From 9742cc1cff8eb23bc4bb5e3262a909b9b7351e58 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Fri, 29 Dec 2023 14:38:26 -0500 Subject: [PATCH 1/7] Add mechanism to retrieve historical status list information. --- index.html | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/index.html b/index.html index 2420df0..8bd0e6c 100644 --- a/index.html +++ b/index.html @@ -805,6 +805,17 @@

Validate Algorithm

+

+When dereferencing a `statusListCredential` URL, implementations MAY provide a +mechanism to query the status list at a particular point in time. If such a +feature is supported, and if query parameters are supported by the URL scheme, +then the name of the query parameter MUST be `timestamp` and the value MUST be +a valid URL-encoded [[XMLSCHEMA11-2]] dateTimeStamp string value. The resulting +status list credential SHOULD be the status list as it existed at the given +date and time. +

+ +

It is expected that a verifier will ensure that it trusts the issuer of a verifiable credential, as well as the issuer of the associated From 81c4ead97e7b42e8f2adddf8400faa384d3f7845 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Fri, 29 Dec 2023 19:12:03 -0500 Subject: [PATCH 2/7] Fix grammar in historical status list text. Co-authored-by: Ted Thibodeau Jr --- index.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/index.html b/index.html index 8bd0e6c..3cab8ef 100644 --- a/index.html +++ b/index.html @@ -806,13 +806,13 @@

Validate Algorithm

-When dereferencing a `statusListCredential` URL, implementations MAY provide a -mechanism to query the status list at a particular point in time. If such a +When a `statusListCredential` URL is dereferenced, server implementations MAY provide a +mechanism to dereference the status list as of a particular point in time. If such a feature is supported, and if query parameters are supported by the URL scheme, then the name of the query parameter MUST be `timestamp` and the value MUST be a valid URL-encoded [[XMLSCHEMA11-2]] dateTimeStamp string value. The resulting status list credential SHOULD be the status list as it existed at the given -date and time. +point in time.

From 99274dd5f7edf36b219eda2568cbad081b50f189 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Tue, 2 Jan 2024 15:19:38 -0500 Subject: [PATCH 3/7] Fix normative requirement related to historical status lists. Co-authored-by: Ted Thibodeau Jr --- index.html | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 3cab8ef..f26d764 100644 --- a/index.html +++ b/index.html @@ -810,8 +810,9 @@

Validate Algorithm

mechanism to dereference the status list as of a particular point in time. If such a feature is supported, and if query parameters are supported by the URL scheme, then the name of the query parameter MUST be `timestamp` and the value MUST be -a valid URL-encoded [[XMLSCHEMA11-2]] dateTimeStamp string value. The resulting -status list credential SHOULD be the status list as it existed at the given +a valid URL-encoded [[XMLSCHEMA11-2]] dateTimeStamp string value. The result of +dereferencing such a timestamped URL MUST be a status list credential containing +either the status list as it existed at the given point in time, or an error. point in time.

From e41c7687bafc73ed3ef78775282550ee55e43719 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Tue, 2 Jan 2024 15:22:01 -0500 Subject: [PATCH 4/7] Add historical status retrieval error code. --- index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index f26d764..83e9e99 100644 --- a/index.html +++ b/index.html @@ -812,8 +812,8 @@

Validate Algorithm

then the name of the query parameter MUST be `timestamp` and the value MUST be a valid URL-encoded [[XMLSCHEMA11-2]] dateTimeStamp string value. The result of dereferencing such a timestamped URL MUST be a status list credential containing -either the status list as it existed at the given point in time, or an error. -point in time. +either the status list as it existed at the given point in time, or a +STATUS_RETRIEVAL_ERROR.

