Add additional text clarifying how to match vct and doctype#744
Open
GarethCOliver wants to merge 7 commits into
Open
Add additional text clarifying how to match vct and doctype#744GarethCOliver wants to merge 7 commits into
GarethCOliver wants to merge 7 commits into
Conversation
fkj
reviewed
Jun 18, 2026
Co-authored-by: Frederik Krogsdal Jacobsen <fkj@users.noreply.github.com>
Co-authored-by: Frederik Krogsdal Jacobsen <fkj@users.noreply.github.com>
fkj
requested changes
Jun 19, 2026
Co-authored-by: Frederik Krogsdal Jacobsen <fkj@users.noreply.github.com>
GarethCOliver
commented
Jun 22, 2026
fkj
requested changes
Jun 23, 2026
fkj
requested changes
Jun 23, 2026
Co-authored-by: Frederik Krogsdal Jacobsen <fkj@users.noreply.github.com>
Co-authored-by: Frederik Krogsdal Jacobsen <fkj@users.noreply.github.com>
fkj
approved these changes
Jul 1, 2026
c2bo
reviewed
Jul 2, 2026
| : REQUIRED. String that specifies an allowed value for the | ||
| doctype of the requested Verifiable Credential. It MUST | ||
| be a valid doctype identifier as defined in [@ISO.18013-5]. | ||
| doctype of the requested Verifiable Credential. It MUST be a valid doctype identifier as defined in [@ISO.18013-5]. For a mdoc to satisfy the Credential Query, the value of the `docType` element in the `MobileSecurityObject` structure MUST be equal to the `doctype_value`. |
Member
There was a problem hiding this comment.
nit
Suggested change
| doctype of the requested Verifiable Credential. It MUST be a valid doctype identifier as defined in [@ISO.18013-5]. For a mdoc to satisfy the Credential Query, the value of the `docType` element in the `MobileSecurityObject` structure MUST be equal to the `doctype_value`. | |
| doctype of the requested Verifiable Credential. It MUST be a valid doctype identifier as defined in [@ISO.18013-5]. For an mdoc to satisfy the Credential Query, the value of the `docType` element in the `MobileSecurityObject` structure MUST be equal to the `doctype_value`. |
Sakurann
reviewed
Jul 2, 2026
| the inheritance logic defined in [@!I-D.ietf-oauth-sd-jwt-vc]. | ||
| : REQUIRED. A non-empty array of strings that specifies allowed values for the type of the requested Verifiable Credential. All elements in the array MUST be valid type identifiers as defined in [@!I-D.ietf-oauth-sd-jwt-vc]. To satisfy the Credential Query, a Credential MUST either have or inherit from a type that is included in the `vct_values` array as defined in [@!I-D.ietf-oauth-sd-jwt-vc]. | ||
|
|
||
| The Wallet MUST determine whether a Credential's type satisfies a Credential Query by following these steps: |
Collaborator
There was a problem hiding this comment.
Suggested change
| The Wallet MUST determine whether a Credential's type satisfies a Credential Query by following these steps: | |
| Following steps are defined to determine whether a Credential's type satisfies a Credential Query: |
incorporating Christian's suggestion and WG discussion to ensure these rules apply not just to the wallet but also the verifier
Member
There was a problem hiding this comment.
I don't disagree with the suggestion, but I think the normative language should be preserved even when generalizing. Something like:
Suggested change
| The Wallet MUST determine whether a Credential's type satisfies a Credential Query by following these steps: | |
| When a Wallet or Verifier needs to determine whether a Credential's type satisfies a Credential Query, it MUST do so by following these steps: |
Collaborator
|
WG discussion: makes sense to have this in errata, too and also not to limit validation rules to the wallet but also verifier. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resolves #741 by adding more explicit instructions on what allows a Credential to satisfy
vct_values, and applies similar explicit text todoctype_value