Verifiable Credential Barcodes v0.7

Embedding Verifiable Credentials in legacy barcodes

Draft Community Group Report

Latest published version:
https://www.w3.org/vc-barcodes/
Latest editor's draft:
https://digitalbazaar.github.io/vc-barcodes/
Editor:
Manu Sporny ( Digital Bazaar )
Authors:
Manu Sporny ( Digital Bazaar )
Dave Longley ( Digital Bazaar )
Wesley Smith ( Digital Bazaar )
Feedback:
GitHub digitalbazaar/vc-barcodes ( pull requests , new issue , open issues )
Related Specifications
The Verifiable Credentials Data Model v2.0
Verifiable Credential Data Integrity v1.0
The Elliptic Curve Digital Signature Algorithm Cryptosuites v1.0
Compact Binary Object Representation for Linked Data v0.7

Copyright © 2024 the Contributors to the Verifiable Credential Barcodes v0.7 Specification, published by the Credentials Community Group under the W3C Community Contributor License Agreement (CLA) . A human-readable summary is available.

Abstract

This specification describes a mechanism to protect legacy optical barcodes, such as those found on driver's licenses (PDF417) and travel documents (MRZ), using Verifiable Credentials [ VC-DATA-MODEL-2.0 ]. The Verifiable Credential representations are compact enough such that they fit in under 150 bytes and can thus be integrated with traditional two-dimensional barcodes that are printed on physical cards using legacy printing processes.

Status of This Document

This is a preview

Do not attempt to implement this version of the specification. Do not reference this version as authoritative in any way. Instead, see https://digitalbazaar.github.io/vc-barcodes/ for the Editor's draft.

This specification was published by the Credentials Community Group . It is not a W3C Standard nor is it on the W3C Standards Track. Please note that under the W3C Community Contributor License Agreement (CLA) there is a limited opt-out and other conditions apply. Learn more about W3C Community and Business Groups .

This specification is experimental.

GitHub Issues are preferred for discussion of this specification.

1. Introduction

Legacy documentation, such as driver's licenses, passports, and travel credentials often include machine-readable data that can be used to quickly read the information from the document. This information is encoded in formats such as PDF417 [ ISO15438-2015 ], machine-readable zone (MRZ) [ ICAO9303-3 ], and other optically scannable codes that are formatted in one-dimensional or two-dimensional "bars"; thus the term "barcode". This information is often not protected from tampering and the readily available barcode generation and scanning libraries mean that it is fairly trivial for anyone to generate these barcodes.

It is, therefore, useful for an issuer of these barcodes to protect the information contained within the barcode as well as the entity that generated the barcode.

The Verifiable Credentials Data Model v2.0 specification provides a global standard for expressing credential information, such as those in a driver's license or travel document. The Verifiable Credential Data Integrity 1.0 specification provides a global standard for securing credential information. These two specifications, when combined, provide a means of protecting credentials from tampering, expressing authorship of the credential, and providing the current status of a credential in a privacy-protecting manner. These data formats, however, tend to be too large to express in an optical barcode.

The Compact Binary Object Representation for Linked Data v0.7 specification provides a means of compressing secured verifiable credentials to the point at which it becomes feasible to express the information as an optical barcode, or embedded within an optical barcode.

This specification describes a mechanism to protect legacy optical barcodes, such as those found on driver's licenses (PDF417) and travel documents (MRZ), by using a verifiable credential [ VC-DATA-MODEL-2.0 ] to express information about the barcode, which is then secured using Data Integrity [ VC-DATA-INTEGRITY ], and then compressed using CBOR-LD [ CBOR-LD ]. The resulting verifiable credential representations are compact enough such that they fit in under 140 bytes and can thus be integrated with traditional two-dimensional barcodes that are printed on physical cards using legacy printing processes. This adds tamper resistance to the barcode while optionally enhancing the barcode to provide information related to whether or not the physical document has been revoked or suspended by the issuer .

1.1 Driver's License Example

This section provides an example on how the technology in this specification can be utilized to secure the optical barcode on a driver's license that uses a PDF417 barcode. We start off with an example driver's license:

Picture of the front of a driver's license issued by the state of Utopia which contains a picture of the individual that is the subject of the driver's license along with their attributes, such as name, address, height, weight, eye color, and driving privileges.
Figure 1 The front of a driver's license issued by the state of Utopia.

The back of the driver's license contains a PDF417 barcode:

Picture of the back of a driver's license issued by the state of Utopia, containing usage rules as well as a PDF417 barcode that encodes much of the information displayed on the front of the card.
Figure 2 A back of a driver's license issued by the state of Utopia.

The PDF417 data contains information that is secured using the algorithms described in this specification. Namely, the PDF417 barcode contains a verifiable credential of the following form.

Example 1 : Verifiable Credential embedded in the PDF417 barcode 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/vdl/v2",
    "https://w3id.org/vdl/utopia/v1"
  ],
  "type": [
    "VerifiableCredential",
    "OpticalBarcodeCredential"
  ],
  // the issuer value below is defined as a URL in the 'utopia/v1' context above
  "issuer": "did:web:dmv.utopia.example",
  "credentialStatus": {
    "type": "TerseBitstringStatusListEntry",
    "terseStatusListBaseUrl": "https://dmv.utopia.gov/statuses/12345/status-lists"
    "terseStatusListIndex": 123567890
  },
  "credentialSubject": {
    "type": "AamvaDriversLicenseScannableInformation",
    "protectedComponentIndex": "uP_BA"
  },
  "proof": {
    "type": "DataIntegrity",
    "cryptosuite": "ecdsa-xi-2023",
    // the public key below is defined as a URL in the 'utopia/v1' context above
    "verificationMethod": "did:web:dmv.utopia.example#key-1",
    "proofPurpose": "assertionMethod",
    "proofValue": "z4peo48uwK2EF4Fta8P...HzQMDYJ34r9gL"
  }
}

The verifiable credential above is then compressed using [ CBOR-LD ] to the following output (in CBOR Diagnostic Notation):

Example 2 : CBOR-LD compressed Verifiable Credential (145 bytes) 
1281{
  1 => [ 32768, 32769, 32770],                           // @context
  155 => [ 116, 164 ],                                   // type
  192 => 174,                                            // issuer
  186 => { 154 => 166, 206 => 178, 208 => 1234567890 },  // credentialStatus
  188 => { 154 => 172, 180 => h'753FF040 },              // credentialSubject
  194 => {                                               // proof
    154 => 108,                                          // type
    214 => 4,                                            // cryptosuite
    224 => 230                                           // verificationMethod
    228 => 176,                                          // proofPurpose
    210 => Uint8Array(65) [ ... ],                       // proofValue
  }
}

1.2 Employment Authorization Example

This section provides an example on how the technology in this specification can be utilized to secure the machine-readable zone on an employment authorization document that uses a machine-readable zone (MRZ) on the back of the card. We start off with an example employment authorization document:

Picture of the front of an employment authorization document issued by the state of Utopia which contains a picture of the individual that is the subject of the document along with their attributes, such as name, address, height, weight, eye color, and employment privileges.
Figure 3 The front of an employment authorization document issued by the state of Utopia.

