diff --git a/index.html b/index.html index 72867f4f..bc13df6b 100644 --- a/index.html +++ b/index.html @@ -204,6 +204,20 @@
+ It is RECOMMENDED that media types be used to distinguish verifiable credentials + and verifiable presentations from other kinds of secured JSON or CBOR. +
+
+ The most specific media type (or subtype) available SHOULD be used, instead of
+ more generic media types (or supertypes). For example, rather than the general
+ application/sd-jwt
, application/vc+ld+json+sd-jwt
+ ought to be used, unless there is a more specific media type that would even
+ better identify the secured envelope format.
+
+ If implementations do not know which media type to use, media types defined in this specification MUST be used. +
[[rfc7515]] MAY be used to secure this media type.
- The typ
parameter MUST be vc+ld+json+jwt
+ The typ
parameter SHOULD be vc+ld+json+sd-jwt
- When present, the cty
MUST be
+ When present, the cty
SHOULD be
vc+ld+json
@@ -256,10 +270,10 @@
application/vp+ld+json
with JOSE.
[[rfc7515]] MAY be used to secure this media type.
-The typ
parameter MUST be
+
The typ
parameter SHOULD be
vp+ld+json+jwt
When present, the cty
parameter MUST be
+
When present, the cty
parameter SHOULD be
vp+ld+json
@@ -308,7 +322,7 @@
COSE [[rfc9052]] is a common approach to encoding and securing information using CBOR [[rfc8949]]. Verifiable credentials MAY - be secured using COSE [[rfc9052]] and MUST be identified through + be secured using COSE [[rfc9052]] and SHOULD be identified through use of content types as outlined in this section.
[[rfc9052]] MAY be used to secure this media type.
-When using this approach, the type (TBD)
MUST be
+
When using this approach, the type (TBD)
SHOULD be
vc+ld+json+cose
@@ -327,7 +341,7 @@
When using this approach, the content type (3)
- MUST be application/vc+ld+json
application/vc+ld+json
See Common COSE Header Parameters for additional details.