How do one define the recieving subject of a credential?

Question

How do one define the recieving subject of a credential?

vongohren opened this issue 2 years ago · comments

Snorre Lothar von Gohren Edwin commented 2 years ago

I see that one defines issuer in the implementation, and id seems to be the issuer ID? And authenticated towards allowing to issue on behalf of that ID.

But where do one define the subject of a credential or what is the output?

Andrew Jones · Answer 1 · Tue May 03 2022 22:42:46 GMT+0800 (China Standard Time)

The tests themselves define the subject of a credential. So far the credentialSubjects are pretty simple:

https://github.com/w3c-ccg/vc-api-issuer-test-suite/blob/main/tests/validVc.json

We're hoping to use more complex credentialSubjects in the future, but right now as simple as possible is what we use. The output from the issuer should match the VC-API which means the body should be the issued credential.

Snorre Lothar von Gohren Edwin · Answer 2 · Wed May 04 2022 14:50:15 GMT+0800 (China Standard Time)

@aljones15 perfect, thanks for the info. But we define the issuer did right when building a test case? And that means the endpoint should be able to deliver a signed VC from a request of the test right?

Andrew Jones · Answer 3 · Wed May 04 2022 22:32:47 GMT+0800 (China Standard Time)

@aljones15 perfect, thanks for the info. But we define the issuer did right when building a test case? And that means the endpoint should be able to deliver a signed VC from a request of the test right?

I'm not 100% sure on exactly what you mean here, but if you want to include an issuer property when adding your issuer to the issuers array, we can use that issuer in the test data. I know the VC HTTP API tests used to do that, but the issuer property was dropped at some point.

Snorre Lothar von Gohren Edwin · Answer 4 · Wed May 04 2022 23:13:35 GMT+0800 (China Standard Time)

Im sorry for my quick and bad communication! When building the test, one sets the issuer that is suppose to issue and create the VC. And the test is then an endtoend test, in that the code behind shall produce a valid VC with that issuer as the signator with the right did?

Andrew Jones · Answer 5 · Thu May 05 2022 02:10:17 GMT+0800 (China Standard Time)

Im sorry for my quick and bad communication! When building the test, one sets the issuer that is suppose to issue and create the VC. And the test is then an endtoend test, in that the code behind shall produce a valid VC with that issuer as the signator with the right did?

Ok so it sounds like you want to do this:

  "issuers": [{
    "id": "did:key:z6MkvfambyLsugwe8DCHeUGVJbYZyKne59RDHx2dqmXRG6nB",
    "endpoint": "https://uniissuer.io/1.0/credentials/issue",
    "tags": ["VC-API"],
    "issuer": "did:implementation:issuer:foo"
  }],

then when we send the test data to issue a credential we use that issuer like this?

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1"
  ],
  "type": ["VerifiableCredential"],
  "credentialSubject": {
    "id": "did:key:z6MkhTNL7i2etLerDK8Acz5t528giE5KA4p75T6ka1E1D74r"
  },
 "issuer": "did:implementation:issuer:foo"
}

Is that correct? If so, my apologies. I didn't know the issuer on the VC had to be implementation specific.

Snorre Lothar von Gohren Edwin · Answer 6 · Thu May 05 2022 04:15:55 GMT+0800 (China Standard Time)

Thanks for information, it seems I understand more now of the workings of the test suite :)
It does seem logical. I would expect the caller, the test, to identify itself to who they are issuing as.

Andrew Jones · Answer 7 · Thu May 05 2022 04:17:28 GMT+0800 (China Standard Time)

the issuer might not be set right in the test suite, so you might have a point.
feel free to add an issuer if you want to.