The back of the employment authorization document contains a machine-readable zone (MRZ) containing information designed to be read through optical character recognition:

Picture of the back of a employment authorization document issued by the state of Utopia, containing usage rules as well as machine-readable zone data that encodes much of the information displayed on the front of the card.
Figure 4 A back of an employment authorization document issued by the state of Utopia.

The MRZ data contains information that is secured using the algorithms described in this specification. Namely, the QR Code on the front of the card contains a verifiable credential of the following form, which secures the information on the back of the card.

Example 3 : Verifiable Credential expressed as a QR Code on the front of the card 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v2",
    "https://w3id.org/citizenship/utopia/v1"
  ],
  "type": [
    "VerifiableCredential",
    "OpticalBarcodeCredential"
  ],
  // the value below is defined as a URL in the 'utopia/v1' context above
  "issuer": "did:web:immigration.utopia.example",
  "credentialSubject": {
    "type": "MachineReadableZone",
  },
  "proof": {
    "type": "DataIntegrity",
    "cryptosuite": "ecdsa-xi-2023",
    // the value below is defined as a URL in the 'utopia/v1' context above
    "verificationMethod": "did:web:immigration.utopia.example#key-4"
    "proofPurpose": "assertionMethod",
    "proofValue": "z4peo48uwK2EF4Fta8P...HzQMDYJ34r9gL"
  }
}
Note : credentialStatus is optional

Readers might note that the credential above does not contain the optional credentialStatus property. Not every optical barcode credential issuer will have the requirement to have revocable optical barcode credentials.

The verifiable credential above is then compressed using [ CBOR-LD ] to the following output (in CBOR Diagnostic Notation):

Example 4 : CBOR-LD compressed Verifiable Credential (120 bytes) 
{
  1 => [ 32768, 32769, 32770],           // @context
  155 => [ 116, 176 ],                   // type
  208 => 194,                          // issuer
  204 => { 154 => 192 },                 // credentialSubject
  210 => {                               // proof
    154 => 108,                          // type
    226 => 4,                        // cryptosuite
    236 => 242                         // verificationMethod
    240 => 196,                          // proofPurpose
    210 => Uint8Array(65) [ ... ],       // proofValue
  }
}

1.3 Terminology

The following terms are used to describe concepts in this specification.

claim
An assertion made about a subject .
credential
A set of one or more claims made by an issuer . The claims in a credential can be about different subjects .

Our definition of credential differs from, NIST's definitions of credential .

data minimization
The act of limiting the amount of shared data strictly to the minimum necessary to successfully accomplish a task or goal.
decentralized identifier
A portable URL-based identifier, also known as a DID , associated with an entity . These identifiers are most often used in a verifiable credential and are associated with subjects such that a verifiable credential itself can be easily ported from one credential repository to another without the need to reissue the credential . An example of a DID is did:example:123456abcdef .
default graph
The graph containing all claims that are not explicitly part of a named graph .
entity
Anything that can be referenced in statements as an abstract or concrete noun. Entities include but are not limited to people, organizations, physical things, documents, abstract concepts, fictional characters, and arbitrary text. Any entity might perform roles in the ecosystem, if it is capable of doing so. Note that some entities fundamentally cannot take actions, e.g., the string "abc" cannot issue credentials.
graph
A set of claims, forming a network of information composed of subjects and their relationship to other subjects or data. Each claim is part of a graph; this is either explicit in the case of named graphs , or implicit for the default graph .
holder
A role an entity might perform by possessing one or more verifiable credentials and generating verifiable presentations from them. A holder is often, but not always, a subject of the verifiable credentials they are holding. Holders store their credentials in credential repositories .
identity provider
An identity provider, sometimes abbreviated as IdP , is a system for creating, maintaining, and managing identity information for holders , while providing authentication services to relying party applications within a federation or distributed network. In this case the holder is always the subject . Even if the verifiable credentials are bearer credentials , it is assumed the verifiable credentials remain with the subject , and if they are not, they were stolen by an attacker. This specification does not use this term unless comparing or mapping the concepts in this document to other specifications. This specification decouples the identity provider concept into two distinct concepts: the issuer and the holder .
issuer
A role an entity can perform by asserting claims about one or more subjects , creating a verifiable credential from these claims , and transmitting the verifiable credential to a holder .
named graph
A graph associated with specific properties, such as verifiableCredential . These properties result in separate graphs that contain all claims defined in the corresponding JSON objects.
credential repository
A program, such as a storage vault or personal verifiable credential wallet, that stores and protects access to holders' verifiable credentials .
subject
A thing about which claims are made.
verifiable credential
A verifiable credential is a tamper-evident credential that has authorship that can be cryptographically verified. Verifiable credentials can be used to build verifiable presentations , which can also be cryptographically verified.
verifiable data registry
A role a system might perform by mediating the creation and verification of identifiers, keys, and other relevant data, such as verifiable credential schemas, revocation registries, issuer public keys, and so on, which might be required to use verifiable credentials . Some configurations might require correlatable identifiers for subjects . Some registries, such as ones for UUIDs and public keys, might just act as namespaces for identifiers.
verifiable presentation
A verifiable presentation is a tamper-evident presentation encoded in such a way that authorship of the data can be trusted after a process of cryptographic verification. Certain types of verifiable presentations might contain data that is synthesized from, but do not contain, the original verifiable credentials (for example, zero-knowledge proofs).
verification
The evaluation of whether a verifiable credential or verifiable presentation is an authentic and current statement of the issuer or presenter, respectively. This includes checking that: the credential (or presentation) conforms to the specification; the proof method is satisfied; and, if present, the status check succeeds. Verification of a credential does not imply evaluation of the truth of claims encoded in the credential.
verifier
A role an entity performs by receiving one or more verifiable credentials , optionally inside a verifiable presentation for processing. Other specifications might refer to this concept as a relying party .

1.4 Terms defined by cited specifications

Unicode code point order
This refers to determining the order of two Unicode strings ( A and B ), using Unicode Codepoint Collation , as defined in [ XPATH-FUNCTIONS ], which defines a total ordering of strings comparing code points. Note that for UTF-8 encoded strings, comparing the byte sequences gives the same result as code point order .

1.5 Conformance

As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.

The key words MUST , RECOMMENDED , REQUIRED , and SHOULD in this document are to be interpreted as described in BCP 14 [ RFC2119 ] [ RFC8174 ] when, and only when, they appear in all capitals, as shown here.

