From 0c97c97e9df15b85c0cf9efbed001f281f2e41c1 Mon Sep 17 00:00:00 2001 From: Marcos Caceres Date: Wed, 7 Aug 2024 14:19:53 +1000 Subject: [PATCH 01/27] Define registry inclusion rules --- index.html | 107 +++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 103 insertions(+), 4 deletions(-) diff --git a/index.html b/index.html index 7d9d5592..9d9e59f8 100644 --- a/index.html +++ b/index.html @@ -436,9 +436,101 @@

Inclusion criteria

+

- To be included in the registry... + To be included in the registry, the [=digital credential/exchange + protocol=]:

+
    +
  1. MUST be standardized at a recognized standards organization and have + a stable URL. +
    2. +
  2. MUST define a [[WebIDL]] [=dictionary=] representation of the + [=digital credential/exchange protocol=] request structure (i.e., the + [=dictionary=] to which the {{DigitalCredentialsProvider}}'s + {{DigitalCredentialsProvider/request}} is [=converted to idl + values|converted=] to before it is passed onto underlying platform). +
    3. +
  3. MUST define a [[WebIDL]] [=dictionary=] representation of the + [=digital credential/exchange protocol=] response structure (i.e., the + [=dictionary=] to which the {{DigitalCredential}}'s + {{DigitalCredential/data}} is [=converted to idl values|=] to before it + is made available to the relying party). +
    4. +
  4. MUST define validation rules for members of the request and response + structures. +
    5. +
  5. MUST have undergone privacy review by the W3C's Privacy Interest + Group and Federated Identity Working Group. +
    6. +
  6. MUST have undergone security review by the Federated Identity Working + Group. +
    7. +
  7. MUST have implementation commitment from at least two implementers in + independent browser engines, to meet the W3C's adequate implementation + experience requirements. +
    8. +
  8. MUST have formally recorded consensus by the Working Group to be + included in the registry. +
    9. +
+

+ Once the above criteria are met, the protocol will be included in the + registry. +

+

+ Change process +

+

+ To add a new [=digital credential/exchange protocol=]to the registry, or + to update an existing one: +

+
+
+ Define a protocol identifier +
+
+ The protocol identifier MUST be a unique string that is not already in + use in the registry. Use only lowercase ASCII letters, digits, and + hyphens (e.g., "protocol", "the-protocol"). Avoid using version numbers + in the protocol identifier. +
+
+ Link to a Web IDL request dictionary +
+
+ The Web IDL request dictionary MUST be a [=dictionary=] that + defines the structure of the request that is passed, via + {{DigitalCredentialsProvider}}'s + {{DigitalCredentialsProvider/request}}, to the holder's a digital + wallet. +
+
+ Link to a Web IDL response dictionary +
+
+ The Web IDL response dictionary MUST be a [=dictionary=] + that defines the structure of {{DigitalCredential}}'s + {{DigitalCredential/data}}. +
+
+ Describe the protocol +
+
+ The description MUST be a brief summary of the protocol's purpose and + use case. +
+
+ Provide a link to the specification +
+
+ The specification MUST be a stable URL that points to the authoritative + source for the protocol, including validation rules. +
+

[=User agents=] MUST support the following [=digital credential/exchange @@ -452,13 +544,20 @@

- Protocol identifier + Protocol + identifier + + + Web IDL request + dictionary - Description + Web IDL response + dictionary - Specification + Specification From 35445382ec7e2bee06b571c6a78022e4d8f0b31c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Tue, 13 Aug 2024 17:00:25 +1000 Subject: [PATCH 02/27] Update index.html Co-authored-by: Tim Cappalli --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index 9d9e59f8..7fe9a81c 100644 --- a/index.html +++ b/index.html @@ -445,7 +445,7 @@

protocol=]:

    -
  1. MUST be standardized at a recognized standards organization and have +
  2. MUST be standardized at a recognized standards development organization and have a stable URL.
  3. MUST define a [[WebIDL]] [=dictionary=] representation of the From d3505769ac2326bcd451be8ee44d7369b004b966 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Tue, 13 Aug 2024 17:00:35 +1000 Subject: [PATCH 03/27] Update index.html Co-authored-by: Ted Thibodeau Jr --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index 7fe9a81c..8d7dd6bd 100644 --- a/index.html +++ b/index.html @@ -457,7 +457,7 @@

  4. MUST define a [[WebIDL]] [=dictionary=] representation of the [=digital credential/exchange protocol=] response structure (i.e., the [=dictionary=] to which the {{DigitalCredential}}'s - {{DigitalCredential/data}} is [=converted to idl values|=] to before it + {{DigitalCredential/data}} is [=converted to idl values|converted=] before it is made available to the relying party).
  5. MUST define validation rules for members of the request and response From b57d67f0c3792a733f397f3398d0645e45df0c0f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Tue, 13 Aug 2024 17:00:57 +1000 Subject: [PATCH 04/27] Update index.html Co-authored-by: Tim Cappalli --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index 8d7dd6bd..6ab55d0d 100644 --- a/index.html +++ b/index.html @@ -485,7 +485,7 @@

