使用 JOSE 和 COSE 保护可验证凭证

W3C 推荐标准

关于本文档的更多详情
此版本:
https://www.w3.org/TR/2025/REC-vc-jose-cose-20250515/
最新发布版本:
https://www.w3.org/TR/vc-jose-cose/
最新编辑草案:
https://w3c.github.io/vc-jose-cose/
历史:
https://www.w3.org/standards/history/vc-jose-cose/
提交历史
实现报告:
https://w3c.github.io/vc-jose-cose-test-suite/
编辑:
Michael Jones (Self-Issued Consulting)
Michael Prorock (Mesur.io)
Gabe Cohen (受邀专家)
反馈:
GitHub w3c/vc-jose-cose拉取请求新建议题未关闭议题
勘误:
存在勘误
相关文档
可验证凭证数据模型 v2.0
受控标识符 1.0

另请参阅 翻译

Copyright © 2025 World Wide Web Consortium. W3C® liability, trademark and permissive document license rules apply.

摘要

本规范定义了如何使用 JSON 对象签名和加密 (JOSE)、 JWT 选择性披露 [SD-JWT]、 以及 CBOR 对象签名和加密 (COSE) [RFC9052] 来保护符合可验证凭证数据模型 [VC-DATA-MODEL-2.0] 的凭证和呈现。 这使得可验证凭证数据模型 [VC-DATA-MODEL-2.0] 能够通过已被广泛采用的签名和加密标准 来实现。

本文档状态

本节描述了本文档在发布时的状态。当前 W3C 出版物列表以及本技术报告的最新修订版可在 W3C 标准和草案 索引 中找到,网址为 https://www.w3.org/TR/。

工作组正在积极寻求关于本规范的实现反馈。为了退出候选推荐阶段, 工作组设定的要求是规范中每个强制性特性至少有两个独立 实现。有关一致性测试流程的详情,请参见 实现报告中列出的测试套件。

本文档由 可验证凭证工作组 使用 推荐标准轨道 作为推荐标准发布。

W3C 建议将本规范作为 Web 标准进行广泛部署。

W3C 推荐标准是一种规范,它在经过广泛的 共识建立后,由 W3C 及其成员认可,并且 得到了工作组成员对实现提供 免版税许可 的承诺。

本文档由一个依据 W3C 专利 政策运作的小组制定。 W3C 维护着一个 任何专利披露的公开列表, 这些披露与该小组的交付物相关;该页面还包括 披露专利的说明。实际知悉某项专利的个人,如果认为该专利包含 必要权利要求, 则必须按照 W3C 专利政策第 6 节披露该信息。

本文档受 2023 年 11 月 03 日 W3C 流程文档管辖。

1. 引言

本规范定义了如何使用 IETF 的 JOSE、OAuth 和 COSE 工作组定义的方法,来保护表达 [VC-DATA-MODEL-2.0] 中所述 可验证凭证和可验证呈现的媒体类型。这包括 JSON Web Signature (JWS) [RFC7515]、JWT 选择性披露 [SD-JWT], 以及 CBOR 对象签名和加密 (COSE) [RFC9052]。 它使用内容类型 [RFC6838] 来区分 符合 [VC-DATA-MODEL-2.0] 的未受保护文档的 数据类型,以及符合 [VC-DATA-MODEL-2.0] 的受保护文档的 数据类型。

JSON Web Signature (JWS) [RFC7515] 定义了一种使用基于 JSON 的 数据结构对文档(包括 JSON 文档)进行数字签名的标准方式。 它提供了一种手段,用于确保文档中所含信息的完整性、 真实性和不可否认性。JWT 选择性披露 (SD-JWT) [SD-JWT] 构建于 JWS 之上,同时还提供了一种能够选择性披露 文档元素的机制。这些属性使 JWS 和 SD-JWT 特别适合用于保护 符合 [VC-DATA-MODEL-2.0] 的文档。

CBOR 对象签名和加密 (COSE) [RFC9052] 定义了一种标准方式,用于使用 简洁二进制对象表示 (CBOR) [RFC8949] 表示数字签名的数据结构。与 JWS 一样,COSE 提供了一种标准化方式来保护信息的完整性、真实性和 机密性。它提供了一组灵活且可扩展的 加密选项,允许广泛的算法 用于签名和加密。

COSE 支持两种主要操作:签名和加密。对于签名, COSE 允许使用 RSA、ECDSA 和 EdDSA 等 各种算法对 CBOR 数据创建数字签名。这些签名 提供数据完整性和真实性的保证。COSE 还支持 加密,可通过使用对称或非对称加密算法 对 CBOR 数据进行加密,从而实现其机密性。

1.1 一致性

除标记为非规范性的章节外,本规范中的所有编写指南、图表、示例和注释均为非规范性内容。其他所有内容均为规范性内容。

本文档中的关键词 MAYMUSTMUST NOTNOT RECOMMENDEDRECOMMENDEDSHOULDSHOULD NOT 应按 BCP 14 [RFC2119] [RFC8174] 中的说明进行解释,但仅当它们像此处所示全部以大写字母出现时才如此。

1.1.1 一致性类别

符合一致性的 JWS 文档是指符合 第 3.1 使用 JOSE 节中 所有 “MUST” 语句的文档。

符合一致性的 JWS 签发者实现会生成 符合一致性的 JWS 文档,并且 MUST 按照 第 3.1 使用 JOSE 节所述保护它们。

符合一致性的 JWS 验证者实现会按照第 符合一致性的 JWS 文档中所述验证 3.1 使用 JOSE

符合一致性的 SD-JWT 文档是指符合 第 3.2 使用 SD-JWT 节中 所有 “MUST” 语句的文档。

符合一致性的 SD-JWT 签发者实现会生成 符合一致性的 SD-JWT 文档,并且 MUST 按照 第 3.2 使用 SD-JWT 节所述保护它们。

符合一致性的 SD-JWT 验证者实现会按照 第 符合一致性的 SD-JWT 文档 中所述验证 3.2 使用 SD-JWT

符合一致性的 COSE 文档是指符合 第 3.3 使用 COSE 节中 所有 “MUST” 语句的文档。

符合一致性的 COSE 签发者实现会生成 符合一致性的 COSE 文档,并且 MUST 按照 第 3.3 使用 COSE 节所述保护它们。

符合一致性的 COSE 验证者实现会按照 第 符合一致性的 COSE 文档 中所述验证 3.3 使用 COSE

1.1.2 保护可验证 凭证

可验证 凭证数据模型 v2.0 描述了本规范采用的保护 JSON 和 CBOR 声明的方法,即应用一个 enveloping proof

本规范定义了如何使用各种 enveloping proof 机制来保护不同的数据结构:

JSON Web Token (JWT):
JWT 会完整地保护一个 JWT Claims Set。JWT Claims Set 是一个 JSON 对象,其中包含关于某个实体的一项或多项声明 (通常是 JWT 的主体)。如果 JWT Claims Set 的任何部分要被披露,则该集合中的所有声明都必须 被披露;不能选择只披露(或隐藏)部分 声明,同时隐藏(或披露)其他声明。
Selective Disclosure JSON Web Token (SD-JWT):
SD-JWT 会保护 JWT Claims Set,类似于 JWT 保护 JWT Claims Set,但增加了选择性 披露或保留 JWT Claims Set 部分内容的能力。 JWT Claims Set 是关于某个实体的一项或多项声明 (通常是 SD-JWT 的主体)。
CBOR Object Signing and Encryption (COSE):
COSE 保护 CBOR(简洁二进制对象表示)数据结构。 CBOR 是一种比 JSON 更紧凑的二进制数据格式,并且 设计用于受限环境。

在可验证凭证的上下文中:

