diff --git a/index.html b/index.html index 992be13..64bbd29 100644 --- a/index.html +++ b/index.html @@ -475,7 +475,7 @@
The typ
header parameter SHOULD be application/vc+ld+json+cose
.
- See I-D.ietf-cose-typ-header-parameter
+ See I-D.ietf-cose-typ-header-parameter
for the COSE "typ
" (type) header parameter.
When present, the content type (3)
header parameter
SHOULD be application/vc+ld+json
.
@@ -636,14 +636,14 @@
The normative statements in Registered Header Parameter Names, Claims, and - CBOR Web Token (CWT) Claims in COSE Headers + CBOR Web Token (CWT) Claims in COSE Headers apply to securing credentials and presentations.
@@ -787,7 +787,8 @@
- If kid
is present in the JOSE Header,
+ If kid
is present in the JOSE Header
+ or the COSE Header,
a verifier can use this parameter
as a hint indicating which key was used to secure the verifiable credential, when performing a
verification process as defined in RFC7515.
@@ -800,8 +801,9 @@
- If iss
is present in the JOSE Header
- or the JWT Claims ,
+ If iss
is present in the JOSE Header,
+ the JWT Claims,
+ or the COSE Header,
a verifier can use this parameter
to obtain a JSON Web Key to use in the
verification process.
@@ -822,12 +824,19 @@
- If cnf
is present in the JOSE Header
- or the JWT Claims ,
+ If cnf
is present in the JOSE Header,
+ the JWT Claims,
+ or the COSE Header,
a verifier MAY use this parameter
- to identify a proof-of-possession key in the manner described in [[RFC7800]] for use in the
+ to identify a proof-of-possession key in the manner described in [[RFC7800]]
+ or [[RFC8747]] for use in the
verification process.
+ Use of a proof-of-posssion key provided by the Holder to the Issuer + to establish a cryptographic binding to the Holder in the Verifiable Credential + that is verifiable by the Verifier in the Verifiable Presentation is RECOMMENDED. +