Verifiable Credential Data Integrity (and vc-di-eddsa and vc-di-ecdsa) 2023-05-27 -> 2023-07-31 #55
Description
-
Name of specs to be reviewed:
-
URL of specs:
-
What and when is your next expected transition?
- Transition to Candidate Recommendation in September 2023 (at W3C TPAC)
-
What has changed since any previous review?
- There has bee no previous review of these specifications
-
Please point to the results of your own self-review (see https://w3c.github.io/apa/fast/checklist.html)
-
Where and how to file issues arising?
-
Pointer to any explainer for the spec?
Other comments:
The three specifications listed above are cryptographic message securing mechanisms and are intended to be reviewed together. The first specification, Verifiable Credential Data Integrity, is the base specification that defines the base concepts and algorithms. The "EdDSA Cryptosuite" and "ECDSA Cryptosuite" specifications are concrete implementations of the base specification and each define specific cryptographic algorithms and processes to be used when providing data integrity protection for Verifiable Credentials.
When reviewing the Security and Privacy considerations, it is important to first be aware of the Security and Privacy Considerations for Verifiable Credentials:
and then consider the Security and Privacy considerations provided in the Verifiable Credential Data Integrity specification:
- Verifiable Credential Data Integrity Security Considerations
- Verifiable Credential Data Integrity Privacy Considerations
and then finally consider the Security and Privacy considerations for each cryptography suite.