feat(spec): add trqp_v2 (ToIP TRQP v2.0) trusted_authorities type (#1)#32
Open
mjfelis wants to merge 1 commit into
Open
feat(spec): add trqp_v2 (ToIP TRQP v2.0) trusted_authorities type (#1)#32mjfelis wants to merge 1 commit into
mjfelis wants to merge 1 commit into
Conversation
* feat(spec): add trqp_v2 (ToIP TRQP v2.0) trusted_authorities type
Add a dereferenceable trqp_v2 entry type to the DCQL trusted_authorities
enumeration in Credential Acquisition Guidance, alongside openid_federation,
etsi_tl, and aki. The entry has a REQUIRED endpoint (TRQP v2.0 registry base
URL) and an OPTIONAL values array of authority_ids; when values is omitted the
authority is derived from a registry-unique resource. Verifiers MAY enforce
issuer trust directly via POST <endpoint>/authorization (authorized: true).
Also reference trqp_v2 in the overview, design-rationale, Agent/Verifier
processing rules, and Issuer Trust sections. Payment Object untouched.
* feat(spec): anchor trqp_v2 on DID-fragment service reference
Encode each trqp_v2 value as a DID URL whose fragment references a service
entry in the authority's DID Document (per DID v1.1 #fragment), e.g.
did:example:health-authority#trqp. The client resolves the DID and
dereferences the fragment to the service's serviceEndpoint (the TRQP v2.0
registry base), then POSTs <serviceEndpoint>/authorization with the bare DID
as authority_id.
This anchors trust on the authority's DID (verifiable, rotatable,
self-published endpoint) rather than a bare URL, and avoids depending on a
non-standardized DID service type by selecting the service by its id
(fragment) per DID Core. endpoint is demoted to an OPTIONAL pin for
authorities without a resolvable DID. Payment Object untouched.
* refactor(spec): trqp_v2 is plain {type, values}, no endpoint member
A trqp_v2 value is a self-contained DID URL (did:authority#trqp), so the type
needs no type-specific member. Revert the trusted_authorities preamble to its
original { type, values } wording and drop the OPTIONAL endpoint pin from the
trqp_v2 bullet. Payment Object untouched.
Contributor
|
Will take a look this next week, as we have active discussion going on in the FIDO member group working on this surrounding the authority/issuance list topic. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a new dereferenceable issuer-trust type,
trqp_v2, to the DCQLtrusted_authoritiesenumeration — alongside the existingopenid_federation,etsi_tl, andaki. Atrqp_v2value is a DID URL whose fragment references a service entry in the authority's DID Document, pointing at that authority's ToIP Trust Registry Query Protocol v2.0 (approved) registry. So:POST <serviceEndpoint>/authorization→authorized: true), andwithout inventing an x401-specific issuer list and without locking into any single registry technology (OpenID Federation, ETSI Trusted List, EBSI, or a decentralized registry can all sit behind the same query shape).
Unlike the other dereferenceable types (which only list issuers), TRQP returns an authoritative yes/no, making
trqp_v2the onetrusted_authoritiestype that is authoritative for enforcement, not merely an acquisition hint.Entry shape
trqp_v2is a plain{ type, values }entry like every other type — no type-specific members:{ "type": "trqp_v2", "values": ["did:example:health-authority#trqp"] }#trqp) references a service entry in the authority's DID Document (per DID v1.1 §Fragment).authority_idand the trust anchor; the fragment'sserviceEndpointis the TRQP v2.0 registry base.authority_idis sent in the TRQP request body per the HTTPS binding; the fragment is for endpoint discovery only.Why DID-fragment (security)
type. DID Core selects a service by itsid(the fragment), not itstype, so we rely only on the standard fragment mechanism.?service=query. DID v1.1 §5.1.3 discourages query parameters in canonical identifiers (added complexity / larger attack surface); a service'sidis itself a fragment DID URL.valuesMAY even be omitted when the authority is resolvable from the presented credential (issuer DID → JsonSchemaCredential/VTJSC → authority DID, per Verifiable Trust trust resolution); the same#trqpdereference applies to the derived authority DID.Changes (all in
spec.md)trqp_v2bullet.serviceEndpoint,POST /authorization, accept only onauthorized: true.trqp_v2added to the dereferenceable-type lists in the overview, design rationale, Agent Processing Rules, Verifier Processing Rules, and Issuer Trust.The Payment Object section and all unrelated content are unchanged; the
trusted_authoritiespreamble keeps its original{ type, values }wording.Note on registration
trusted_authoritiestypes are ultimately governed by the DCQL registry; full standardization oftrqp_v2would also require a DCQL registration. This PR documents the type the same way the existing types are described in the spec.