Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rationale for limiting claims description path for mdoc to only namespace and element? #468

Open
TimoGlastra opened this issue Mar 15, 2025 · 2 comments
Open

Rationale for limiting claims description path for mdoc to only namespace and element? #468

TimoGlastra opened this issue Mar 15, 2025 · 2 comments
Labels
question
Milestone
Final 1.0

Comments

@TimoGlastra
Copy link
Member

mDOC supports nested claims (e.g. driving_privileges), however the claims description path as defined in Appendix B & C only allows the path array to have a length of two.

It would be useful to also enable setting claim descriptions for nested entries in mDOC credentials, especially since there is no vct with additional metadata that can be fetched for mDOC.

There's probably some complexity involved in mapping CBOR structure to a claims path, but for straighforward CBOR types such as object/map/array it would be quite easy to define.

I tried looking into the discussion of PR #276, but it's quite big and couldn't directly find a rationale for limiting the mDOC type.
@Sakurann
Copy link
Collaborator

mdocs' nested claim driving_privileges does not allow to selectively disclose the claims inside the object AFAIK (CDDL does allow deeper nesting, but mdoc spec does not). so for mdoc, 2-layers is the deepest it can go. for driving_privileges, it would be doctype.namespace.driving_privileges. no more.
if this has changed it is a big breaking change for VP spec as well, but otherwise, it's by design

@Sakurann Sakurann added this to the Final 1.0 milestone Mar 17, 2025
@TimoGlastra
Copy link
Member Author

Yes the query in DCQL only allowing two entries makes sense to me, but this is about the claims description for issuance.

For SD-JWT (or other JSON-based credential formats) I can do:

{
  "path": ["driving_privileges", null, "vehicle_category_code"],
  "display": [
     {
        "name": "Vehicle Category Code",
     },
     {
        "name": "Fahrzeugklassencode"
    },
    {
       "name": "Voertuigcategoriecode" 
    }
  ]
}

But with the current mDOC limitations that's not possible, best I can do is add a claim description for driving_privileges:

{
  "path": ["org.iso.18013.5.1", "driving_privileges"],
  "display": [
     {
        "name": "Driving Privileges",
     },
     // ...
  ]
}

How is a wallet supposed to render labels and translations for nested mDOC attributes?

I'd like to do:

{
  "path": ["org.iso.18013.5.1", "driving_privileges", null, "vehicle_category_code"],
  "display": [
    {
        "name": "Vehicle Category Code",
     },
     {
        "name": "Fahrzeugklassencode"
    },
    {
       "name": "Voertuigcategoriecode"
    }
  ]
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
Final 1.0
Development

No branches or pull requests
2 participants
@TimoGlastra @Sakurann