Revocation List and Restful APIs

[OR13]

Revocation List VCs require an id.

All examples of revocaiton list vc todate, have followed a "collection" api format:

id: https://example.com/credentials/123

  "credentialStatus": {
    "id": "https://issuer.oidp.uscis.gov/credentials/status/3#94567",
    "type": "RevocationList2020Status",
    "revocationListIndex": "1",
    "revocationListCredential": "https://w3c-ccg.github.io/vc-http-api/fixtures/revocationList.json"
  },

[OR13]

This can create awkwardness, when you want to support POST /credentials and GET /credentials/:id and POST /credentials/issue

[peacekeeper]

Can you add a few more details what the issue is here?

In any case, this may be related to #126 where I pointed out that the current updateCredentialStatus operation won't work for VCs that don't have an id (which is optional in VCs).

[msporny]

At the very least, we need to determine how the client tells the issuer that they 1) manage the revocation list, or 2) use an external revocation list.

My suggestion would be that just specifying the following when issuing as an issuing option tells the issuer software that you want the issuer software to manage the revocation list:

issue.options:
  "credentialStatus": {
    "type": "RevocationList2021"
  }

Not specifying that, but doing something like this in the VC tells the issuer that revocation will be handled by an external system:

issue.credential:
  "credentialStatus": {
    "id": "https://dmv.example.gov/credentials/status/3#94567",
    "type": "RevocationList2021Status",
    "statusListIndex": "94567",
    "statusListCredential": "https://example.com/credentials/status/3"
  }

[OR13]

I am in favor of doing this, after documenting current behavior.

[OR13]

@peacekeeper can you propose specific changes you would like to see to how revocation is documented and tested?

[peacekeeper]

@OR13 I simply don't understand what this issue is about. It starts with saying something about id and showing an example, and then there is some proposal by @msporny. But there is no explanation anywhere what is the exact issue, or what is being solved with the proposal, or how.

If possible, can you add a better explanation of what this issue is all about?

[OR13]

@peacekeeper The issue is that revocation is not documented or tested sufficiently / at all, the solution is to improve documentation by updating JSON Schema, and possibly by adding informative text to respec.

[peacekeeper]

@peacekeeper The issue is that revocation is not documented or tested sufficiently / at all, the solution is to improve documentation by updating JSON Schema, and possibly by adding informative text to respec.

Sounds good, I agree with that. Can we then close this issue and open another one which just says that?

[OR13]

I'm fine with you doing that :)

[msporny]

@OR13 assigning to you so we can close this issue.