A conforming document is any concrete expression of the data model that complies with the normative statements in this specification. Specifically, all relevant normative statements in Sections 2. Data Model and 3. Algorithms of this document MUST be enforced.

A conforming processor is any algorithm realized as software and/or hardware that generates or consumes a conforming document . Conforming processors MUST produce errors when non-conforming documents are consumed.

This document contains examples of JSON and JSON-LD data. Some of these examples are invalid JSON, as they include features such as inline comments ( // ) explaining certain portions and ellipses ( ... ) indicating the omission of information that is irrelevant to the example. Such parts need to be removed if implementers want to treat the examples as valid JSON or JSON-LD.

1.6 Design Goals

The following are the design goals of the technology in this specification:

2. Data Model

The following sections outline the data model that is used by this specification to express verifiable credentials that secure optically printed information such as barcodes and machine-readable zones on travel documents.

2.1 OpticalBarcodeCredential

An OpticalBarcodeCredential is used to secure the contents of an optical barcode in a way that provides 1) authorship information , 2) tamper resistance, and 3) optionally, revocation and suspension status. In other words, the credential can tell you who issued the optical barcode, if the optical barcode has been tampered with since it was first issued, and whether or not the issuer of the optical barcode still warrants that the document is still valid or not. These features provide significant anti-fraud protections for physical documents.

The credentialSubject of an OpticalBarcodeCredential is either of type AamvaDriversLicenseScannableInformation or a MachineReadableZone . A AamvaDriversLicenseScannableInformation signifies that the verifiable credential secures the PDF417 barcode on the physical document as well as the information expressed in the verifiable credential . A MachineReadableZone signifies that the verifiable credential secures the machine-readable zone on the physical document as well as the information expressed in the verifiable credential .

If an OpticalBarcodeCredential is of type AamvaDriversLicenseScannableInformation , there is a REQUIRED additional field protectedComponentIndex that contains information about which fields in the PDF417 are digitally signed. protectedComponentIndex MUST be a three byte/24 bit value that is multibase-base64url encoded for a total of 5 characters in the JSON-LD credential. There are 22 mandatory fields in an AAMVA compliant driver's license PDF417 [ aamva-dl-id-card-design-standard ], and the first 22 bits of the protectedComponentIndex value correspond to these fields. Each AAMVA mandatory field begins with a three character element ID (e.g. DBA for document expiration date). To construct a mapping between bits in the protectedComponentIndex value and these fields, sort these element IDs according to Unicode code point order. Then, if a bit in position i of protectedComponentIndex is 1 , the AAMVA mandatory field in position i of the sorted element IDs is protected by the digital signature. The last two bits in protectedComponentIndex MUST be 0 . For more information, see Section 3.5.4 Create opticalDataBytes .

In order to achieve as much compression as possible, it is RECOMMENDED that the issuer and verificationMethod fields utilize terms from a JSON-LD Context, which can then be compressed down to a few bytes due to CBOR-LD's semantic compression mechanism.

An example of an optical barcode credential that utilizes the properties specified in this section is provided below:

Example 5 : An OpticalBarcodeCredential utilizing a TerseBitstringStatusListEntry 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/vdl/v2",
    "https://w3id.org/vdl/utopia/v1"
  ],
  "type": [
    "VerifiableCredential",
    "OpticalBarcodeCredential"
  ],
  "issuer": "did:web:dmv.utopia.example",
  "credentialStatus": {
    "type": "TerseBitstringStatusListEntry",
    "terseStatusListBaseUrl": "dmv.utopia.gov/statuses/12345/status-lists"
    "terseStatusListIndex": 123567890
  },
  "credentialSubject": {
    "type": "AamvaDriversLicenseScannableInformation",
    "protectedComponentIndex": "uP_BA"
  }
}

2.2 TerseBitstringStatusListEntry

A TerseBitstringStatusListEntry is a compact representation of a BitstringStatusListEntry as defined in the Bitstring Status List v1.0 specification.

An object of type TerseBitstringStatusListEntry MUST have two additional properties:

To process a TerseBitstringStatusListEntry , apply the algorithm in Section 3.4 Convert Status List Entries to convert it to a BitstringStatusListEntry , then process it as in Bitstring Status List v1.0 .

Implementers need to set a value listLength for the length of an individual status list. This then yields a number of status lists listCount = 2^32 / listLength for a 32-bit terseStatusListIndex . listLength is needed to convert from a TerseBitstringStatusListEntry to a BitstringStatusListEntry . Noting that some values of listLength will harm the privacy-preserving properties of these status lists, implementations MUST use listLength = 2^17 and listCount = 2^15.

2.3 Encoding to and from barcodes

While the credentials in this specification use CBOR-LD to efficiently encode verifiable credentials in a binary format, binary data is often inefficient or incompatible to turn into standard barcode image formats directly. To that end, we provide requirements here for implementations.

It is REQUIRED that implementers character-encode CBOR-LD encoded AamvaDriversLicenseScannableInformation credentials as base64url before encoding them in a PDF417.

It is REQUIRED that implementers re-encode CBOR-LD encoded MachineReadableZone credentials as base45 with the string 'VC1-' prepended before encoding them in a QR code.

3. Algorithms

The following section describes algorithms for adding and verifying digital proofs that protect optical information, such as barcodes and machine-readable zones, on physical media, such as driver's licenses and travel documents.

Generally speaking, the algorithms in this section are effectively the same as the ones in the Data Integrity ECDSA Cryptosuites v1.0 [ VC-DI-ECDSA ] except that the algorithm name is different because the cryptographic hashing process includes the machine-readable barcode information when calculating the digital signature such that the optical barcode is protected.

3.1 CBOR-LD Compression

This specification requires that an application-specific compression table is provided to a CBOR-LD processor when encoding and decoding verifiable credentials of type OpticalBarcodeCredential . A registry for all context URLs for various issuers is provided as a comma-separated value file and can be updated and modified via change requests to the file on an append-only and first-come-first-served basis. Implementations SHOULD retrieve and utilize the latest file on a monthly basis to ensure that compression and decompression supports the latest values.

3.2 Credential Creation

  1. Set opticalData to the data in the optical barcode to be secured.
  2. Set statusListEntryVerbose to the BitstringStatusListCredential (as defined in the Bitstring Status List v1.0 specification) that the issuer wishes to add to the OpticalBarcodeCredential .
  3. Let statusListEntryTerse be an empty map . Set statusListEntryTerse . type to TerseBitstringStatusListEntry and statusListEntryTerse . index to the integer representation of statusListEntryVerbose . statusListIndex .
  4. Set issuerUrl to the URL the issuer wishes to use for credential verification.
  5. Set unsignedStatus to an OpticalBarcodeCredential with unsignedStatus . issuer set to issuerUrl and unsignedStatus . credentialStatus set to statusListEntryTerse .
  6. Set signedStatusVc to the result of using the algorithm in Section 3.2.1 to sign opticalData and unsignedStatus .
  7. Encode signedStatusVc using CBOR-LD [ CBOR-LD ] and add it to the designated area of the opticalData .
  8. Generate the machine-readable credential (MRZ or PDF417).

