---------------- JWT header --------------- @@ -2206,11 +2206,11 @@IPR and Distribution Notice
"jwk": { "e": "AQAB", "kty": "RSA", - "n": "8h4VkMWnDvUUT2SMdbJjtUGHluiAOP4F08TiQm67hD6DBgBCvEjZRyikTscyyvtXOdFkuR -te32FkyijClxzp1rhmJNU3FKQ2wvE6EP2zBVpf0oUZ6uHOYKriVjYmh0QCFWQhuJrQkdDv--mSw4yHg1 -lm7Jn--tqYZILHGBYooHZ6MhA6_O4qlYLeeOImVgJTvtcnoL9lss1lg-mXx2swAQPVyaw6eVMdKslsWX -06WAfl9g_JtlYCu-NHKHJUx2wGcvDi9pF8Y0-EBdxZSJOb_VXdtxCJJu5EV6-F_uvjKl0E3-pfSr_OPL -S1Uukmam_sx7p68WMM0M5wAGiRRDlaGQ" + "n": "uXJHQVh1SIK_haI71jmBkMW-NDNriXMG1TDbP04IAS4T4rMh5d5fNbkjw4BDeBdVAuNbNM +bAPV24i7kwtCqKgNwQF77sisijVn62mpKIqE2nqjoiMzXfXp_ZPwVyrzufU2n-IjOggEdEUT_mQcz5Q2 +4vFpudGIvsn5YH1ZZlrvyCRGEavgKpUpEZailfBW55HOSMc17J4bilv_cXjHJ2IZwlAq7QX484WKYkBf +58DHLuoxDeE9y9CnnhDJ__CAijsEQxFzax5KdE0hadPkjwmeyg4Z5IIKpbqUD_ZgRQIK7FEmjMYuf7_j +D6TPhf04yzh4mVMbPpSyzlBQVchTSHkw" } } --------------- JWT payload --------------- @@ -2272,12 +2272,12 @@IPR and Distribution Notice
} --------------- JWT --------------- eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImp3ayI6eyJlIjoiQVFBQiIsImt0eSI6IlJTQSIsIm4i -OiI4aDRWa01XbkR2VVVUMlNNZGJKanRVR0hsdWlBT1A0RjA4VGlRbTY3aEQ2REJnQkN2RWpaUnlpa1Rz -Y3l5dnRYT2RGa3VSdGUzMkZreWlqQ2x4enAxcmhtSk5VM0ZLUTJ3dkU2RVAyekJWcGYwb1VaNnVIT1lL -cmlWalltaDBRQ0ZXUWh1SnJRa2REdi0tbVN3NHlIZzFsbTdKbi0tdHFZWklMSEdCWW9vSFo2TWhBNl9P -NHFsWUxlZU9JbVZnSlR2dGNub0w5bHNzMWxnLW1YeDJzd0FRUFZ5YXc2ZVZNZEtzbHNXWDA2V0FmbDln -X0p0bFlDdS1OSEtISlV4MndHY3ZEaTlwRjhZMC1FQmR4WlNKT2JfVlhkdHhDSkp1NUVWNi1GX3V2akts -MEUzLXBmU3JfT1BMUzFVdWttYW1fc3g3cDY4V01NME01d0FHaVJSRGxhR1EifX0.eyJ2YyI6eyJAY29u +OiJ1WEpIUVZoMVNJS19oYUk3MWptQmtNVy1ORE5yaVhNRzFURGJQMDRJQVM0VDRyTWg1ZDVmTmJranc0 +QkRlQmRWQXVOYk5NYkFQVjI0aTdrd3RDcUtnTndRRjc3c2lzaWpWbjYybXBLSXFFMm5xam9pTXpYZlhw +X1pQd1Z5cnp1ZlUybi1Jak9nZ0VkRVVUX21RY3o1UTI0dkZwdWRHSXZzbjVZSDFaWmxydnlDUkdFYXZn +S3BVcEVaYWlsZkJXNTVIT1NNYzE3SjRiaWx2X2NYakhKMklad2xBcTdRWDQ4NFdLWWtCZjU4REhMdW94 +RGVFOXk5Q25uaERKX19DQWlqc0VReEZ6YXg1S2RFMGhhZFBrandtZXlnNFo1SUlLcGJxVURfWmdSUUlL +N0ZFbWpNWXVmN19qRDZUUGhmMDR5emg0bVZNYlBwU3l6bEJRVmNoVFNIa3cifX0.eyJ2YyI6eyJAY29u dGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vcHVy bC5pbXNnbG9iYWwub3JnL3NwZWMvb2IvdjNwMC9jb250ZXh0LTMuMC4yLmpzb24iLCJodHRwczovL3B1 cmwuaW1zZ2xvYmFsLm9yZy9zcGVjL29iL3YzcDAvZXh0ZW5zaW9ucy5qc29uIl0sImlkIjoiaHR0cDov @@ -2298,11 +2298,11 @@IPR and Distribution Notice