  • 使用 JWT 时, 可验证凭证或呈现会被编码为 JWT Claims Set。
  • 使用 SD-JWT 时, 可验证凭证或呈现会被编码为带有选择性 披露特性的 JWT Claims Set。
  • 使用 COSE 时, 可验证凭证或呈现会被编码为 CBOR 数据结构。

在所有情况下,可验证凭证 或呈现的底层数据模型都与 [VC-DATA-MODEL-2.0] 保持一致, 但编码和安全机制不同。

保护机制中的规范性语句适用于保护 application/vc+jwtapplication/vp+jwtapplication/vc+sd-jwtapplication/vp+sd-jwtapplication/vc+coseapplication/vp+cose

1.1.2.1 JWT 格式和 要求

建议 JSON Web Token 实现者查阅 实现要求

JWT 的签发者、持有者和验证者 MUST 理解 在使用 JSON Web Token 保护 [VC-DATA-MODEL-2.0] 时, JSON Web Token 标头参数设置 "alg": "none" 的影响。当 [VC-DATA-MODEL-2.0] 中的内容类型使用 JSON Web Token 进行保护时, 标头参数设置 "alg": "none" 用于传达编码为 JWT Claims Set 的可验证凭证或 可验证呈现没有完整性保护。

签发者、持有者和验证者 MUST 忽略所有 没有完整性保护的 JWT Claims Set。

JWT Claim Names vcvp MUST NOT 出现在任何构成 可验证凭证可验证 呈现的 JWT Claims Set 中。

1.1.2.2 SD-JWT 格式 和要求

本规范使用 IETF 草案 [SD-JWT] 中定义的 JWT 选择性披露 (SD-JWT)。实现者 SHOULD 参阅 该草案,以了解 SD-JWT 格式和 处理要求的完整细节。

  • SD-JWT 由三个主要部分组成: SD-JWT 本身、可选披露项,以及可选的 KB-JWT(密钥 绑定 JWT)。这些部分由波浪号 (~) 字符分隔。
  • 如果不存在 KB-JWT,则 SD-JWT 必须以 波浪号 (~) 字符结尾。这对于正确解析和 处理 SD-JWT 至关重要。
  • 选择性披露通过使用 disclosure 对象来实现。这些对象是 base64url 编码的 JSON 数组, 其中包含已披露声明的摘要、声明名 和声明值。
  • 每个可披露声明都会在哈希前与盐值 组合,以防止字典攻击。

2. 术语

本节定义本规范中使用的术语。只要这些术语在本规范中出现, 就会包含指向这些术语的链接。

公钥
可用于验证由相应私钥创建的数字证明的 密码材料。
私钥
可用于生成数字证明的密码材料。
可验证凭证
一种用于表达可通过密码学验证的数字凭证的标准数据模型和表示格式, 如 W3C 可验证凭证规范 [VC-DATA-MODEL-2.0] 所定义。
受控标识符文档
一种包含公共密码材料的文档,如 受控 标识符 v1.0 规范中所定义。

3. 保护 VC 数据模型

本节概述如何使用 JOSE、SD-JWT 和 COSE 来保护符合 [VC-DATA-MODEL-2.0] 的文档。

符合 [VC-DATA-MODEL-2.0] 的文档, 及其相关媒体类型,依赖于 JSON-LD,这是一种用于描述 链接数据的可扩展格式;参见 JSON-LD 与 RDF 的关系

这种方法的一个好处是,载荷可以直接符合 [VC-DATA-MODEL-2.0],而无需任何映射或 转换,同时还支持在 JOSE、 SD-JWT 和 COSE 上下文中理解的已注册 标头参数和声明。

RECOMMENDED 使用媒体类型来区分 可验证凭证可验证呈现 与其他类型的受保护 JSON 或 CBOR。

SHOULD 使用可用的最具体媒体类型(或子类型), 而不是更通用的媒体类型(或超类型)。例如, 除非存在更具体、能够更好识别受保护 信封格式的媒体类型,否则相较于通用的 application/sd-jwtSHOULD 使用 application/vc+sd-jwt

如果实现不知道应使用哪种媒体类型,则 MUST 使用本规范中定义的媒体类型。

3.1 使用 JOSE

3.1.1 使用 JOSE 保护 JSON-LD 可验证凭证

本节详细说明如何使用 JOSE 来保护 符合 [VC-DATA-MODEL-2.0] 的可验证凭证

符合一致性的 JWS 签发者实现 MUST 使用 [RFC7515] 来 保护此媒体类型。未受保护的可验证凭证是 未编码的 JWS 载荷。

typ 标头参数 SHOULDvc+jwt。 当存在时,cty 标头参数 SHOULDvc。 在使用 vc+jwt 时,cty 标头参数值可用于区分 不同类型的受保护内容。 content type 标头参数是可选的,并且可以在存在更具体媒体类型时 用于表达比 application/vc 更具体的媒体类型。 有关 typcty 用法的更多详细信息,请参见已注册标头参数 名称

符合一致性的 JWS 验证者实现 MUST 使用 [RFC7515] 来 验证使用此媒体 类型的符合一致性的 JWS 文档

当通过不安全信道传输受保护的可验证凭证时,为了对其加密, 实现者 MAY 使用 JSON Web Encryption (JWE) [RFC7516],方法是按照 [RFC7519] 中关于嵌套 JWT 的描述, 将受保护的 可验证凭证作为 JWE 的明文载荷嵌套。

示例 1:使用 JOSE 保护的可验证凭证的简单示例 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "id": "http://university.example/credentials/3732",
  "type": ["VerifiableCredential", "ExampleDegreeCredential", "ExamplePersonCredential"],
  "issuer": "https://university.example/issuers/14",
  "validFrom": "2010-01-01T19:23:24Z",
  "credentialSubject": {
    "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
    "degree": {
      "type": "ExampleBachelorDegree",
      "name": "Bachelor of Science and Arts"
    },
    "alumniOf": {
      "name": "Example University"
    }
  },
  "credentialSchema": [{
    "id": "https://example.org/examples/degree.json",
    "type": "JsonSchema"
  },
  {
    "id": "https://example.org/examples/alumni.json",
    "type": "JsonSchema"
  }]
}
受保护标头 
{
  "kid": "ExHkBMW9fmbkvV266mRpuP2sUY_N_EWIN1lapUzO8ro",
  "alg": "ES256"
}
application/vc 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "id": "http://university.example/credentials/3732",
  "type": [
    "VerifiableCredential",
    "ExampleDegreeCredential",
    "ExamplePersonCredential"
  ],
  "issuer": "https://university.example/issuers/14",
  "validFrom": "2010-01-01T19:23:24Z",
  "credentialSubject": {
    "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
    "degree": {
      "type": "ExampleBachelorDegree",
      "name": "Bachelor of Science and Arts"
    },
    "alumniOf": {
      "name": "Example University"
    }
  },
  "credentialSchema": [
    {
      "id": "https://example.org/examples/degree.json",
      "type": "JsonSchema"
    },
    {
      "id": "https://example.org/examples/alumni.json",
      "type": "JsonSchema"
    }
  ]
}
application/vc+jwt
eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ .eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaWQiOiJodHRwOi8vdW5pdmVyc2l0eS5leGFtcGxlL2NyZWRlbnRpYWxzLzM3MzIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiRXhhbXBsZURlZ3JlZUNyZWRlbnRpYWwiLCJFeGFtcGxlUGVyc29uQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJodHRwczovL3VuaXZlcnNpdHkuZXhhbXBsZS9pc3N1ZXJzLzE0IiwidmFsaWRGcm9tIjoiMjAxMC0wMS0wMVQxOToyMzoyNFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSIsImRlZ3JlZSI6eyJ0eXBlIjoiRXhhbXBsZUJhY2hlbG9yRGVncmVlIiwibmFtZSI6IkJhY2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMifSwiYWx1bW5pT2YiOnsibmFtZSI6IkV4YW1wbGUgVW5pdmVyc2l0eSJ9fSwiY3JlZGVudGlhbFNjaGVtYSI6W3siaWQiOiJodHRwczovL2V4YW1wbGUub3JnL2V4YW1wbGVzL2RlZ3JlZS5qc29uIiwidHlwZSI6Ikpzb25TY2hlbWEifSx7ImlkIjoiaHR0cHM6Ly9leGFtcGxlLm9yZy9leGFtcGxlcy9hbHVtbmkuanNvbiIsInR5cGUiOiJKc29uU2NoZW1hIn1dfQ .xbpSjNX9SAAn8YM31TcXFIWgdLwNGpQguO2xoTWv_NoE1cSNW5RlWbsaO3hlYE6y9aa4q7ie5FXubvPwi1K__g