3.3 Credential Validation

  1. Set securedDocument to the data in the PDF417 or MRZ.
  2. Set verificationResult to the result of applying the algorithm in Section 3.5.2 Verify Proof (ecdsa-xi-2023) to securedDocument .
  3. Set credential to the OpticalBarcodeCredential in securedDocument .
  4. Set statusListEntry to the result of applying the algorithm in Section 3.4 Convert Status List Entries to credential .
  5. Set statusResult to the result of applying the algorithm in Bitstring Status List v1.0: Validate Algorithm to statusListEntry .
  6. Return ( validationResult , statusResult ).

3.4 Convert Status List Entries

The algorithm in this section is used to convert the TerseBitstringStatusListEntry to a BitstringStatusListEntry , which is used after verification has been performed on the verifiable credential , during the validation process.

After verifiable credential verification has been performed, the algorithm takes an OpticalBarcodeCredential verifiable credential ( struct vc ), an integer listLength containing the number of entries in the BitstringStatusListCredential associated with vc , and a string statusPurpose (e.g. 'revocation', 'suspension'...) as input and returns a 'BitstringStatusListEntry' object.

  1. Set result to be an empty map .
  2. Set listIndex to vc . credentialStatus . terseStatusListIndex / listLength rounded down to the next lowest integer (i.e. apply the floor() operation).
  3. Set statusListIndex to vc . credentialStatus . terseStatusListIndex % listLength .
  4. Set result . statusListCredential to the concatenation of the following values: vc . credentialStatus . terseStatusListBaseUrl , '/', statusPurpose , '/', listIndex .
  5. Set result . type to 'BitstringStatusListEntry'.
  6. Set result . statusListIndex to statusListIndex .
    7. Set result . statusPurpose to statusPurpose .
  7. Return result .

result can be used as input to the validation algorithm in the Bitstring Status List v1.0 specification.

Note : Status lists are optional

Implementers are advised that not all issuers will publish status list information for their verifiable credentials . Some issuers might require authorization before allowing a verifier to access a status list credential.

3.5 ecdsa-xi-2023

The ecdsa-xi-2023 is effectively the ecdsa-rdfc-2019 algorithm [ VC-DI-ECDSA ] with an added step that takes some "extra information" (xi) as input, such as the original optical barcode data, and includes that data in the information that is protected by the digital signature. The algorithms in this section detail how such a signature is created and verified.

3.5.1 Add Proof (ecdsa-xi-2023)

To generate a proof, the algorithm in Section 4.1: Add Proof in the Data Integrity [ VC-DATA-INTEGRITY ] specification MUST be executed. For that algorithm, the cryptographic suite specific transformation algorithm is defined in the Transformation (ecdsa-rdfc-2019) section of the Data Integrity ECDSA Cryptosuites v1.0 , the hashing algorithm is defined in Section 3.5.3 Hashing (ecdsa-xi-2023) , and the proof serialization algorithm is defined in the Proof Serialization (ecdsa-rdfc-2019) section of the Data Integrity ECDSA Cryptosuites v1.0 .

3.5.2 Verify Proof (ecdsa-xi-2023)

To verify a proof, the algorithm in Section 4.2: Verify Proof in the Data Integrity [ VC-DATA-INTEGRITY ] specification MUST be executed. For that algorithm, the cryptographic suite specific transformation algorithm is defined in the Transformation (ecdsa-rdfc-2019) section of the Data Integrity ECDSA Cryptosuites v1.0 , the hashing algorithm is defined in Section 3.5.3 Hashing (ecdsa-xi-2023) , and the proof verification algorithm is defined in the Proof Verification (ecdsa-rdfc-2019) section of the Data Integrity ECDSA Cryptosuites v1.0 .

3.5.3 Hashing (ecdsa-xi-2023)

The hashing algorithm is what is defined in the Hashing (ecdsa-rdfc-2019) section of the Data Integrity ECDSA Cryptosuites v1.0 specification with the addition of the hashing of the optical data, as described below. It is presumed that the implementation makes the machine-readable optical data (PDF417 or MRZ data) available to this hashing algorithm.

The required inputs to this algorithm are a transformed data document ( transformedDocument ), a canonical proof configuration ( canonicalProofConfig ), and the optical data ( opticalDataBytes ). A single hash data value represented as series of bytes is produced as output.

The hashing algorithm is what is defined in the Hashing (ecdsa-rdfc-2019) section of the Data Integrity ECDSA Cryptosuites v1.0 with step 3 replaced with the following two steps:

  1. Let opticalDataHash be the result of applying the same hash algorithm that was applied to hashData to the opticalDataBytes value.
  2. Let hashData be the result of joining proofConfigHash (the first hash), transformedDocumentHash (the second hash), and opticalDataHash (the third hash).

3.5.4 Create opticalDataBytes

3.5.4.1 AamvaDriversLicenseScannableInformation Credentials
  1. Set dataToCanonicalize to an empty array.
  2. Set bitfieldDecoded to be first 22 bits of the length 24 bitstring resulting from decoding credentialSubject.protectedComponentIndex from multibase-base64url to binary.
  3. Set fieldsAlphabetized to be an array containing the 22 AAMVA mandatory PDF417 Element IDs [ aamva-dl-id-card-design-standard ] sorted in Unicode code point order (i.e. ['DAC', 'DAD' ... 'DDG']).
  4. For each bit with value 1 in bitfieldDecoded :
    1. Set the string fieldName to fieldsAlphabetized [ i ], where i is the index of the bit in bitfieldDecoded .
    2. Set the string fieldData to the data that will be in the PDF417 associated with that field name.
    3. Concatenate fieldData to the end of fieldName , concatenate a newline character ( \n , U+000A ) to the end, and append the result to dataToCanonicalize .
  5. Set canonicalizedData to the result of sorting dataToCanonicalize in Unicode code point order and then applying a join operation to create a single string from the array.
  6. Hash canonicalizedData and return the result.
3.5.4.2 MachineReadableZone Credentials
  1. Set dataToCanonicalize to an empty array.
  2. For each line in the Machine Readable Zone on the credential:
    1. Set mrzLine to a string containing the data in that line.
    2. Append a newline character to the end of mrzLine and append mrzLine to dataToCanonicalize .
  3. Set canonicalizedData to the result of ordering the elements of dataToCanonicalize to match the order they appear on the credential and then applying a join operation to create a single string from the array.
  4. Hash canonicalizedData and return the result.

