The standard defines methods for securing Verifiable Credentials and Verifiable Presentations using three major cryptographic protocols: JSON Object Signing and Encryption (JOSE), Selective Disclosure for JWTs (SD-JWT), and CBOR Object Signing and Encryption (COSE). This enables implementation of the W3C Verifiable Credentials Data Model using widely adopted security standards.
Key features include:
The standard is particularly notable for its ability to handle different credential presentation scenarios while maintaining security and privacy through selective disclosure.
Technical Details:
JOSE, SD-JWT, and COSE protocolsJWS, SD-JWT, and COSE_Sign1 for digital signaturesapplication/vc+jwt, application/vc+sd-jwt, and application/vc+cose media typescnf claimsThe specification is currently a W3C Candidate Recommendation Draft with active implementation feedback being sought. Requirements include demonstration of at least two independent implementations for mandatory features.
If you are featured in the Web of Trust Map and wish to exercise your GDPR rights, including the right to be forgotten, visit the privacy policy page