有关此示例的更多详细信息,请参见可验证 凭证数据模型 v2.0

3.1.2 使用 JOSE 保护 JSON-LD 可验证呈现

本节详细说明如何使用 JOSE 来保护 符合 [VC-DATA-MODEL-2.0] 的可验证 呈现

符合一致性的 JWS 签发者实现 MUST 使用 [RFC7515] 来 保护此媒体类型。未受保护的可验证 呈现是 未编码的 JWS 载荷。

typ 标头参数 SHOULDvp+jwt。 当存在时,cty 标头参数 SHOULDvp。 在使用 vp+jwt 时,cty 标头参数值可用于区分 不同类型的受保护内容。 content type 标头参数是可选的,并且可以在存在更具体媒体类型时 用于表达比 application/vc 更具体的媒体类型。 有关 typcty 用法的更多详细信息,请参见已注册标头参数 名称

符合一致性的 JWS 验证者实现 MUST 使用 [RFC7515] 来 验证使用此媒体 类型的符合一致性的 JWS 文档

可验证 呈现中受保护的可验证凭证 MUST 使用 [VC-DATA-MODEL-2.0] 定义的 Enveloped Verifiable Credential 类型。

可验证 呈现中的可验证呈现 MUST 使用 [VC-DATA-MODEL-2.0] 定义的 Enveloped Verifiable Presentation 类型。

可验证 呈现中的凭证 MUST 受到保护。 在此情况下,这些凭证使用 JWS 进行保护。

当通过不安全信道传输受保护的可验证 呈现时,为了对其加密, 实现者 MAY 使用 JSON Web Encryption (JWE) [RFC7516],方法是按照 [RFC7519] 中关于嵌套 JWT 的描述, 将受保护的 可验证 呈现作为 JWE 的明文载荷嵌套。