    Change process

    - To add a new [=digital credential/exchange protocol=]to the registry, or + To add a new [=digital credential/exchange protocol=] to the registry, or to update an existing one:

    From 391d7e4a51411e448fc77441a8027fa0acaa0768 Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Wed, 26 Mar 2025 07:57:18 -0400 Subject: [PATCH 05/27] spec publicly and freely available --- index.html | 3 +++ 1 file changed, 3 insertions(+) diff --git a/index.html b/index.html index 6ab55d0d..6ec088ca 100644 --- a/index.html +++ b/index.html @@ -473,6 +473,9 @@

    independent browser engines, to meet the W3C's adequate implementation experience requirements.

    6. +
  6. MUST be defined in a specification which is available freely and publicly + at the URL listed in the registry. +
  7. MUST have formally recorded consensus by the Working Group to be included in the registry.
    8. From 1de60feb80cdc911ac0be88cb257614f5ee62d3a Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Wed, 26 Mar 2025 08:02:40 -0400 Subject: [PATCH 06/27] add presentation protocol subsection, add response encryption --- index.html | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/index.html b/index.html index 6ec088ca..aae3cce8 100644 --- a/index.html +++ b/index.html @@ -434,7 +434,7 @@

    the future.

    - Inclusion criteria + General Inclusion criteria

Change process From 74473182076e59e9445d3c48114a8959d1b41b4b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Tue, 1 Apr 2025 09:58:55 +1100 Subject: [PATCH 11/27] Apply suggestions from code review --- index.html | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/index.html b/index.html index af2fe33d..35419928 100644 --- a/index.html +++ b/index.html @@ -445,16 +445,18 @@

protocol=]:

    -
  1. MUST be standardized at a recognized standards development organization and have - a stable URL. +
  2. MUST be standardized at a consortium the W3C liaises with +
  3. + MUST have a stable URL that points to a publicly available specification. +
    4. -
  4. MUST define a [[WebIDL]] [=dictionary=] representation of the +
  5. MUST define a [[WebIDL]] [=dictionary=] representation, or JSON object representation, of the [=digital credential/exchange protocol=] request structure (i.e., the [=dictionary=] to which the {{DigitalCredentialsProvider}}'s {{DigitalCredentialsProvider/request}} is [=converted to idl values|converted=] to before it is passed onto underlying platform).
    6. -
  6. MUST define a [[WebIDL]] [=dictionary=] representation of the +
  7. MUST define a [[WebIDL]] [=dictionary=] representation, or JSON object representation, of the [=digital credential/exchange protocol=] response structure (i.e., the [=dictionary=] to which the {{DigitalCredential}}'s {{DigitalCredential/data}} is [=converted to idl values|converted=] before it From e11c2f70fb39f07092146b2554883dda79397df6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Thu, 3 Apr 2025 09:59:47 +1100 Subject: [PATCH 12/27] Apply suggestions from call --- index.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/index.html b/index.html index 35419928..644ad5fa 100644 --- a/index.html +++ b/index.html @@ -450,13 +450,13 @@

    MUST have a stable URL that points to a publicly available specification.

    8. -
  8. MUST define a [[WebIDL]] [=dictionary=] representation, or JSON object representation, of the +
  9. MUST define a JSON object representation, or [[WebIDL]] [=dictionary=] representation, of the [=digital credential/exchange protocol=] request structure (i.e., the [=dictionary=] to which the {{DigitalCredentialsProvider}}'s {{DigitalCredentialsProvider/request}} is [=converted to idl values|converted=] to before it is passed onto underlying platform).
    10. -
  10. MUST define a [[WebIDL]] [=dictionary=] representation, or JSON object representation, of the +
  11. MUST define a JSON object representation, or [[WebIDL]] [=dictionary=] representation, of the [=digital credential/exchange protocol=] response structure (i.e., the [=dictionary=] to which the {{DigitalCredential}}'s {{DigitalCredential/data}} is [=converted to idl values|converted=] before it @@ -475,7 +475,7 @@

    independent browser engines, to meet the W3C's adequate implementation experience requirements.