aWFsX3NjaGVtYS5qc29uIiwidHlwZSI6IjFFZFRlY2hKc29uU2NoZW1hVmFsaWRhdG9yMjAxOSJ9XX0s ImlzcyI6Imh0dHBzOi8vZXhhbXBsZS5lZHUvaXNzdWVycy81NjUwNDkiLCJuYmYiOjEyNjIzMDQwMDAs Imp0aSI6Imh0dHA6Ly9leGFtcGxlLmVkdS9jcmVkZW50aWFscy8zNzMyIiwic3ViIjoiZGlkOmV4YW1w -bGU6ZWJmZWIxZjcxMmViYzZmMWMyNzZlMTJlYzIxIn0.iLEDC6-fd7Zw1MW-LH9Lqeqkio3PTXNO63JW -XraZcx5ow3wgwSeHz6v0N-CFXoDF72d2txTj92rrbQYWHXEgqmmKJvCMxCMQKtmkEA7DKa7_B9VpQ86a --CDky2C63xHiof8lP-5gnqwzJKZ-xq2tRDlus3xSK5DLvkde9AizBdAVXTo1omzy8RDYvoXBkkvtcYpV -plxh0elCW43UKKWdKLELeEhbcmxHstmQPYX7grwtxhlEwUWjEAkzR6VC1t-Tv-zwQIDa0wXs5N2rXc6l -dbl535tTMYQmwVJ-YG9ZjwqYBMP_CEeNfJXwchY-hTFdyf5xjyXN1bJDmM37LcI_QA
If the credential is signed using the § 8.2 JSON Web Token Proof Format (VC-JWT) the contents of the file MUST be the Compact JWS string formed as a result of signing the OpenBadgeCredential with VC-JWT. The file extension SHOULD be ".jws" or ".jwt".
If an embedded proof method is used instead, the contents of the file MUST be the JSON representation of the OpenBadgeCredential. The file extension SHOULD be ".json".
If the credential is signed using the § 8.2 JSON Web Token Proof Format (VC-JWT) the contents of the response MUST be the Compact JWS string formed as a result of signing the OpenBadgeCredential with VC-JWT. The Content-Type SHOULD be text/plain.
If an embedded proof method is used instead, the contents of the response MUST be the JSON representation of the OpenBadgeCredential. The Content-Type SHOULD be application/json or application/ld+json.
OpenBadgeCredentials may be exchanged as image files with the credential encoded (baked) within. This allows the credential to be portable wherever image files may be stored or displayed.
"Baking" is the process of taking an OpenBadgeCredential and embedding it into the image, so that when a user displays the image on a page, software that is Open Badges aware can automatically extract that OpenBadgeCredential data and perform the checks necessary to see if a person legitimately earned the achievement within the image. The image MUST be in either PNG [PNG] or SVG [SVG11] format in order to support baking.
An iTXt chunk should be inserted into the PNG with keyword openbadgecredential.
