Skip to content

Commit

Permalink
Merge pull request #1 from 2mau/feat/add-w3c-di-attach
Browse files Browse the repository at this point in the history 
fix: remove aud, and make sure did_methods_supported is not empty
  • Loading branch information
@TimoGlastra
TimoGlastra authored Feb 6, 2024
2 parents 2dfe5a1 + bd11e66 commit 1968d1b
Showing 1 changed file with 1 addition and 3 deletions.
4 changes: 1 addition & 3 deletions features/0809-w3c-data-integrity-credential-attachment/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -219,7 +219,7 @@ This binding method leverages [DIDComm signed attachments](https://github.com/hy
```

- `algs_supported` - Required. List of strings indicating the Json Web Algorithms supported by the issuer for verifying the signed attachment. The list MUST contain at least one value. The values MUST be a valid algorithm identifier as defined in the [JSON Web Signature and Encryption Algorithms](https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms) registry.
- `did_methods_supported` - Required. List of strings indicating which did methods are supported by the issuer for binding the credential to the holder. Values should ONLY include the method identifier of the did method. Examples values include `key` or `web`.
- `did_methods_supported` - Required. List of strings indicating which did methods are supported by the issuer for binding the credential to the holder. The list MUST contain at least one value. Values should ONLY include the method identifier of the did method. Examples values include `key` or `web`.
- `nonce` - Required. Nonce to be used in the request to prevent replay attacks of the signed attachment.

##### Binding Proof in Request
Expand All @@ -245,12 +245,10 @@ The attachment MUST be signed by including a signature in the `jws` field of the
```json
{
"nonce": "<request_nonce>",
"aud": "did:key:z6MkwXG2WjeQnNxSoynSGYU8V9j3QzP3JSqhdmkHc6SaVWoT"
}
```

- `nonce` - Required. The `nonce` from the `didcomm_signed_attachment` object within `binding_method` from the credential offer
- `aud` - Required. Intended audience of the signed attachment. MUST be the same as the issuer identifier `issuer` or `issuer.id` from the `credential` in the offer. If the `issuer` is not included in the credential in the offer, the `aud` MUST be the same as the did of the recipient did of the DIDComm message containing the request message.

**Protected Header**

Expand Down

0 comments on commit 1968d1b

Please sign in to comment.