From 6a35fd276097f1b9db9edafb9644b5a3c82b6059 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sat, 13 Jan 2024 12:48:41 -0500 Subject: [PATCH 5/7] Note that failed timestamp retrievals can be attempted again. --- index.html | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/index.html b/index.html index 83e9e99..02235b2 100644 --- a/index.html +++ b/index.html @@ -806,17 +806,19 @@

Validate Algorithm

-When a `statusListCredential` URL is dereferenced, server implementations MAY provide a -mechanism to dereference the status list as of a particular point in time. If such a -feature is supported, and if query parameters are supported by the URL scheme, -then the name of the query parameter MUST be `timestamp` and the value MUST be -a valid URL-encoded [[XMLSCHEMA11-2]] dateTimeStamp string value. The result of -dereferencing such a timestamped URL MUST be a status list credential containing -either the status list as it existed at the given point in time, or a -STATUS_RETRIEVAL_ERROR. +When a `statusListCredential` URL is dereferenced, server implementations MAY +provide a mechanism to dereference the status list as of a particular point in +time. If such a feature is supported, and if query parameters are supported by +the URL scheme, then the name of the query parameter MUST be `timestamp` and the +value MUST be a valid URL-encoded [[XMLSCHEMA11-2]] dateTimeStamp string value. +The result of dereferencing such a timestamped URL MUST be a status list +credential containing either the status list as it existed at the given point in +time, or a STATUS_RETRIEVAL_ERROR. +If the result is an error, implementations MAY attempt the retrieval again +with a different timestamp value, or without a timestamp value, as long as +the verifier's validation rules permit such an action.

-

It is expected that a verifier will ensure that it trusts the issuer of a verifiable credential, as well as the issuer of the associated From 804df0eb5df0692e52165155acac09e17607dcba Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sat, 13 Jan 2024 12:56:38 -0500 Subject: [PATCH 6/7] Add reason for historical status list features. --- index.html | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/index.html b/index.html index 02235b2..71572c7 100644 --- a/index.html +++ b/index.html @@ -808,15 +808,18 @@

Validate Algorithm

When a `statusListCredential` URL is dereferenced, server implementations MAY provide a mechanism to dereference the status list as of a particular point in -time. If such a feature is supported, and if query parameters are supported by -the URL scheme, then the name of the query parameter MUST be `timestamp` and the -value MUST be a valid URL-encoded [[XMLSCHEMA11-2]] dateTimeStamp string value. -The result of dereferencing such a timestamped URL MUST be a status list -credential containing either the status list as it existed at the given point in -time, or a STATUS_RETRIEVAL_ERROR. -If the result is an error, implementations MAY attempt the retrieval again -with a different timestamp value, or without a timestamp value, as long as -the verifier's validation rules permit such an action. +time. When an issuer provides such a mechanism, it enables a +verifier to determine changes in status to a precision chosen by the +issuer, such as hourly, daily, or weekly. If such a feature is supported, and if +query parameters are supported by the URL scheme, then the name of the query +parameter MUST be `timestamp` and the value MUST be a valid URL-encoded +[[XMLSCHEMA11-2]] dateTimeStamp string value. The result of dereferencing such a +timestamped URL MUST be a status list credential containing either the status +list as it existed at the given point in time, or a STATUS_RETRIEVAL_ERROR. If the result is an +error, implementations MAY attempt the retrieval again with a different +timestamp value, or without a timestamp value, as long as the verifier's +validation rules permit such an action.

From dfa5e3181daedba6c8ddefe8cc2026a0d1afe120 Mon Sep 17 00:00:00 2001 From: Ted Thibodeau Jr Date: Sat, 13 Jan 2024 12:59:22 -0500 Subject: [PATCH 7/7] Fix grammar in timestamp retrieval feature. --- index.html | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/index.html b/index.html index 71572c7..5700b71 100644 --- a/index.html +++ b/index.html @@ -814,10 +814,10 @@

Validate Algorithm

query parameters are supported by the URL scheme, then the name of the query parameter MUST be `timestamp` and the value MUST be a valid URL-encoded [[XMLSCHEMA11-2]] dateTimeStamp string value. The result of dereferencing such a -timestamped URL MUST be a status list credential containing either the status -list as it existed at the given point in time, or a STATUS_RETRIEVAL_ERROR. If the result is an -error, implementations MAY attempt the retrieval again with a different +timestamp-parameterized URL MUST be either a status list credential containing +the status list as it existed at the given point in time, or a +STATUS_RETRIEVAL_ERROR. If the result is +an error, implementations MAY attempt the retrieval again with a different timestamp value, or without a timestamp value, as long as the verifier's validation rules permit such an action.