Skip to content

Make the value of the base context normative. #1158

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Jun 30, 2023
Merged

Make the value of the base context normative. #1158

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
8bf2f30
Make the value of the base context normative.
msporny Jun 19, 2023
5505cd8
Update to use SRI hash format for base context.
msporny Jun 27, 2023
e0290d5
Fix hash encoding method text.
msporny Jun 30, 2023
b84134c
Add issue marker for hash conflicts.
msporny Jun 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 21 additions & 7 deletions index.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4928,16 +4928,30 @@ <h3>Fitness for Purpose</h3>
<section class="appendix informative">
<h2>Contexts, Types, and Credential Schemas</h2>

<section class="informative">
<section class="normative">
<h3>Base Context</h3>

<p class="issue" title="(AT RISK) Hash values might change during Candidate Recommendation">
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is there an issue we can tag to tack this?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think it's necessary to create an issue to track this statement. It creates more work for everyone w/o really having any upside. What's the issue going to say other than "the hash values might change" -- there's nothing to be discussed/debated there -- it's just a statement of fact.

Not every issue marker needs to map to an issue. This is just guidance to readers and implementers.

This section lists cryptographic hash values that might change during the
Candidate Recommendation phase based on implementer feedback that requires
the referenced files to be modified.
</p>
<p>
The base context, located at <code>https://www.w3.org/ns/credentials/v2</code>
with a SHA-256 digest of
<strong><code>ff1fdfa8d3f07547ec149b6652fe3f5a4276b9f0c48344dc29400763ba7b44fa</code></strong>,
can be used to implement a local cached copy. It is possible to confirm the
SHA-256 digest by running the following command from a modern Unix command
Implementations MUST ensure that the base context value, located at
<code>https://www.w3.org/ns/credentials/v2</code>, matches the following
SHA-384 digest of the value computed and encoded according to the [[SRI]] definition of `digest`:
<strong><code>lHKDHh0msc6pRx8PhDOMkNtSI8bOfsp4giNbUrw71nXXLf13nTqNJoRp3Nx+ArVK</code></strong>.
The base context value matching the digest previously stated can be used to
implement a local cached copy. It is possible to confirm the
SHA-384 digest by running the following command from a modern Unix command
interface line:
`curl -s https://www.w3.org/ns/credentials/v2 | openssl dgst -sha256 -hex -r`.
`curl -s https://www.w3.org/ns/credentials/v2 | openssl dgst -sha384 -binary | openssl base64 -A`.
</p>
<p class="issue" data-number="1177">
The Working Group is currently discussing what a processor should do if a hash value differs from one that is listed in the specification.
</p>
More details regarding this hash encoding method may be found in the <a href="https://www.w3.org/TR/SRI/#integrity-metadata">integrity metadata</a>
section of [[SRI]].
It is strongly advised that all JSON-LD Contexts used in an application utilize
a similar mechanism to ensure end-to-end security.
</p>
Expand Down