示例 2:使用 JOSE 及 EnvelopedVerifiableCredential 类型保护的可验证呈现的简单示例 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "VerifiablePresentation",
  "verifiableCredential": [{
    "@context": ["https://www.w3.org/ns/credentials/v2"],
    "type": ["EnvelopedVerifiableCredential"],
    "id": "data:application/vc+jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMzODQifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaWQiOiJodHRwOi8vdW5pdmVyc2l0eS5leGFtcGxlL2NyZWRlbnRpYWxzLzE4NzIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiRXhhbXBsZUFsdW1uaUNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiaHR0cHM6Ly91bml2ZXJzaXR5LmV4YW1wbGUvaXNzdWVycy81NjUwNDkiLCJ2YWxpZEZyb20iOiIyMDEwLTAxLTAxVDE5OjIzOjI0WiIsImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2V4YW1wbGUub3JnL2V4YW1wbGVzL2RlZ3JlZS5qc29uIiwidHlwZSI6Ikpzb25TY2hlbWEifSwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZXhhbXBsZToxMjMiLCJkZWdyZWUiOnsidHlwZSI6IkJhY2hlbG9yRGVncmVlIiwibmFtZSI6IkJhY2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMifX19.d2k4O3FytQJf83kLh-HsXuPvh6yeOlhJELVo5TF71gu7elslQyOf2ZItAXrtbXF4Kz9WivNdztOayz4VUQ0Mwa8yCDZkP9B2pH-9S_tcAFxeoeJ6Z4XnFuL_DOfkR1fP"
  }]
}
受保护标头 
{
  "kid": "ExHkBMW9fmbkvV266mRpuP2sUY_N_EWIN1lapUzO8ro",
  "alg": "ES256"
}
application/vp 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "VerifiablePresentation",
  "verifiableCredential": [
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "id": "data:application/vc+jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMzODQifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaWQiOiJodHRwOi8vdW5pdmVyc2l0eS5leGFtcGxlL2NyZWRlbnRpYWxzLzE4NzIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiRXhhbXBsZUFsdW1uaUNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiaHR0cHM6Ly91bml2ZXJzaXR5LmV4YW1wbGUvaXNzdWVycy81NjUwNDkiLCJ2YWxpZEZyb20iOiIyMDEwLTAxLTAxVDE5OjIzOjI0WiIsImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2V4YW1wbGUub3JnL2V4YW1wbGVzL2RlZ3JlZS5qc29uIiwidHlwZSI6Ikpzb25TY2hlbWEifSwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZXhhbXBsZToxMjMiLCJkZWdyZWUiOnsidHlwZSI6IkJhY2hlbG9yRGVncmVlIiwibmFtZSI6IkJhY2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMifX19.d2k4O3FytQJf83kLh-HsXuPvh6yeOlhJELVo5TF71gu7elslQyOf2ZItAXrtbXF4Kz9WivNdztOayz4VUQ0Mwa8yCDZkP9B2pH-9S_tcAFxeoeJ6Z4XnFuL_DOfkR1fP;data:application/vc+jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMzODQifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaWQiOiJodHRwOi8vdW5pdmVyc2l0eS5leGFtcGxlL2NyZWRlbnRpYWxzLzE4NzIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiRXhhbXBsZUFsdW1uaUNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiaHR0cHM6Ly91bml2ZXJzaXR5LmV4YW1wbGUvaXNzdWVycy81NjUwNDkiLCJ2YWxpZEZyb20iOiIyMDEwLTAxLTAxVDE5OjIzOjI0WiIsImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2V4YW1wbGUub3JnL2V4YW1wbGVzL2RlZ3JlZS5qc29uIiwidHlwZSI6Ikpzb25TY2hlbWEifSwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZXhhbXBsZToxMjMiLCJkZWdyZWUiOnsidHlwZSI6IkJhY2hlbG9yRGVncmVlIiwibmFtZSI6IkJhY2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMifX19.d2k4O3FytQJf83kLh-HsXuPvh6yeOlhJELVo5TF71gu7elslQyOf2ZItAXrtbXF4Kz9WivNdztOayz4VUQ0Mwa8yCDZkP9B2pH-9S_tcAFxeoeJ6Z4XnFuL_DOfkR1fP",
      "type": "EnvelopedVerifiableCredential"
    }
  ]
}
application/vp+jwt
eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ .eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwidHlwZSI6IlZlcmlmaWFibGVQcmVzZW50YXRpb24iLCJ2ZXJpZmlhYmxlQ3JlZGVudGlhbCI6W3siQGNvbnRleHQiOiJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJpZCI6ImRhdGE6YXBwbGljYXRpb24vdmMrand0LGV5SnJhV1FpT2lKRmVFaHJRazFYT1dadFltdDJWakkyTm0xU2NIVlFNbk5WV1Y5T1gwVlhTVTR4YkdGd1ZYcFBPSEp2SWl3aVlXeG5Jam9pUlZNek9EUWlmUS5leUpBWTI5dWRHVjRkQ0k2V3lKb2RIUndjem92TDNkM2R5NTNNeTV2Y21jdmJuTXZZM0psWkdWdWRHbGhiSE12ZGpJaUxDSm9kSFJ3Y3pvdkwzZDNkeTUzTXk1dmNtY3Zibk12WTNKbFpHVnVkR2xoYkhNdlpYaGhiWEJzWlhNdmRqSWlYU3dpYVdRaU9pSm9kSFJ3T2k4dmRXNXBkbVZ5YzJsMGVTNWxlR0Z0Y0d4bEwyTnlaV1JsYm5ScFlXeHpMekU0TnpJaUxDSjBlWEJsSWpwYklsWmxjbWxtYVdGaWJHVkRjbVZrWlc1MGFXRnNJaXdpUlhoaGJYQnNaVUZzZFcxdWFVTnlaV1JsYm5ScFlXd2lYU3dpYVhOemRXVnlJam9pYUhSMGNITTZMeTkxYm1sMlpYSnphWFI1TG1WNFlXMXdiR1V2YVhOemRXVnljeTgxTmpVd05Ea2lMQ0oyWVd4cFpFWnliMjBpT2lJeU1ERXdMVEF4TFRBeFZERTVPakl6T2pJMFdpSXNJbU55WldSbGJuUnBZV3hUWTJobGJXRWlPbnNpYVdRaU9pSm9kSFJ3Y3pvdkwyVjRZVzF3YkdVdWIzSm5MMlY0WVcxd2JHVnpMMlJsWjNKbFpTNXFjMjl1SWl3aWRIbHdaU0k2SWtwemIyNVRZMmhsYldFaWZTd2lZM0psWkdWdWRHbGhiRk4xWW1wbFkzUWlPbnNpYVdRaU9pSmthV1E2WlhoaGJYQnNaVG94TWpNaUxDSmtaV2R5WldVaU9uc2lkSGx3WlNJNklrSmhZMmhsYkc5eVJHVm5jbVZsSWl3aWJtRnRaU0k2SWtKaFkyaGxiRzl5SUc5bUlGTmphV1Z1WTJVZ1lXNWtJRUZ5ZEhNaWZYMTkuZDJrNE8zRnl0UUpmODNrTGgtSHNYdVB2aDZ5ZU9saEpFTFZvNVRGNzFndTdlbHNsUXlPZjJaSXRBWHJ0YlhGNEt6OVdpdk5kenRPYXl6NFZVUTBNd2E4eUNEWmtQOUIycEgtOVNfdGNBRnhlb2VKNlo0WG5GdUxfRE9ma1IxZlA7ZGF0YTphcHBsaWNhdGlvbi92Yytqd3QsZXlKcmFXUWlPaUpGZUVoclFrMVhPV1p0WW10MlZqSTJObTFTY0hWUU1uTlZXVjlPWDBWWFNVNHhiR0Z3VlhwUE9ISnZJaXdpWVd4bklqb2lSVk16T0RRaWZRLmV5SkFZMjl1ZEdWNGRDSTZXeUpvZEhSd2N6b3ZMM2QzZHk1M015NXZjbWN2Ym5NdlkzSmxaR1Z1ZEdsaGJITXZkaklpTENKb2RIUndjem92TDNkM2R5NTNNeTV2Y21jdmJuTXZZM0psWkdWdWRHbGhiSE12WlhoaGJYQnNaWE12ZGpJaVhTd2lhV1FpT2lKb2RIUndPaTh2ZFc1cGRtVnljMmwwZVM1bGVHRnRjR3hsTDJOeVpXUmxiblJwWVd4ekx6RTROeklpTENKMGVYQmxJanBiSWxabGNtbG1hV0ZpYkdWRGNtVmtaVzUwYVdGc0lpd2lSWGhoYlhCc1pVRnNkVzF1YVVOeVpXUmxiblJwWVd3aVhTd2lhWE56ZFdWeUlqb2lhSFIwY0hNNkx5OTFibWwyWlhKemFYUjVMbVY0WVcxd2JHVXZhWE56ZFdWeWN5ODFOalV3TkRraUxDSjJZV3hwWkVaeWIyMGlPaUl5TURFd0xUQXhMVEF4VkRFNU9qSXpPakkwV2lJc0ltTnlaV1JsYm5ScFlXeFRZMmhsYldFaU9uc2lhV1FpT2lKb2RIUndjem92TDJWNFlXMXdiR1V1YjNKbkwyVjRZVzF3YkdWekwyUmxaM0psWlM1cWMyOXVJaXdpZEhsd1pTSTZJa3B6YjI1VFkyaGxiV0VpZlN3aVkzSmxaR1Z1ZEdsaGJGTjFZbXBsWTNRaU9uc2lhV1FpT2lKa2FXUTZaWGhoYlhCc1pUb3hNak1pTENKa1pXZHlaV1VpT25zaWRIbHdaU0k2SWtKaFkyaGxiRzl5UkdWbmNtVmxJaXdpYm1GdFpTSTZJa0poWTJobGJHOXlJRzltSUZOamFXVnVZMlVnWVc1a0lFRnlkSE1pZlgxOS5kMms0TzNGeXRRSmY4M2tMaC1Ic1h1UHZoNnllT2xoSkVMVm81VEY3MWd1N2Vsc2xReU9mMlpJdEFYcnRiWEY0S3o5V2l2TmR6dE9heXo0VlVRME13YTh5Q0Raa1A5QjJwSC05U190Y0FGeGVvZUo2WjRYbkZ1TF9ET2ZrUjFmUCIsInR5cGUiOiJFbnZlbG9wZWRWZXJpZmlhYmxlQ3JlZGVudGlhbCJ9XX0 .W-VCYKsmbzHlKT13jPIDNqx49jXb5VNyRLVI-cNoBy8gOoYpLJgrV1OYtG8BQd5FtU5K7DxYuwY6HxiKM5cpbQ