If the credential is signed using the § 8.2 JSON Web Token Proof Format (VC-JWT) the text value of the chunk MUST be the Compact JWS string formed as a result of signing the OpenBadgeCredential with VC-JWT. Compression MUST NOT be used.
If the credential is signed using the § 8.2 JSON Web Token Proof Format (VC-JWT) the contents of the file MUST be the Compact JWS string formed as a result of signing the OpenBadgeCredential with VC-JWT. The file extension SHOULD be ".jws" or ".jwt".
If an embedded proof method is used instead, the contents of the file MUST be the JSON representation of the OpenBadgeCredential. The file extension SHOULD be ".json".
If the credential is signed using the § 8.2 JSON Web Token Proof Format (VC-JWT) the contents of the response MUST be the Compact JWS string formed as a result of signing the OpenBadgeCredential with VC-JWT. The Content-Type SHOULD be text/plain.
If an embedded proof method is used instead, the contents of the response MUST be the JSON representation of the OpenBadgeCredential. The Content-Type SHOULD be application/json or application/ld+json.
OpenBadgeCredentials may be exchanged as image files with the credential encoded (baked) within. This allows the credential to be portable wherever image files may be stored or displayed.
"Baking" is the process of taking an OpenBadgeCredential and embedding it into the image, so that when a user displays the image on a page, software that is Open Badges aware can automatically extract that OpenBadgeCredential data and perform the checks necessary to see if a person legitimately earned the achievement within the image. The image MUST be in either PNG [PNG] or SVG [SVG11] format in order to support baking.
An iTXt chunk should be inserted into the PNG with keyword openbadgecredential.
If the credential is signed using the § 8.2 JSON Web Token Proof Format (VC-JWT) the text value of the chunk MUST be the Compact JWS string formed as a result of signing the OpenBadgeCredential with VC-JWT. Compression MUST NOT be used.
var chunk = new iTXt({
@@ -4766,7 +4766,7 @@ Token Revocation ResponseThe JSON object MUST have the nbf claim, and the NumericDate value MUST be converted to a DateTime, and MUST equal the issuanceDate of the OpenBadgeCredential object. If they do not match or if the issuanceDate has not yet occurred, the credential is not valid.
The JSON object MUST have the jti claim, and the value MUST match the id of the OpenBadgeCredential object. If they do not match, the credential is not valid.
If the JSON object has the exp claim, the NumericDate MUST be converted to a DateTime, and MUST be used to set the value of the expirationDate of the OpenBadgeCredential object. If the credential has expired, the credential is not valid.
-8.3 Linked Data Proof Format
This standard supports the Linked Data Proof format using the Data Integrity EdDSA Cryptosuites v1.0 suite.
Note
+8.3 Linked Data Proof Format
This standard supports the Linked Data Proof format. In order to opt for this format you MUST use the Data Integrity EdDSA Cryptosuites v1.0 suite.
Note
Whenever possible, you should use a library or service to create and verify a Linked Data Proof. For example, Digital Bazaar, Inc. has a GitHub project that implements the Data Integrity EdDSA Cryptosuites v1.0 eddsa-2022 suite at https://github.com/digitalbazaar/eddsa-2022-cryptosuite.
8.3.1 Create the Proof
Perform these steps to attach a Linked Data Proof to the credential:
- Create an instance of Multikey as shown in Section 2.1.1 DataIntegrityProof of [VC-DI-EDDSA].
@@ -5678,11 +5678,7 @@ B. Data Models
- This class can be extended with additional properties.
-
-
+
B.1.4 Address
An address for the described entity.
@@ -5776,7 +5772,11 @@ B. Data Models
+ This class can be extended with additional properties.
+
+
B.1.5 Alignment
Describes an alignment between an achievement and a node in an educational framework.
@@ -6199,7 +6199,11 @@ B. Data Models
+ This class can be extended with additional properties.
+
+
B.1.11 IdentifierEntry
@@ -6601,7 +6605,11 @@ B. Data Models
+ This class can be extended with additional properties.
+
+
B.1.16 Result
Describes a result that was achieved.