3.5.5 Proof Configuration (ecdsa-xi-2023)

The proof configuration algorithm is what is defined in the Proof Configuration (ecdsa-rdfc-2019) section of the Data Integrity ECDSA Cryptosuites v1.0 with step 4 replaced with the following step:

  1. If options . type is not set to DataIntegrityProof and proofConfig . cryptosuite is not set to ecdsa-xi-2023 , an INVALID_PROOF_CONFIGURATION error MUST be raised.

4. Security Considerations

This section is non-normative.

Before reading this section, readers are urged to familiarize themselves with general security advice provided in the Security Considerations section of the Data Integrity specification as well as the specific security advice provided in the Security Considerations section of the ECDSA Cryptosuites specification .

In the following sections, we review these important points and direct the reader to additional information.

4.1 Optical Data Duplication

One attack vector against OpticalBarcodeCredentials involves duplicating an optical barcode containing a digital signature for use on a fraudulent document. While a duplicated barcode will pass signature validation like the original, this attack is mitigated by the document verifier checking the following three things: the signed data matches the data visible on the document, the signed data matches the physical attributes of the user, and the visible data matches the physical attributes of the user. When these three are all equivalent, the only way the OpticalBarcodeCredential could be a duplicate is if the fraudulent document creator had access to a real OpticalBarcodeCredential where the signed physical attributes fully overlapped with those of the user of the fraudulent document. The low likelihood of an undetected stolen OpticalBarcodeCredential existing that completely matches the appearance of an arbitrary person makes this attack unlikely to succeed.

4.2 Partially Signed Optical Data

It is possible that in some cases the digital signature cannot be created over the entirety of the existing optical data. For example, consider a case where a serial number is injected by a physical credential manufacturer such that it is not known to the issuer at signature time. In this case, the verifier will assume that any data not digitally signed could have been changed in the optical barcode without impacting the OpticalBarcodeCredential's ability to successfully validate.

When checking that data from the optical barcode matches the data visible on the document as well as the characteristics of the document holder, implementers are advised to only use the fields that are digitally signed. Verifiers are advised to only use fields protected by the digital signature, no matter how commonly the other fields are used for fraud detection on unsigned documents. For example, if eye color and hair color are protected by the signature, but the holder 's portrait is not, verifiers are advised to emphasize the eye color and hair color when attempting to detect fraud over the portrait.

Implementers of software used by verifiers are advised to only display card data that has been secured via digital signature during the verification process. Displaying unsigned data, which could have been tampered with, could interfere with fraud detection.

4.3 Safe Verification

Verifiers are advised to always use trusted programs and interfaces to check the validity of the OpticalBarcodeCredential . Use of untrusted software to verify a document could result in a fraudulent credential being accepted, or a genuine credential being stolen.

5. Privacy Considerations

Before reading this section, readers are urged to familiarize themselves with general security advice provided in the Security Considerations section of the Data Integrity specification as well as the specific security advice provided in the Security Considerations section of the ECDSA Cryptosuites specification .

The following section describes privacy considerations that developers implementing this specification should be aware of in order to avoid violating privacy assumptions.

Issue 1

Add security considerations specific to this specification.

6. Test Vectors

This section is non-normative.

This section contains examples of Verifiable Credential Barcodes as well as step-by-step processes for how they are generated and how they are verified.

Throughout In this section we will analyze two running examples, one examples: a VCB securing the MRZ of a Utopia Employment Authorization Document, and one a VCB securing the PDF417 of a Utopia Driver's License.

6.1 Creating VCBs

We start with the data that will be signed by the VCB (i.e (i.e., an MRZ and mandatory AAMVA fields from a PDF417):

Example 6 : A Machine Readable Zone that might appear on a Utopia EAD 
I A U T O 0 0 0 0 0 0 7 0 1 0 S R C 0 0 0 0 0 0 0 7 0 1 < <
8 8 0 4 1 9 2 M 2 6 0 1 0 5 8 N O T < < < < < < < < < < < 5
S
M
I
T
H
<
<
J
O
H
N
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
Example 7 : Fields from a PDF417 that might appear on a Utopia Driver's License 
DACJOHN
DADNONE
DAG123 MAIN ST
DAIANYVILLE
DAJUTO
DAKF87P20000
DAQF987654321
DAU069 IN
DAYBRO
DBA04192030
DBB04191988
DBC1
DBD01012024
DCAC
DCBNONE
DCDNONE
DCFUTODOCDISCRIM
DCGUTO
DCSSMITH
DDEN
DDFN
DDGN

6.1.1 Creating opticalDataBytes

Assume for simplicity that the only data in the PDF417 that you want to sign is first name (DAC), ( DAC ), last name (DCS), ( DCS ), and license number (DAQ). ( DAQ ). The bitstring value for use in protectedComponentIndex is then 100000100000000000100000 , and the value of protectedComponentIndex is "uggAg". " uggAg ". Applying Algorithm 3.5.4.1 , we get

Example 8 : Data from the canonicalization of a Utopia Driver's License 
canonicalizedData = 'DACJOHN\nDAQ987654321\nDCSSMITH\n'
opticalDataBytes:
  [188,  38, 200, 146, 227, 213,  90, 250,
  50,  18, 126, 254,  47, 177,  91,  23,
  64, 129, 104, 223, 136,  81, 116,  67,
136,
125,
137,
165,
117,
63,
152,
207]

For the EAD, we apply Algorithm 3.5.4.2 :

Example 9 : Data from the canonicalization of a Utopia EAD MRZ 
canonicalizedData = 'IAUTO0000007010SRC0000000701<<\n8804192M2601058NOT<<<<<<<<<<
<5\nSMITH<<JOHN<<<<<<<<<<<<<<<<<<<\n'
opticalDataBytes:
[8, 198, 126, 183,  25, 160, 166, 112,
254, 184, 189,  47, 225, 211, 125, 210,
132, 137, 45,  86, 169,  28,  57, 165,
46,
253,
9,
137,
145,
42,
192,
113]

We now can now use these hash values with Algorithm 3.5.3 to sign the VC. Executing Algorithm 3.2 with a BitstringStatusListCredential , we get the following JSON-LD VCs:

6.1.2 Example VCs

Example 10 : A JSON-LD VC for a Utopia Driver's License VCB 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/vc-barcodes/v1",
    "https://w3id.org/utopia/v2"
  ],
  "type": [
    "VerifiableCredential",
    "OpticalBarcodeCredential"
  ],
  "credentialSubject": {
    "type": "AamvaDriversLicenseScannableInformation",
    "protectedComponentIndex": "uggAg"
  },
  "issuer": "did:key:zDnaeWjKfs1ob9QcgasjYSPEMkwq31hmvSAWPVAgnrt1e9GKj",
  "credentialStatus": {
    "type": "TerseBitstringStatusListEntry",
    "terseStatusListBaseUrl": "https://sandbox.platform.veres.dev/statuses/z19rJ4oGrbFCqf3cNTVDHSbNd/status-lists",
    "terseStatusListIndex": 3851559041
  },
  "proof": {
    "type": "DataIntegrityProof",
    "verificationMethod": "did:key:zDnaeWjKfs1ob9QcgasjYSPEMkwq31hmvSAWPVAgnrt1e9GKj#zDnaeWjKfs1ob9QcgasjYSPEMkwq31hmvSAWPVAgnrt1e9GKj",
    "cryptosuite": "ecdsa-xi-2023",
    "proofPurpose": "assertionMethod",
    "proofValue": "z4g6G3dAZhhtPxPWgFvkiRv7krtCaeJxjokvL46fchAFCXEY3FeX2vn46MDgBaw779g1E1jswZJxxreZDCrtHg2qH"
  }
}
Example 11 : A JSON-LD VC for a Utopia EAD VCB 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/vc-barcodes/v1",
    "https://w3id.org/utopia/v2"
  ],
  "type": [
    "VerifiableCredential",
    "OpticalBarcodeCredential"
  ],
  "credentialSubject": {
    "type": "MachineReadableZone"
  },
  "issuer": "did:key:zDnaeZSD9XcuULaS8qmgDUa6TMg2QjF9xABnZK42awDH3BEzj",
  "proof": {
    "type": "DataIntegrityProof",
    "verificationMethod": "did:key:zDnaeZSD9XcuULaS8qmgDUa6TMg2QjF9xABnZK42awDH3BEzj#zDnaeZSD9XcuULaS8qmgDUa6TMg2QjF9xABnZK42awDH3BEzj",
    "cryptosuite": "ecdsa-xi-2023",
    "proofPurpose": "assertionMethod",
    "proofValue": "z4B8AQgjwgsEdcPEZkrkK2mTVKn7qufoDgDkv9Qitf9tjxQPMoJaGdXwDrThjp7LUdvzsDJ7UwYu6Xpm9fjbo6QnJ"
  }
}

6.1.3 CBOR-LD Compression and Encoding

We can now apply CBOR-LD compression to these VCs. Here Here, we use the newest version of CBOR-LD, however CBOR-LD; however, at the end of the section section, we provide VCBs encoded using older versions of CBOR-LD for interoperability testing with CBOR-LD implementations that are not up to date.

For this specficiation, we have reserved the CBOR-LD registry entry with value 100 (i.e. (i.e., these payloads will begin with tag 0x0664). 0x0664 ). The parameters to encode using CBOR-LD, which can be found in the registry in the CBOR-LD specification, are then as follows:

Example 12 : CBOR-LD encoding parameters 
registryEntryId: 100
typeTable:
{
  "context":
    {
      "https://www.w3.org/ns/credentials/v2": 32768,
      "https://w3id.org/vc-barcodes/v1": 32769,
      "https://w3id.org/utopia/v2": 32770
    },
  
  "https://w3id.org/security#cryptosuiteString":
    {
      "ecdsa-rdfc-2019": 1,
      "ecdsa-sd-2023": 2,
      "eddsa-rdfc-2022": 3,
      "ecdsa-xi-2023": 4
    }
}
This results in the following encoded credentials:
Example 13 : A CBOR-LD compressed Utopia Driver's License VC 
d90664a60183198000198001198002189d82187618a418b8a3189c18a618ce18b218d01ae592208118baa2189c18a018a8447582002018be18aa18c0a5189c186c18d60418e018e618e258417ab7c2e56b49e2cce62184ce26818e15a8b173164401b5d3bb93ffd6d2b5eb8f6ac0971502ae3dd49d17ec66528164034c912685b8111bc04cdc9ec13dbadd91cc18e418ac
diagnostic:
1636(
  {
    1: [32768, 32769, 32770],
    157: [118, 164],
    184: {156: 166, 206: 178, 208: 3851559041},
    186: {156: 160, 168: h'75820020'},
    190: 170,
    192: {
      156: 108,
      214: 4,
      224: 230,
      226: h'7AB7C2E56B49E2CCE62184CE26818E15A8B173164401B5D3BB93FFD6D2B5EB8F6AC0971502AE3DD49D17EC66528164034C912685B8111BC04CDC9EC13DBADD91CC',
      228: 172
    }
  }
)
Example 14 : A CBOR-LD compressed Utopia EAD VC 
d90664a50183198000198001198002189d82187618a418baa1189c18a218be18ae18c0a5189c186c18d20418dc18e218de58417a9ec7f688f60caa8c757592250b3f6d6e18419941f186e1ed4245770e687502d51d01cd2c2295e4338178a51a35c2f044a85598e15db9aef00261bc5c95a744e718e018b0
diagnostic:
1636(
  {
    1: [32768, 32769, 32770],
    157: [118, 164],
    186: {156: 162},
    190: 174,
    192: {
      156: 108,
      210: 4,
      220: 226,
      222: h'7A9EC7F688F60CAA8C757592250B3F6D6E18419941F186E1ED4245770E687502D51D01CD2C2295E4338178A51A35C2F044A85598E15DB9AEF00261BC5C95A744E7',
      224: 176
    }
  }
)

Encoding the Driver's License CBORLD CBOR-LD as base64url and inserting the result into the PDF417 bytes in the 'ZZA' field in the 'ZZ' subfile:

Example 15 : Bytes from a PDF417 including an encoded Utopia Driver's License VCB 
bytes(@\n\x1e\rANSI000000090002DL00410267ZZ03080162DLDAQF987654321\nDCSSMITH\nDDEN\nDACJOHN\nDDFN\nDADNONE\nDDGN\nDCAC\nDCBNONE\nDCDNONE\nDBD01012024\nDBB04191988\nDBA04192030\nDBC1\nDAU069
IN\nDAYBRO\nDAG123
MAIN
ST\nDAIANYVILLE\nDAJUTO\nDAKF87P20000
\nDCFUTODOCDISCRIM\nDCGUTO\nDAW158\nDCK1234567890\nDDAN\rZZZZA2QZkpgGDGYAAGYABGYACGJ2CGHYYpBi4oxicGKYYzhiyGNAa5ZIggRi6ohicGKAYqER1ggAgGL4YqhjApRicGGwY1gQY4BjmGOJYQXq3wuVrSeLM5iGEziaBjhWosXMWRAG107uT_9bSteuPasCXFQKuPdSdF-xmUoFkA0yRJoW4ERvATNyewT263ZHMGOQYrA==\r)

Encoding the EAD CBORLD CBOR-LD as base45 and prepending 'VC1-':

Example 16 : An encoded Utopia EAD VCB 
VC1-SJRPWCR803A3P0098G3A3-B02-J743853U53KGK0XJ6MKJ1OI0M.FO053.33963DN04$RAQS+4SMC8C3KM7VX4VAPL9%EILI:I1O$D:23%GJ0OUCPS0H8D2FB9D5G00U39.PXG49%SOGGB*K$Z6%GUSCLWEJ8%B95MOD0P
NG-I:V8N63K53

The above can now be turned into barcodes:

A VCB from a Utopia driver's license.
Figure 5 A VCB from a Utopia driver's license.