有关此示例的更多 详细信息,请参见可验证 凭证数据模型 v2.0

示例 3:使用 JOSE 及 EnvelopedVerifiablePresentation 类型保护的可验证呈现的简单示例 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "EnvelopedVerifiablePresentation",
  "id": "data:application/vp+jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwidHlwZSI6IlZlcmlmaWFibGVQcmVzZW50YXRpb24iLCJ2ZXJpZmlhYmxlQ3JlZGVudGlhbCI6W3siQGNvbnRleHQiOiJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJpZCI6ImRhdGE6YXBwbGljYXRpb24vdmMrand0LGV5SnJhV1FpT2lKRmVFaHJRazFYT1dadFltdDJWakkyTm0xU2NIVlFNbk5WV1Y5T1gwVlhTVTR4YkdGd1ZYcFBPSEp2SWl3aVlXeG5Jam9pUlZNek9EUWlmUS5leUpBWTI5dWRHVjRkQ0k2V3lKb2RIUndjem92TDNkM2R5NTNNeTV2Y21jdmJuTXZZM0psWkdWdWRHbGhiSE12ZGpJaUxDSm9kSFJ3Y3pvdkwzZDNkeTUzTXk1dmNtY3Zibk12WTNKbFpHVnVkR2xoYkhNdlpYaGhiWEJzWlhNdmRqSWlYU3dpYVdRaU9pSm9kSFJ3T2k4dmRXNXBkbVZ5YzJsMGVTNWxlR0Z0Y0d4bEwyTnlaV1JsYm5ScFlXeHpMekU0TnpJaUxDSjBlWEJsSWpwYklsWmxjbWxtYVdGaWJHVkRjbVZrWlc1MGFXRnNJaXdpUlhoaGJYQnNaVUZzZFcxdWFVTnlaV1JsYm5ScFlXd2lYU3dpYVhOemRXVnlJam9pYUhSMGNITTZMeTkxYm1sMlpYSnphWFI1TG1WNFlXMXdiR1V2YVhOemRXVnljeTgxTmpVd05Ea2lMQ0oyWVd4cFpFWnliMjBpT2lJeU1ERXdMVEF4TFRBeFZERTVPakl6T2pJMFdpSXNJbU55WldSbGJuUnBZV3hUWTJobGJXRWlPbnNpYVdRaU9pSm9kSFJ3Y3pvdkwyVjRZVzF3YkdVdWIzSm5MMlY0WVcxd2JHVnpMMlJsWjNKbFpTNXFjMjl1SWl3aWRIbHdaU0k2SWtwemIyNVRZMmhsYldFaWZTd2lZM0psWkdWdWRHbGhiRk4xWW1wbFkzUWlPbnNpYVdRaU9pSmthV1E2WlhoaGJYQnNaVG94TWpNaUxDSmtaV2R5WldVaU9uc2lkSGx3WlNJNklrSmhZMmhsYkc5eVJHVm5jbVZsSWl3aWJtRnRaU0k2SWtKaFkyaGxiRzl5SUc5bUlGTmphV1Z1WTJVZ1lXNWtJRUZ5ZEhNaWZYMTkuZDJrNE8zRnl0UUpmODNrTGgtSHNYdVB2aDZ5ZU9saEpFTFZvNVRGNzFndTdlbHNsUXlPZjJaSXRBWHJ0YlhGNEt6OVdpdk5kenRPYXl6NFZVUTBNd2E4eUNEWmtQOUIycEgtOVNfdGNBRnhlb2VKNlo0WG5GdUxfRE9ma1IxZlA7ZGF0YTphcHBsaWNhdGlvbi92Yytqd3QsZXlKcmFXUWlPaUpGZUVoclFrMVhPV1p0WW10MlZqSTJObTFTY0hWUU1uTlZXVjlPWDBWWFNVNHhiR0Z3VlhwUE9ISnZJaXdpWVd4bklqb2lSVk16T0RRaWZRLmV5SkFZMjl1ZEdWNGRDSTZXeUpvZEhSd2N6b3ZMM2QzZHk1M015NXZjbWN2Ym5NdlkzSmxaR1Z1ZEdsaGJITXZkaklpTENKb2RIUndjem92TDNkM2R5NTNNeTV2Y21jdmJuTXZZM0psWkdWdWRHbGhiSE12WlhoaGJYQnNaWE12ZGpJaVhTd2lhV1FpT2lKb2RIUndPaTh2ZFc1cGRtVnljMmwwZVM1bGVHRnRjR3hsTDJOeVpXUmxiblJwWVd4ekx6RTROeklpTENKMGVYQmxJanBiSWxabGNtbG1hV0ZpYkdWRGNtVmtaVzUwYVdGc0lpd2lSWGhoYlhCc1pVRnNkVzF1YVVOeVpXUmxiblJwWVd3aVhTd2lhWE56ZFdWeUlqb2lhSFIwY0hNNkx5OTFibWwyWlhKemFYUjVMbVY0WVcxd2JHVXZhWE56ZFdWeWN5ODFOalV3TkRraUxDSjJZV3hwWkVaeWIyMGlPaUl5TURFd0xUQXhMVEF4VkRFNU9qSXpPakkwV2lJc0ltTnlaV1JsYm5ScFlXeFRZMmhsYldFaU9uc2lhV1FpT2lKb2RIUndjem92TDJWNFlXMXdiR1V1YjNKbkwyVjRZVzF3YkdWekwyUmxaM0psWlM1cWMyOXVJaXdpZEhsd1pTSTZJa3B6YjI1VFkyaGxiV0VpZlN3aVkzSmxaR1Z1ZEdsaGJGTjFZbXBsWTNRaU9uc2lhV1FpT2lKa2FXUTZaWGhoYlhCc1pUb3hNak1pTENKa1pXZHlaV1VpT25zaWRIbHdaU0k2SWtKaFkyaGxiRzl5UkdWbmNtVmxJaXdpYm1GdFpTSTZJa0poWTJobGJHOXlJRzltSUZOamFXVnVZMlVnWVc1a0lFRnlkSE1pZlgxOS5kMms0TzNGeXRRSmY4M2tMaC1Ic1h1UHZoNnllT2xoSkVMVm81VEY3MWd1N2Vsc2xReU9mMlpJdEFYcnRiWEY0S3o5V2l2TmR6dE9heXo0VlVRME13YTh5Q0Raa1A5QjJwSC05U190Y0FGeGVvZUo2WjRYbkZ1TF9ET2ZrUjFmUCIsInR5cGUiOiJFbnZlbG9wZWRWZXJpZmlhYmxlQ3JlZGVudGlhbCJ9XX0.DiZfXw5jTXeDBobq5ZdcL3S3o8mioZJlqo3iHDtLcEww5L_n2ZJfAJU-a-SmqvMYM--7w4CmeOfq890UGsg_aQ"
}
受保护标头 
{
  "kid": "ExHkBMW9fmbkvV266mRpuP2sUY_N_EWIN1lapUzO8ro",
  "alg": "ES256"
}
application/vp 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "EnvelopedVerifiablePresentation",
