asserted +verifiable credential that is only secured using the same mechanism as +the verifiable presentation MUST include a holder +property. +

+

+All of the normative requirements defined for verifiable credentials +apply to self-asserted verifiable credentials. +

+

+When a self-asserted verifiable credential is secured using the same +mechanism as the verifiable presentation, the value of the +issuer property of the verifiable credential +MUST be identical to the holder property of the +verifiable presentation. +

+

+The example below shows a verifiable presentation that embeds a +self-asserted verifiable credential that is secured using the same +mechanism as the verifiable presentation. +

+ + 
+{
+  "@context": [
+    "https://www.w3.org/ns/credentials/v2",
+    "https://www.w3.org/ns/credentials/examples/v2"
+  ],
+  "type": ["VerifiablePresentation", "ExamplePresentation"],
+  "holder": "did:example:12345678",
+  "verifiableCredential": [{
+    "@context": "https://www.w3.org/ns/credentials/v2",
+    "type": ["VerifiableCredential", "ExampleFoodPreferenceCredential"],
+    "issuer": "did:example:12345678",
+    "credentialSubject": {
+      "favoriteCheese": "Gouda"
+    },
+    { ... }
+  }],
+  "proof": [{ ... }]
+}
+
+

+The example below shows a verifiable presentation that embeds a +self-asserted verifiable credential that holds claims about the +verifiable presentation. It is secured using the same mechanism as the +verifiable presentation. +

+ + 
+{
+  "@context": [
+    "https://www.w3.org/ns/credentials/v2",
+    "https://www.w3.org/ns/credentials/examples/v2"
+  ],
+  "type": ["VerifiablePresentation", "ExamplePresentation"],
+  "id": "urn:uuid:313801ba-24b7-11ee-be02-ff560265cf9b",
+  "holder": "did:example:12345678",
+  "verifiableCredential": [{
+    "@context": "https://www.w3.org/ns/credentials/v2",
+    "type": ["VerifiableCredential", "ExampleAssertCredential"],
+    "issuer": "did:example:12345678",
+    "credentialSubject": {
+      "id": "urn:uuid:313801ba-24b7-11ee-be02-ff560265cf9b",
+      "assertion": "This VP is submitted by the subject as evidence of a legal right to drive"
+    },
+    { ... }
+  }],
+  "proof": [{ ... }]
+}
+
+