6.1.4 Employment Authorization Document

A VCB from a Utopia EAD.
Figure 6 A VCB from a Utopia EAD.

For use with the following MRZ:

An MRZ on a Utopia Employment Authorization Document.
Figure 7 An MRZ on a Utopia Employment Authorization Document.

6.2 Verifying VCBs

We now apply the reverse process to verify.

6.2.1 Decoding and Decompressing

We first read the data from the barcodes:

Example 17 : Bytes from a PDF417 including an encoded Utopia Driver's License VCB 
bytes(@\n\x1e\rANSI000000090002DL00410267ZZ03080162DLDAQF987654321\nDCSSMITH\nDDEN\nDACJOHN\nDDFN\nDADNONE\nDDGN\nDCAC\nDCBNONE\nDCDNONE\nDBD01012024\nDBB04191988\nDBA04192030\nDBC1\nDAU069
IN\nDAYBRO\nDAG123
MAIN
ST\nDAIANYVILLE\nDAJUTO\nDAKF87P20000
\nDCFUTODOCDISCRIM\nDCGUTO\nDAW158\nDCK1234567890\nDDAN\rZZZZA2QZkpgGDGYAAGYABGYACGJ2CGHYYpBi4oxicGKYYzhiyGNAa5ZIggRi6ohicGKAYqER1ggAgGL4YqhjApRicGGwY1gQY4BjmGOJYQXq3wuVrSeLM5iGEziaBjhWosXMWRAG107uT_9bSteuPasCXFQKuPdSdF-xmUoFkA0yRJoW4ERvATNyewT263ZHMGOQYrA==\r)
Example 18 : An encoded Utopia Driver's License EAD 
VC1-SJRPWCR803A3P0098G3A3-B02-J743853U53KGK0XJ6MKJ1OI0M.FO053.33963DN04$RAQS+4SMC8C3KM7VX4VAPL9%EILI:I1O$D:23%GJ0OUCPS0H8D2FB9D5G00U39.PXG49%SOGGB*K$Z6%GUSCLWEJ8%B95MOD0P
NG-I:V8N63K53

We extract the data after 'VC1-' and the data in field 'ZZA' in subfile 'ZZ', undoing the base encoding:

Example 19 : A CBOR-LD compressed Utopia Driver's License VC 
d90664a60183198000198001198002189d82187618a418b8a3189c18a618ce18b218d01ae592208118baa2189c18a018a8447582002018be18aa18c0a5189c186c18d60418e018e618e258417ab7c2e56b49e2cce62184ce26818e15a8b173164401b5d3bb93ffd6d2b5eb8f6ac0971502ae3dd49d17ec66528164034c912685b8111bc04cdc9ec13dbadd91cc18e418ac
Example 20 : A CBOR-LD compressed Utopia EAD VC 
d90664a50183198000198001198002189d82187618a418baa1189c18a218be18ae18c0a5189c186c18d20418dc18e218de58417a9ec7f688f60caa8c757592250b3f6d6e18419941f186e1ed4245770e687502d51d01cd2c2295e4338178a51a35c2f044a85598e15db9aef00261bc5c95a744e718e018b0

We now decompress with CBOR-LD to get the original JSON-LD VCs to be verified. Again, the parameters are associated with CBOR-LD registry entry 100. 100 .

Example 21 : CBOR-LD decoding parameters 
typeTable:
{
  "context":
    {
      "https://www.w3.org/ns/credentials/v2": 32768,
      "https://w3id.org/vc-barcodes/v1": 32769,
      "https://w3id.org/utopia/v2": 32770
    },
  
  "https://w3id.org/security#cryptosuiteString":
    {
      "ecdsa-rdfc-2019": 1,
      "ecdsa-sd-2023": 2,
      "eddsa-rdfc-2022": 3,
      "ecdsa-xi-2023": 4
    }
}
Example 22 : A JSON-LD VC for a Utopia Driver's License VCB 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/vc-barcodes/v1",
    "https://w3id.org/utopia/v2"
  ],
  "type": [
    "VerifiableCredential",
    "OpticalBarcodeCredential"
  ],
  "credentialSubject": {
    "type": "AamvaDriversLicenseScannableInformation",
    "protectedComponentIndex": "uggAg"
  },
  "issuer": "did:key:zDnaeWjKfs1ob9QcgasjYSPEMkwq31hmvSAWPVAgnrt1e9GKj",
  "credentialStatus": {
    "type": "TerseBitstringStatusListEntry",
    "terseStatusListBaseUrl": "https://sandbox.platform.veres.dev/statuses/z19rJ4oGrbFCqf3cNTVDHSbNd/status-lists",
    "terseStatusListIndex": 3851559041
  },
  "proof": {
    "type": "DataIntegrityProof",
    "verificationMethod": "did:key:zDnaeWjKfs1ob9QcgasjYSPEMkwq31hmvSAWPVAgnrt1e9GKj#zDnaeWjKfs1ob9QcgasjYSPEMkwq31hmvSAWPVAgnrt1e9GKj",
    "cryptosuite": "ecdsa-xi-2023",
    "proofPurpose": "assertionMethod",
    "proofValue": "z4g6G3dAZhhtPxPWgFvkiRv7krtCaeJxjokvL46fchAFCXEY3FeX2vn46MDgBaw779g1E1jswZJxxreZDCrtHg2qH"
  }
}
Example 23 : A JSON-LD VC for a Utopia EAD VCB 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/vc-barcodes/v1",
    "https://w3id.org/utopia/v2"
  ],
  "type": [
    "VerifiableCredential",
    "OpticalBarcodeCredential"
  ],
  "credentialSubject": {
    "type": "MachineReadableZone"
  },
  "issuer": "did:key:zDnaeZSD9XcuULaS8qmgDUa6TMg2QjF9xABnZK42awDH3BEzj",
  "proof": {
    "type": "DataIntegrityProof",
    "verificationMethod": "did:key:zDnaeZSD9XcuULaS8qmgDUa6TMg2QjF9xABnZK42awDH3BEzj#zDnaeZSD9XcuULaS8qmgDUa6TMg2QjF9xABnZK42awDH3BEzj",
    "cryptosuite": "ecdsa-xi-2023",
    "proofPurpose": "assertionMethod",
    "proofValue": "z4B8AQgjwgsEdcPEZkrkK2mTVKn7qufoDgDkv9Qitf9tjxQPMoJaGdXwDrThjp7LUdvzsDJ7UwYu6Xpm9fjbo6QnJ"
  }
}