  "id": "data:application/vp+jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwidHlwZSI6IlZlcmlmaWFibGVQcmVzZW50YXRpb24iLCJ2ZXJpZmlhYmxlQ3JlZGVudGlhbCI6W3siQGNvbnRleHQiOiJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJpZCI6ImRhdGE6YXBwbGljYXRpb24vdmMrand0LGV5SnJhV1FpT2lKRmVFaHJRazFYT1dadFltdDJWakkyTm0xU2NIVlFNbk5WV1Y5T1gwVlhTVTR4YkdGd1ZYcFBPSEp2SWl3aVlXeG5Jam9pUlZNek9EUWlmUS5leUpBWTI5dWRHVjRkQ0k2V3lKb2RIUndjem92TDNkM2R5NTNNeTV2Y21jdmJuTXZZM0psWkdWdWRHbGhiSE12ZGpJaUxDSm9kSFJ3Y3pvdkwzZDNkeTUzTXk1dmNtY3Zibk12WTNKbFpHVnVkR2xoYkhNdlpYaGhiWEJzWlhNdmRqSWlYU3dpYVdRaU9pSm9kSFJ3T2k4dmRXNXBkbVZ5YzJsMGVTNWxlR0Z0Y0d4bEwyTnlaV1JsYm5ScFlXeHpMekU0TnpJaUxDSjBlWEJsSWpwYklsWmxjbWxtYVdGaWJHVkRjbVZrWlc1MGFXRnNJaXdpUlhoaGJYQnNaVUZzZFcxdWFVTnlaV1JsYm5ScFlXd2lYU3dpYVhOemRXVnlJam9pYUhSMGNITTZMeTkxYm1sMlpYSnphWFI1TG1WNFlXMXdiR1V2YVhOemRXVnljeTgxTmpVd05Ea2lMQ0oyWVd4cFpFWnliMjBpT2lJeU1ERXdMVEF4TFRBeFZERTVPakl6T2pJMFdpSXNJbU55WldSbGJuUnBZV3hUWTJobGJXRWlPbnNpYVdRaU9pSm9kSFJ3Y3pvdkwyVjRZVzF3YkdVdWIzSm5MMlY0WVcxd2JHVnpMMlJsWjNKbFpTNXFjMjl1SWl3aWRIbHdaU0k2SWtwemIyNVRZMmhsYldFaWZTd2lZM0psWkdWdWRHbGhiRk4xWW1wbFkzUWlPbnNpYVdRaU9pSmthV1E2WlhoaGJYQnNaVG94TWpNaUxDSmtaV2R5WldVaU9uc2lkSGx3WlNJNklrSmhZMmhsYkc5eVJHVm5jbVZsSWl3aWJtRnRaU0k2SWtKaFkyaGxiRzl5SUc5bUlGTmphV1Z1WTJVZ1lXNWtJRUZ5ZEhNaWZYMTkuZDJrNE8zRnl0UUpmODNrTGgtSHNYdVB2aDZ5ZU9saEpFTFZvNVRGNzFndTdlbHNsUXlPZjJaSXRBWHJ0YlhGNEt6OVdpdk5kenRPYXl6NFZVUTBNd2E4eUNEWmtQOUIycEgtOVNfdGNBRnhlb2VKNlo0WG5GdUxfRE9ma1IxZlA7ZGF0YTphcHBsaWNhdGlvbi92Yytqd3QsZXlKcmFXUWlPaUpGZUVoclFrMVhPV1p0WW10MlZqSTJObTFTY0hWUU1uTlZXVjlPWDBWWFNVNHhiR0Z3VlhwUE9ISnZJaXdpWVd4bklqb2lSVk16T0RRaWZRLmV5SkFZMjl1ZEdWNGRDSTZXeUpvZEhSd2N6b3ZMM2QzZHk1M015NXZjbWN2Ym5NdlkzSmxaR1Z1ZEdsaGJITXZkaklpTENKb2RIUndjem92TDNkM2R5NTNNeTV2Y21jdmJuTXZZM0psWkdWdWRHbGhiSE12WlhoaGJYQnNaWE12ZGpJaVhTd2lhV1FpT2lKb2RIUndPaTh2ZFc1cGRtVnljMmwwZVM1bGVHRnRjR3hsTDJOeVpXUmxiblJwWVd4ekx6RTROeklpTENKMGVYQmxJanBiSWxabGNtbG1hV0ZpYkdWRGNtVmtaVzUwYVdGc0lpd2lSWGhoYlhCc1pVRnNkVzF1YVVOeVpXUmxiblJwWVd3aVhTd2lhWE56ZFdWeUlqb2lhSFIwY0hNNkx5OTFibWwyWlhKemFYUjVMbVY0WVcxd2JHVXZhWE56ZFdWeWN5ODFOalV3TkRraUxDSjJZV3hwWkVaeWIyMGlPaUl5TURFd0xUQXhMVEF4VkRFNU9qSXpPakkwV2lJc0ltTnlaV1JsYm5ScFlXeFRZMmhsYldFaU9uc2lhV1FpT2lKb2RIUndjem92TDJWNFlXMXdiR1V1YjNKbkwyVjRZVzF3YkdWekwyUmxaM0psWlM1cWMyOXVJaXdpZEhsd1pTSTZJa3B6YjI1VFkyaGxiV0VpZlN3aVkzSmxaR1Z1ZEdsaGJGTjFZbXBsWTNRaU9uc2lhV1FpT2lKa2FXUTZaWGhoYlhCc1pUb3hNak1pTENKa1pXZHlaV1VpT25zaWRIbHdaU0k2SWtKaFkyaGxiRzl5UkdWbmNtVmxJaXdpYm1GdFpTSTZJa0poWTJobGJHOXlJRzltSUZOamFXVnVZMlVnWVc1a0lFRnlkSE1pZlgxOS5kMms0TzNGeXRRSmY4M2tMaC1Ic1h1UHZoNnllT2xoSkVMVm81VEY3MWd1N2Vsc2xReU9mMlpJdEFYcnRiWEY0S3o5V2l2TmR6dE9heXo0VlVRME13YTh5Q0Raa1A5QjJwSC05U190Y0FGeGVvZUo2WjRYbkZ1TF9ET2ZrUjFmUCIsInR5cGUiOiJFbnZlbG9wZWRWZXJpZmlhYmxlQ3JlZGVudGlhbCJ9XX0.DiZfXw5jTXeDBobq5ZdcL3S3o8mioZJlqo3iHDtLcEww5L_n2ZJfAJU-a-SmqvMYM--7w4CmeOfq890UGsg_aQ"
}
application/vp+jwt
eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ .eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwidHlwZSI6IkVudmVsb3BlZFZlcmlmaWFibGVQcmVzZW50YXRpb24iLCJpZCI6ImRhdGE6YXBwbGljYXRpb24vdnArand0LGV5SnJhV1FpT2lKRmVFaHJRazFYT1dadFltdDJWakkyTm0xU2NIVlFNbk5WV1Y5T1gwVlhTVTR4YkdGd1ZYcFBPSEp2SWl3aVlXeG5Jam9pUlZNeU5UWWlmUS5leUpBWTI5dWRHVjRkQ0k2V3lKb2RIUndjem92TDNkM2R5NTNNeTV2Y21jdmJuTXZZM0psWkdWdWRHbGhiSE12ZGpJaUxDSm9kSFJ3Y3pvdkwzZDNkeTUzTXk1dmNtY3Zibk12WTNKbFpHVnVkR2xoYkhNdlpYaGhiWEJzWlhNdmRqSWlYU3dpZEhsd1pTSTZJbFpsY21sbWFXRmliR1ZRY21WelpXNTBZWFJwYjI0aUxDSjJaWEpwWm1saFlteGxRM0psWkdWdWRHbGhiQ0k2VzNzaVFHTnZiblJsZUhRaU9pSm9kSFJ3Y3pvdkwzZDNkeTUzTXk1dmNtY3Zibk12WTNKbFpHVnVkR2xoYkhNdmRqSWlMQ0pwWkNJNkltUmhkR0U2WVhCd2JHbGpZWFJwYjI0dmRtTXJhbmQwTEdWNVNuSmhWMUZwVDJsS1JtVkZhSEpSYXpGWVQxZGFkRmx0ZERKV2Fra3lUbTB4VTJOSVZsRk5iazVXVjFZNVQxZ3dWbGhUVlRSNFlrZEdkMVpZY0ZCUFNFcDJTV2wzYVZsWGVHNUphbTlwVWxaTmVrOUVVV2xtVVM1bGVVcEJXVEk1ZFdSSFZqUmtRMGsyVjNsS2IyUklVbmRqZW05MlRETmtNMlI1TlROTmVUVjJZMjFqZG1KdVRYWlpNMHBzV2tkV2RXUkhiR2hpU0UxMlpHcEphVXhEU205a1NGSjNZM3B2ZGt3elpETmtlVFV6VFhrMWRtTnRZM1ppYmsxMldUTktiRnBIVm5Wa1IyeG9Za2hOZGxwWWFHaGlXRUp6V2xoTmRtUnFTV2xZVTNkcFlWZFJhVTlwU205a1NGSjNUMms0ZG1SWE5YQmtiVlo1WXpKc01HVlROV3hsUjBaMFkwZDRiRXd5VG5sYVYxSnNZbTVTY0ZsWGVIcE1la1UwVG5wSmFVeERTakJsV0VKc1NXcHdZa2xzV214amJXeHRZVmRHYVdKSFZrUmpiVlpyV2xjMU1HRlhSbk5KYVhkcFVsaG9hR0pZUW5OYVZVWnpaRmN4ZFdGVlRubGFWMUpzWW01U2NGbFhkMmxZVTNkcFlWaE9lbVJYVm5sSmFtOXBZVWhTTUdOSVRUWk1lVGt4WW0xc01scFlTbnBoV0ZJMVRHMVdORmxYTVhkaVIxVjJZVmhPZW1SWFZubGplVGd4VG1wVmQwNUVhMmxNUTBveVdWZDRjRnBGV25saU1qQnBUMmxKZVUxRVJYZE1WRUY0VEZSQmVGWkVSVFZQYWtsNlQycEpNRmRwU1hOSmJVNTVXbGRTYkdKdVVuQlpWM2hVV1RKb2JHSlhSV2xQYm5OcFlWZFJhVTlwU205a1NGSjNZM3B2ZGt3eVZqUlpWekYzWWtkVmRXSXpTbTVNTWxZMFdWY3hkMkpIVm5wTU1sSnNXak5LYkZwVE5YRmpNamwxU1dsM2FXUkliSGRhVTBrMlNXdHdlbUl5TlZSWk1taHNZbGRGYVdaVGQybFpNMHBzV2tkV2RXUkhiR2hpUms0eFdXMXdiRmt6VVdsUGJuTnBZVmRSYVU5cFNtdGhWMUUyV2xob2FHSllRbk5hVkc5NFRXcE5hVXhEU210YVYyUjVXbGRWYVU5dWMybGtTR3gzV2xOSk5rbHJTbWhaTW1oc1lrYzVlVkpIVm01amJWWnNTV2wzYVdKdFJuUmFVMGsyU1d0S2FGa3lhR3hpUnpsNVNVYzViVWxHVG1waFYxWjFXVEpWWjFsWE5XdEpSVVo1WkVoTmFXWllNVGt1WkRKck5FOHpSbmwwVVVwbU9ETnJUR2d0U0hOWWRWQjJhRFo1WlU5c2FFcEZURlp2TlZSR056Rm5kVGRsYkhOc1VYbFBaakphU1hSQldISjBZbGhHTkV0Nk9WZHBkazVrZW5SUFlYbDZORlpWVVRCTmQyRTRlVU5FV210UU9VSXljRWd0T1ZOZmRHTkJSbmhsYjJWS05sbzBXRzVHZFV4ZlJFOW1hMUl4WmxBN1pHRjBZVHBoY0hCc2FXTmhkR2x2Ymk5Mll5dHFkM1FzWlhsS2NtRlhVV2xQYVVwR1pVVm9jbEZyTVZoUFYxcDBXVzEwTWxacVNUSk9iVEZUWTBoV1VVMXVUbFpYVmpsUFdEQldXRk5WTkhoaVIwWjNWbGh3VUU5SVNuWkphWGRwV1ZkNGJrbHFiMmxTVmsxNlQwUlJhV1pSTG1WNVNrRlpNamwxWkVkV05HUkRTVFpYZVVwdlpFaFNkMk42YjNaTU0yUXpaSGsxTTAxNU5YWmpiV04yWW01TmRsa3pTbXhhUjFaMVpFZHNhR0pJVFhaa2FrbHBURU5LYjJSSVVuZGplbTkyVEROa00yUjVOVE5OZVRWMlkyMWpkbUp1VFhaWk0wcHNXa2RXZFdSSGJHaGlTRTEyV2xob2FHSllRbk5hV0UxMlpHcEphVmhUZDJsaFYxRnBUMmxLYjJSSVVuZFBhVGgyWkZjMWNHUnRWbmxqTW13d1pWTTFiR1ZIUm5SalIzaHNUREpPZVZwWFVteGlibEp3V1ZkNGVreDZSVFJPZWtscFRFTktNR1ZZUW14SmFuQmlTV3hhYkdOdGJHMWhWMFpwWWtkV1JHTnRWbXRhVnpVd1lWZEdjMGxwZDJsU1dHaG9ZbGhDYzFwVlJuTmtWekYxWVZWT2VWcFhVbXhpYmxKd1dWZDNhVmhUZDJsaFdFNTZaRmRXZVVscWIybGhTRkl3WTBoTk5reDVPVEZpYld3eVdsaEtlbUZZVWpWTWJWWTBXVmN4ZDJKSFZYWmhXRTU2WkZkV2VXTjVPREZPYWxWM1RrUnJhVXhEU2pKWlYzaHdXa1ZhZVdJeU1HbFBhVWw1VFVSRmQweFVRWGhNVkVGNFZrUkZOVTlxU1hwUGFra3dWMmxKYzBsdFRubGFWMUpzWW01U2NGbFhlRlJaTW1oc1lsZEZhVTl1YzJsaFYxRnBUMmxLYjJSSVVuZGplbTkyVERKV05GbFhNWGRpUjFWMVlqTktia3d5VmpSWlZ6RjNZa2RXZWt3eVVteGFNMHBzV2xNMWNXTXlPWFZKYVhkcFpFaHNkMXBUU1RaSmEzQjZZakkxVkZreWFHeGlWMFZwWmxOM2FWa3pTbXhhUjFaMVpFZHNhR0pHVGpGWmJYQnNXVE5SYVU5dWMybGhWMUZwVDJsS2EyRlhVVFphV0dob1lsaENjMXBVYjNoTmFrMXBURU5LYTFwWFpIbGFWMVZwVDI1emFXUkliSGRhVTBrMlNXdEthRmt5YUd4aVJ6bDVVa2RXYm1OdFZteEphWGRwWW0xR2RGcFRTVFpKYTBwb1dUSm9iR0pIT1hsSlJ6bHRTVVpPYW1GWFZuVlpNbFZuV1ZjMWEwbEZSbmxrU0UxcFpsZ3hPUzVrTW1zMFR6TkdlWFJSU21ZNE0ydE1hQzFJYzFoMVVIWm9ObmxsVDJ4b1NrVk1WbTgxVkVZM01XZDFOMlZzYzJ4UmVVOW1NbHBKZEVGWWNuUmlXRVkwUzNvNVYybDJUbVI2ZEU5aGVYbzBWbFZSTUUxM1lUaDVRMFJhYTFBNVFqSndTQzA1VTE5MFkwRkdlR1Z2WlVvMldqUllia1oxVEY5RVQyWnJVakZtVUNJc0luUjVjR1VpT2lKRmJuWmxiRzl3WldSV1pYSnBabWxoWW14bFEzSmxaR1Z1ZEdsaGJDSjlYWDAuRGlaZlh3NWpUWGVEQm9icTVaZGNMM1MzbzhtaW9aSmxxbzNpSER0TGNFd3c1TF9uMlpKZkFKVS1hLVNtcXZNWU0tLTd3NENtZU9mcTg5MFVHc2dfYVEiLCJ2ZXJpZmlhYmxlQ3JlZGVudGlhbCI6W119 .ndvXgG0tEU5qu5B9hoYgQBSExPrjgQSs8mO1Sd62hUVyfeND3Dcym5gFL4gr_rM-_0glipfbNTZK7BxvSoibHw

