diff --git a/index.html b/index.html index 72867f4f..bc13df6b 100644 --- a/index.html +++ b/index.html @@ -204,6 +204,20 @@

Securing the VC Data Model

transformation, while at the same time supporting registered claims that are understood in the context of JOSE and COSE.

+

+ It is RECOMMENDED that media types be used to distinguish verifiable credentials + and verifiable presentations from other kinds of secured JSON or CBOR. +

+

+ The most specific media type (or subtype) available SHOULD be used, instead of + more generic media types (or supertypes). For example, rather than the general + application/sd-jwt, application/vc+ld+json+sd-jwt + ought to be used, unless there is a more specific media type that would even + better identify the secured envelope format. +

+

+ If implementations do not know which media type to use, media types defined in this specification MUST be used. +

With JOSE

@@ -215,10 +229,10 @@

Securing JSON-LD Verifiable Credentials with JOSE

[[rfc7515]] MAY be used to secure this media type.

- The typ parameter MUST be vc+ld+json+jwt + The typ parameter SHOULD be vc+ld+json+sd-jwt

- When present, the cty MUST be + When present, the cty SHOULD be vc+ld+json

@@ -256,10 +270,10 @@

Securing JSON-LD Verifiable Presentations with JOSE

application/vp+ld+json with JOSE.

[[rfc7515]] MAY be used to secure this media type.

-

The typ parameter MUST be +

The typ parameter SHOULD be vp+ld+json+jwt

-

When present, the cty parameter MUST be +

When present, the cty parameter SHOULD be vp+ld+json

@@ -308,7 +322,7 @@

With COSE

COSE [[rfc9052]] is a common approach to encoding and securing information using CBOR [[rfc8949]]. Verifiable credentials MAY - be secured using COSE [[rfc9052]] and MUST be identified through + be secured using COSE [[rfc9052]] and SHOULD be identified through use of content types as outlined in this section.

@@ -319,7 +333,7 @@

Securing JSON-LD VCs with COSE

with COSE.

[[rfc9052]] MAY be used to secure this media type.

-

When using this approach, the type (TBD) MUST be +

When using this approach, the type (TBD) SHOULD be vc+ld+json+cose

@@ -327,7 +341,7 @@

Securing JSON-LD VCs with COSE

regarding progress towards explicit typing for COSE.

When using this approach, the content type (3) - MUST be application/vc+ld+json

+ SHOULD be application/vc+ld+json

See Common COSE Header Parameters for additional details.