6.2.2 Verifying

Again Again, we apply Algorithm 3.5.4.1 and Algorithm 3.5.4.2 to create the opticalDataBytes that ecdsa-xi-2023 requires, using the scanned PDF417 as input for the driver's license, and using the MRZ on the EAD as input for the EAD:

Example 24 : A canonicalization of a Utopia Driver's License PDF417 
canonicalizedData = 'DACJOHN\nDAQ987654321\nDCSSMITH\n'
opticalDataBytes:
  [188,  38, 200, 146, 227, 213,  90, 250,
  50,  18, 126, 254,  47, 177,  91,  23,
  64, 129, 104, 223, 136,  81, 116,  67,
136,
125,
137,
165,
117,
63,
152,
207]
Example 25 : A canonicalization of a Utopia EAD MRZ 
canonicalizedData = 'IAUTO0000007010SRC0000000701<<\n8804192M2601058NOT<<<<<<<<<<
<5\nSMITH<<JOHN<<<<<<<<<<<<<<<<<<<\n'
opticalDataBytes:
[8, 198, 126, 183,  25, 160, 166, 112,
254, 184, 189,  47, 225, 211, 125, 210,
132, 137, 45,  86, 169,  28,  57, 165,
46,
253,
9,
137,
145,
42,
192,
113]

We then apply Algorithm 3.5.3 and Algorithm 3.5.2 to verify the credential.

6.2.3 Status Checking

The last step is to check the status information on the Driver's License credential. We apply Algorithm 3.4 to convert the TerseBitstringStatusListEntry into a BitstringStatusListEntry . Here we check two status types, 'revocation' and 'suspension', passing those strings as values of statusPurpose .

Example 26 : A BitstringStatusListEntry for status purpose: revocation 
{
  type: 'BitstringStatusListEntry',
  statusListCredential: 'https://sandbox.platform.veres.dev/statuses/z19rJ4oGrbFCqf3cNTVDHSbNd/status-lists/revocation/29385',
  statusListIndex: 8321,
  statusPurpose: 'revocation'
}
Example 27 : A BitstringStatusListEntry for status purpose: suspension 
{
  type: 'BitstringStatusListEntry',
  statusListCredential: 'https://sandbox.platform.veres.dev/statuses/z19rJ4oGrbFCqf3cNTVDHSbNd/status-lists/suspension/29385',
  statusListIndex: 8321,
  statusPurpose: 'suspension'
}

These can then be validated as in the Bitstring Status List v1.0: Validate Algorithm .

6.3 Legacy CBOR-LD encoded credentials

For testing if The same process is used to test whether a CBOR-LD implementation that is not fully up to date is used. The process remains the same, was used, with the exception of the CBOR-LD decoding step, for which the following appContextMap should be used:
Example 28 : A BitstringStatusListEntry for status purpose: suspension 
appContextMap:
[['https://www.w3.org/ns/credentials/v2', 32768],
['https://w3id.org/vc-barcodes/v1', 32769],
['https://w3id.org/utopia/v2',
32770]]

6.3.1 Driver's License

A VCB from a Utopia driver's license encoded with legacy CBOR-LD.
Figure 8 A VCB from a Utopia driver's license encoded with legacy CBOR-LD.

6.3.2 Employment Authorization Document

A VCB from a Utopia EAD encoded with legacy CBOR-LD.
Figure 9 A VCB from a Utopia EAD encoded with legacy CBOR-LD.

For use with the following MRZ:

An MRZ on a Utopia Employment Authorization Document.
Figure 10 An MRZ on a Utopia Employment Authorization Document.

7. Revision History

This section is non-normative.

This section contains the substantive changes that have been made to this specification over time.

Issue 2 : Content will be filled in after standards-track has been started

The content for this specification will be filled in after the standards-track process has been started.

A. References

A.1 Normative references

[aamva-dl-id-card-design-standard]
AAMVA DL/ID Card Design Standard (2020) . American Association of Motor Vehicle Administrators. 2020. URL: https://www.aamva.org/assets/best-practices,-guides,-standards,-manuals,-whitepapers/aamva-dl-id-card-design-standard-(2020)
[CBOR-LD]
Compact Binary Object Representation for Linked Data v0.7 . URL: https://json-ld.github.io/cbor-ld-spec/
[ICAO9303-3]
Machine Readable Travel Documents Part 3: Specifications Common to all MRTDs, Eighth Edition, 2021 . ICAO. International Civil Aviation Organization. 2021. URL: https://www.icao.int/publications/Documents/9303_p3_cons_en.pdf
[infra]
Infra Standard . Anne van Kesteren; Domenic Denicola. WHATWG. Living Standard. URL: https://infra.spec.whatwg.org/
[ISO15438-2015]
ISO/IEC 15438:2015: PDF417 Bar Code Symbology Specification . ISO/IEC JTC 1/SC 31. International Standards Organization. 2015. URL: https://www.iso.org/standard/65502.html
[RFC2119]
Key words for use in RFCs to Indicate Requirement Levels . S. Bradner. IETF. March 1997. Best Current Practice. URL: https://www.rfc-editor.org/rfc/rfc2119
[RFC8174]
Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words . B. Leiba. IETF. May 2017. Best Current Practice. URL: https://www.rfc-editor.org/rfc/rfc8174
[URL]
URL Standard . Anne van Kesteren. WHATWG. Living Standard. URL: https://url.spec.whatwg.org/
[VC-BITSTRING-STATUS-LIST]
Bitstring Status List v1.0 . Manu Sporny; Dave Longley; Michael Prorock; Mahmoud Alkhraishi. W3C. 10 June 2024. W3C Candidate Recommendation. URL: https://www.w3.org/TR/vc-bitstring-status-list/
[VC-DATA-INTEGRITY]
Verifiable Credential Data Integrity 1.0 . Manu Sporny; Dave Longley; Greg Bernstein; Dmitri Zagidulin; Sebastian Crane. W3C. 9 July 2024. W3C Candidate Recommendation. URL: https://www.w3.org/TR/vc-data-integrity/
[VC-DATA-MODEL-2.0]
Verifiable Credentials Data Model v2.0 . Manu Sporny; Ted Thibodeau Jr; Ivan Herman; Michael Jones; Gabe Cohen. W3C. 9 July 2024. W3C Candidate Recommendation. URL: https://www.w3.org/TR/vc-data-model-2.0/
[VC-DI-ECDSA]
Data Integrity ECDSA Cryptosuites v1.0 . Manu Sporny; Martin Reed; Greg Bernstein; Sebastian Crane. W3C. 10 July 2024. W3C Candidate Recommendation. URL: https://www.w3.org/TR/vc-di-ecdsa/
[XPATH-FUNCTIONS]
XQuery 1.0 and XPath 2.0 Functions and Operators (Second Edition) . Ashok Malhotra; Jim Melton; Norman Walsh; Michael Kay. W3C. 14 December 2010. W3C Recommendation. URL: https://www.w3.org/TR/xpath-functions/