    12. -
  12. MUST be defined in a specification which is available freely and publicly +
  13. MUST be defined in a specification which is available publicly at the URL listed in the registry.
  14. MUST have formally recorded consensus by the Working Group to be From fa44118d73a85527881fb891ccb2ee8c5f0e72be Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Thu, 3 Apr 2025 15:10:20 -0400 Subject: [PATCH 13/27] genericize registry section away from presentation --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index 644ad5fa..faaa80c5 100644 --- a/index.html +++ b/index.html @@ -423,7 +423,7 @@

    - Registry of protocols for requesting digital credential + Registry of protocols

    The following is the registry of [=digital credential/exchange From 1f4704265ca9eb3b243faa16de36d34c8afcf7f0 Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Thu, 3 Apr 2025 15:11:36 -0400 Subject: [PATCH 14/27] remove once met statement as there are subsections now --- index.html | 4 ---- 1 file changed, 4 deletions(-) diff --git a/index.html b/index.html index faaa80c5..c6d66e22 100644 --- a/index.html +++ b/index.html @@ -482,10 +482,6 @@

    included in the registry.

-

- Once the above criteria are met, the protocol will be included in the - registry. -

Presentation-specific inclusion criteria

From dc9661421a9c6814ca850c2a074557ebd2d12b14 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Tue, 8 Apr 2025 15:39:01 -0700 Subject: [PATCH 15/27] Update index.html Co-authored-by: Ted Thibodeau Jr --- index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index c6d66e22..12492d73 100644 --- a/index.html +++ b/index.html @@ -450,13 +450,13 @@

MUST have a stable URL that points to a publicly available specification. -
  • MUST define a JSON object representation, or [[WebIDL]] [=dictionary=] representation, of the +
  • MUST define a representation, as either a [[WebIDL]] [=dictionary=] or a JSON object, of the [=digital credential/exchange protocol=] request structure (i.e., the [=dictionary=] to which the {{DigitalCredentialsProvider}}'s {{DigitalCredentialsProvider/request}} is [=converted to idl values|converted=] to before it is passed onto underlying platform).
    • -
  • MUST define a JSON object representation, or [[WebIDL]] [=dictionary=] representation, of the +
  • MUST define a representation, as either a [[WebIDL]] [=dictionary=] or a JSON object, of the [=digital credential/exchange protocol=] response structure (i.e., the [=dictionary=] to which the {{DigitalCredential}}'s {{DigitalCredential/data}} is [=converted to idl values|converted=] before it From 6a17b80065b82c0df96bb0ac416be92f866e4c6c Mon Sep 17 00:00:00 2001 From: Marcos Caceres Date: Wed, 9 Apr 2025 11:16:11 -0700 Subject: [PATCH 16/27] tidy --- index.html | 60 +++++++++++++++++++++++++++--------------------------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/index.html b/index.html index 12492d73..460a0fc7 100644 --- a/index.html +++ b/index.html @@ -445,22 +445,24 @@

    protocol=]:

      -
    1. MUST be standardized at a consortium the W3C liaises with -
    2. - MUST have a stable URL that points to a publicly available specification. +
    3. MUST be standardized at a consortium the W3C liaises with
      4. +
    4. MUST have a stable URL that points to a publicly available + specification.
      5. -
    5. MUST define a representation, as either a [[WebIDL]] [=dictionary=] or a JSON object, of the - [=digital credential/exchange protocol=] request structure (i.e., the - [=dictionary=] to which the {{DigitalCredentialsProvider}}'s - {{DigitalCredentialsProvider/request}} is [=converted to idl - values|converted=] to before it is passed onto underlying platform). +
    6. MUST define a representation, as either a [[WebIDL]] [=dictionary=] + or a JSON object, of the [=digital credential/exchange protocol=] request + structure (i.e., the [=dictionary=] to which the + {{DigitalCredentialsProvider}}'s {{DigitalCredentialsProvider/request}} + is [=converted to idl values|converted=] to before it is passed onto + underlying platform).
      7. -
    7. MUST define a representation, as either a [[WebIDL]] [=dictionary=] or a JSON object, of the - [=digital credential/exchange protocol=] response structure (i.e., the - [=dictionary=] to which the {{DigitalCredential}}'s - {{DigitalCredential/data}} is [=converted to idl values|converted=] before it - is made available to the relying party). +
    8. MUST define a representation, as either a [[WebIDL]] [=dictionary=] + or a JSON object, of the [=digital credential/exchange protocol=] + response structure (i.e., the [=dictionary=] to which the + {{DigitalCredential}}'s {{DigitalCredential/data}} is [=converted to idl + values|converted=] before it is made available to the relying party).
    9. MUST define validation rules for members of the request and response structures. @@ -475,8 +477,8 @@

      independent browser engines, to meet the W3C's adequate implementation experience requirements.

