Add extensibility to Credential Response #391
Conversation
| * `transaction_id`: OPTIONAL. String identifying a Deferred Issuance transaction. This claim is contained in the response if the Credential Issuer cannot immediately issue the Credential. The value is subsequently used to obtain the respective Credential with the Deferred Credential Endpoint (see (#deferred-credential-issuance)). It MUST not be used if `credential` or `credentials` is present. It MUST be invalidated after the Credential for which it was meant has been obtained by the Wallet. | ||
| * `credentials`: OPTIONAL. Contains an array of one or more issued Credentials. It MUST NOT be used if the `transaction_id` parameter is present. The elements of the array MUST be objects. The following parameters are used inside this object (other parameters MAY also be included): | ||
| * `credential`: REQUIRED. Contains one issued Credential. It MAY be a string or an object, depending on the Credential Format. See Appendix A for the Credential Format-specific encoding requirements. | ||
| * `notification_id`: OPTIONAL. String identifying an issued Credential that the Wallet includes in the Notification Request as defined in (#notification). |
There was a problem hiding this comment.
Shouldn't we have a single notification_id for the whole response?
There was a problem hiding this comment.
I've been struggling with the same question for a few days:
A notification_id for each credential in the batch is cleaner/simpler, as we don't need to worry about partial states (i.e. the question of what notification to make if you receive 10 credentials and only manage to store 5 of them).
However it's kindof sucky to make 10 notification http calls for a batch of 10 credentials.
I'm probably veering towards cleaner/simpler and ignoring the 'kind of sucky' part.
There was a problem hiding this comment.
We may change the notification request to an array as well?
There was a problem hiding this comment.
I think that could make a lot of sense.
There was a problem hiding this comment.
FWIW, I think that notification_id should point to a single credential not in a batch.
For instance, an Issuer can react to a notification event carrying a credential_deleted or credential_failure to invalidate the credential from a status list.
We can avoid multiple posts for notifications by using an array of notification_id per possible event.
{
"credential_accepted" : [ "notId#1"],
"credential_failure" : ["notid#4"],
"credential_deteled": [ ]
}Something like a summary notification
There was a problem hiding this comment.
I'm also okay with moving notification_id in
There was a problem hiding this comment.
I think it might be useful to move it in because of credential_deleted which is specific to one issued credential although when I think about it, notification_id overlaps a bit with the concept of credential version IDs or data set IDs but this is out of scope of this PR.
There was a problem hiding this comment.
Why would a wallet delete a single instance rather than the whole batch or the same Credential Dataset?
There was a problem hiding this comment.
maybe because the user has used that one instance? but not sure that information needs to be communicated to the issuer real-time, since that would allow the issuer to get more information about when credential is used
There was a problem hiding this comment.
Communicating this to the issuer seems like a privacy violation, in most ecosystems issuers should not get knowledge about the usage of their credentials, so I don't think this is a valid use case for notification_id in the array. As was discussed in the last DCP call, I would favor leaving it out
|
How should we proceed with the notification endpoint? If we want to change that one to expect an array, should this happen in this PR or should we create another issue/PR? |
|
I would say it makes sense in this PR, as this one also changes that the behavior of notification_id in the credential response |
There was a problem hiding this comment.
When I think about this another time, I also that a single notification id would be more logical When I approved, I thought it would also allow for different data sets. If the use case is really just different keys, not data sets such as math-exam vs science-exam, I think it should be a top-level notification id instead of individual notification ids.
|
discussed on the DCP WG call (17/09):
|
The Currently (d13,d14), such a notification event is related to a single - issued - credential, hence the event types names: Should we change For instance , BTW, I don't understand very well what's the difference between failed & deleted credentials. |
There was a problem hiding this comment.
Please consider keeping consistent the granularity of notification (event) names with the notification_id scope.
Keeping notification_id as a top-level item of credential response, means that a notification is related to the whole array of credentials.
Perhaps the names credential_accepted, credential_failed and credential_deleted should be in plural.
It is not very clear (to me) what the rules for this top-level attributes would be. I think (a) is more clear because you get the (Sorry for the multiple comments) |
From memory, "failed" is "a technical failure somewhere, e.g. wallet thinks the credential is invalid" and "deleted" is more along the lines of an operation explicitly performed by the user (so e.g. the wallet shows the user the issued credential, and the user decides they don't want to actually store it). If this needs to be clarified in the spec I'd suggest a new issue is opened for that. |
c2bo
force-pushed
the
386-extensibility-to-credential-response
branch
from
e063e63
to
c6018ff
Compare
|
I've tried to add all of the discussed changes. Two points that I am uncertain about:
|
Co-authored-by: Kristina <[email protected]>
It is modifying the Deferred Credential Response not the Request. The idea would be that In the case of deferred issuance that means that the credential endpoint returns a |
Co-authored-by: Kristina <[email protected]>
|
good to merge once @awoie approves |
| The Wallet sends an HTTP POST request to the Notification Endpoint with the following parameters in the entity-body and using the `application/json` media type. If the Wallet supports the Notification Endpoint, the Wallet MAY send one or more Notification Requests per Credential issued. | ||
| The Wallet sends an HTTP POST request to the Notification Endpoint with the following parameters in the entity-body and using the `application/json` media type. If the Wallet supports the Notification Endpoint, the Wallet MAY send one or more Notification Requests per `notification_id` value received. | ||
| * `notification_id`: REQUIRED. String received in the Credential Response or Deferred Credential Response identifying an issuance flow that contained one or more Credentials with the same Credential Configuration and Credential Dataset. | ||
| * `event`: REQUIRED. Type of the notification event. It MUST be a case sensitive string whose value is either `credential_accepted`, `credential_failure`, or `credential_deleted`. `credential_accepted` is to be used when the Credentials were successfully stored in the Wallet, with or without user action. `credential_deleted` is to be used when the unsuccessful Credential issuance was caused by a user action. In all other unsuccessful cases, `credential_failure` is to be used. Partial errors during batch credential issuance (e.g., one of the Credentials in the batch could not be stored) MUST be treated as the overall issuance flow failing. |
There was a problem hiding this comment.
if the response is always a list containing a credentials key, does it make sense to rename these event to use the plural form like credentials_accepted...
Maybe you had this discussion already somewhere so please feel free just to disregard this comment
Option 2 as introduced by @paulbastian and discussed in #386:
Closes #386
Closes #58