      10. -
    10. MUST be defined in a specification which is available publicly - at the URL listed in the registry. +
    11. MUST be defined in a specification which is available publicly at the + URL listed in the registry.
    12. MUST have formally recorded consensus by the Working Group to be included in the registry. @@ -491,12 +493,10 @@

      protocol=]:

        -
      1. - MUST support response encryption. +
      2. MUST support response encryption.
        3. -
      3. - MUST encrypt any response containing personally identifiable - information (PII). +
      4. MUST encrypt any response containing personally identifiable + information (PII).

      @@ -514,21 +514,21 @@

      The protocol identifier MUST be a unique string that is not already in use in the registry. Use only lowercase ASCII letters, digits, and hyphens (e.g., "protocol", "the-protocol"). Avoid using version numbers - in the protocol identifier. The protocol identifier MUST uniquely define - the set of required parameters and/or behavior that a digital credential - provider implementation needs to support to successfully handle the request. - If the set of required parameters or behaviors is updated in a way which - would require a digital credential provider to also require an update to - remain functional, a new protocol identifier MUST be assigned and be added - to the registry. + in the protocol identifier. The protocol identifier MUST uniquely + define the set of required parameters and/or behavior that a digital + credential provider implementation needs to support to successfully + handle the request. If the set of required parameters or behaviors is + updated in a way which would require a digital credential provider to + also require an update to remain functional, a new protocol identifier + MUST be assigned and be added to the registry.
      Specify a protocol type
      - The protocol type is either "Presentation" for presentation protocols used with - `navigator.credentials.get` or "Issuance" for issuance protocols used - with `navigator.credentials.create`. + The protocol type is either "Presentation" for presentation protocols + used with `navigator.credentials.get` or "Issuance" for issuance + protocols used with `navigator.credentials.create`.
      Link to a Web IDL request dictionary From 8cd71d3781b09fefbbea6ce9582a67bc607a52b7 Mon Sep 17 00:00:00 2001 From: Marcos Caceres Date: Wed, 9 Apr 2025 11:21:31 -0700 Subject: [PATCH 17/27] Remove WebIDL requirement --- index.html | 28 +--------------------------- 1 file changed, 1 insertion(+), 27 deletions(-) diff --git a/index.html b/index.html index 460a0fc7..bdd594ae 100644 --- a/index.html +++ b/index.html @@ -434,7 +434,7 @@

      the future.

      - General Inclusion criteria + General inclusion criteria

    From 668673b4c4caf57dcb861797d2b94bfec23001c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Thu, 24 Apr 2025 08:18:56 +1000 Subject: [PATCH 24/27] Update index.html --- index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 3ae7d25c..571b39df 100644 --- a/index.html +++ b/index.html @@ -466,8 +466,8 @@

  • MUST define validation rules for members of the request and response structures.
    • -
  • MUST have undergone privacy review by the W3C's Privacy Interest - Group and Federated Identity Working Group. +
  • MUST have undergone privacy review by the W3C's Privacy Interest + Group and Federated Identity Working Group.
  • MUST have undergone security review by the Federated Identity Working Group. From 65523ee5305849e5ce62e09b430460c4b2ae021a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Thu, 24 Apr 2025 08:19:33 +1000 Subject: [PATCH 25/27] Update index.html --- index.html | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/index.html b/index.html index 571b39df..0e596c35 100644 --- a/index.html +++ b/index.html @@ -469,8 +469,7 @@

  • MUST have undergone privacy review by the W3C's Privacy Interest Group and Federated Identity Working Group.
    • -
  • MUST have undergone security review by the Federated Identity Working - Group. +
  • MUST have undergone security review by the Federated Identity Working Group.
  • MUST have implementation commitment from at least one browser engine, one credential provider/wallet, and one issuer or verifier (depending on From 2ff3f8be18168412055fc29c498c59cd8699bcad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Thu, 24 Apr 2025 08:25:41 +1000 Subject: [PATCH 26/27] Update index.html --- index.html | 3 +++ 1 file changed, 3 insertions(+) diff --git a/index.html b/index.html index 0e596c35..55a7f319 100644 --- a/index.html +++ b/index.html @@ -468,6 +468,9 @@

  • MUST have undergone privacy review by the W3C's Privacy Interest Group and Federated Identity Working Group. +
  • MUST have undergone security review by the Federated Identity Working Group.
    • From d332dcea30df322ba00d0c23df6760c8009bf3d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20C=C3=A1ceres?= Date: Thu, 24 Apr 2025 08:29:18 +1000 Subject: [PATCH 27/27] Update index.html --- index.html | 3 +++ 1 file changed, 3 insertions(+) diff --git a/index.html b/index.html index 55a7f319..6c06ddc9 100644 --- a/index.html +++ b/index.html @@ -425,6 +425,9 @@

    Registry of protocols

    +

    + Initiating the registration a protocol is done by filing an issue in our GitHub repository. +

    The following is the registry of [=digital credential/exchange protocols=] that are supported by this specification.