有关此示例的更多详细信息,请参见可验证 凭证数据模型 v2.0

实现 MUST 支持 JWS 紧凑序列化。 NOT RECOMMENDED 使用 JWS JSON 序列化。

3.1.3 JOSE 标头参数和 JWT 声明

本节是非规范性的。

当已注册在 IANA JSON Web Token Claims 注册表或 IANA JSON Web Signature and Encryption Header Parameters 注册表中的成员出现在 JOSE HeaderJWT Claims Set 中时, 应按照注册表中引用的规范所定义的方式解释这些成员。

已注册标头参数名称JOSE Header将声明复制为标头 参数 中的规范性语句适用于保护凭证呈现

未编码的 JOSE Header 是 JSON (application/json),而不是 JSON-LD (application/ld+json)。

RECOMMENDED 使用 IANA JSON Web Token Claims 注册表和 IANA JSON Web Signature and Encryption Header Parameters 注册表来识别可能会与 [VC-DATA-MODEL-2.0] 定义的成员 混淆的任何声明和标头参数。 这些包括但不限于:isskidalgiatexpcnf

当存在 iat(Issued At)和/或 exp(Expiration Time)JWT 声明时,它们分别 表示签名的签发时间和过期时间。 注意,它们不同于 有效期中定义的 validFromvalidUntil 属性, 后两者表示受保护数据的有效性。 NOT RECOMMENDED 使用 nbf(Not Before)声明, 因为试图为签名指定一个未来日期并没有多大意义。

本规范提供的声明和安全性独立于 [VC-DATA-MODEL-2.0] 所保护的数据及其提供的语义。 这意味着,虽然本规范的安全特性 确保数据完整性和真实性, 但它们并不规定声明数据的解释方式。

当某个声明和属性对指向同一概念实体时, 实现者 SHOULD 避免将 JWT 声明设置为与可验证凭证 属性值冲突的值, 尤其是 ississuerjtiid, 以及 subcredentialSubject.id 等配对。 例如,JWK 声明 iss SHOULD NOT 被设置为与可验证凭证属性 issuer 的值相冲突的值。

JWT Claim Names vcvp MUST NOT 出现。

可以存在其他成员作为标头参数和声明。 如果不能理解它们,则 MUST 忽略它们。

3.2 使用 SD-JWT

3.2.1 使用 SD-JWT 保护 JSON-LD 可验证凭证

本节详细说明如何使用 JOSE 来保护 符合 [VC-DATA-MODEL-2.0] 的可验证凭证

符合一致性的 SD-JWT 签发者实现 MUST 使用 [SD-JWT] 来保护此媒体类型。 未受保护的可验证凭证是 输入 JWT Claims Set。 然后签发者将输入 JWT Claims Set(即 未受保护的可验证凭证)按照 SD-JWT 签发说明转换为 [SD-JWT] 载荷。

typ 标头参数 SHOULDvc+sd-jwt。 当存在时,cty 标头参数 SHOULDvc。 在使用 vc+sd-jwt 时,cty 标头参数值可用于区分 不同类型的受保护内容。 content type 标头参数是可选的,并且可以在存在更具体媒体类型时 用于表达比 application/vc 更具体的媒体类型。 有关 typcty 用法的更多详细信息,请参见已注册标头参数 名称

符合一致性的 SD-JWT 验证者实现 MUST 使用 [SD-JWT] 来验证使用此媒体类型的符合一致性的 JWS 文档

使用 [SD-JWT] 保护可验证凭证时, 实现者 SHOULD 确保凭证的 验证与校验所必需的属性不是可选择性 披露的(即,此类属性 SHOULD 被披露)。 这些属性可以包括但不限于 @contexttypecredentialStatuscredentialSchemarelatedResource

当通过不安全信道传输受保护的可验证凭证时, 为了对其加密,实现者 MAY 使用 JSON Web Encryption (JWE) [RFC7516],方法是按照 [SD-JWT] 第 11.2 节中的说明, 将受保护的 可验证凭证作为 JWE 的明文载荷嵌套。

示例 4:使用 SD-JWT 保护的可验证凭证的简单示例 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "id": "http://university.example/credentials/3732",
  "type": ["VerifiableCredential", "ExampleDegreeCredential", "ExamplePersonCredential"],
  "issuer": "https://university.example/issuers/14",
  "validFrom": "2010-01-01T19:23:24Z",
  "credentialSubject": {
    "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
    "degree": {
      "type": "ExampleBachelorDegree",
      "name": "Bachelor of Science and Arts"
    },
    "alumniOf": {
      "name": "Example University"
    }
  },
  "credentialSchema": [{
    "id": "https://example.org/examples/degree.json",
    "type": "JsonSchema"
  },
  {
    "id": "https://example.org/examples/alumni.json",
    "type": "JsonSchema"
  }]
}
eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ .eyJpYXQiOjE3NDU1OTQ3NzIsImV4cCI6MTc0NjgwNDM3MiwiX3NkX2FsZyI6InNoYS0yNTYiLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaXNzdWVyIjoiaHR0cHM6Ly91bml2ZXJzaXR5LmV4YW1wbGUvaXNzdWVycy8xNCIsInZhbGlkRnJvbSI6IjIwMTAtMDEtMDFUMTk6MjM6MjRaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiZGVncmVlIjp7Im5hbWUiOiJCYWNoZWxvciBvZiBTY2llbmNlIGFuZCBBcnRzIiwiX3NkIjpbIkdRMHZrZUVGZ2RWWkxMdEhZYTdPSkZqQmtJeVRGVGo3SlAxX1pnb3hpejgiXX0sImFsdW1uaU9mIjp7Im5hbWUiOiJFeGFtcGxlIFVuaXZlcnNpdHkifSwiX3NkIjpbIlFHOFdjdkZpcVBKcE9YVUFPWnJ5a2FYMWhTRWhKRHA2cVFNZFhiOTJPRzQiXX0sImNyZWRlbnRpYWxTY2hlbWEiOlt7Il9zZCI6WyI3S2lOSENFSEVjR3JjbExOa2t1TXZHc0lld2ZCaVVOMEJWZnA1YzU1TGlvIiwicTAyWU16dWlEX25jQ0F5S1c4Q0xMbXhmd2RqVUJvai1tbWFhNVJVTjVlVSJdfSx7Il9zZCI6WyJHZGR2b3QtZTY3eGlRd0JCcjBhZXFQOGNnMXQzQWZMcEVQdTBMLUpubFBFIiwieUNDbU5PRGhKR3dqQzJPUjRXa29XRzNia1U1X0FhYjN3cDE0QzNjSjBoZyJdfV0sIl9zZCI6WyJHYWc4bkhyVjRIbHlLQy1KWm9KTWV1TWNlSjVwNVNnaDlTZWQ3ZF9hc29nIiwicGl3RFFtME1HUjlMQ2ZHRnlQd2xIUGIwT3ZpM05aQU5xeUZCNl9iRDE0YyJdfQ .6A0qNztAmhl4HWw4pdgEaeM5hMJZie69xKJRjk2-bkwTdqlx1xDvZRtjH6kBduFRmUo_1JtyDqOPxGHe6w-nxg ~WyJGOEprZFJiT3hDbUM3UU9GbjZSX0F3IiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMzczMiJd~WyI4d0NOVnpjcHRyZnVlQ3ZkX1ByVnpRIiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVEZWdyZWVDcmVkZW50aWFsIiwgIkV4YW1wbGVQZXJzb25DcmVkZW50aWFsIl1d~WyIwcEYzMVBUem9oRnNnZW1qXzNMb2tBIiwgImlkIiwgImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSJd~WyJMaU9qeGZZTU9uOTVUcEhnRnp0SGZ3IiwgInR5cGUiLCAiRXhhbXBsZUJhY2hlbG9yRGVncmVlIl0~WyJBTlUta1NPWGoxZWg3NHlUcC0xcjNnIiwgImlkIiwgImh0dHBzOi8vZXhhbXBsZS5vcmcvZXhhbXBsZXMvZGVncmVlLmpzb24iXQ~WyJhcXRSLU93Wk0xWjh0eTFIbzBwa3BRIiwgInR5cGUiLCAiSnNvblNjaGVtYSJd~WyJIdE91TkllQ2FaN0ZQY0lpQ3RoRS1nIiwgImlkIiwgImh0dHBzOi8vZXhhbXBsZS5vcmcvZXhhbXBsZXMvYWx1bW5pLmpzb24iXQ~WyJKZWpaYy1JY0JvNjNJcUZiUWVpY19nIiwgInR5cGUiLCAiSnNvblNjaGVtYSJd~ 
{
  "kid": "ExHkBMW9fmbkvV266mRpuP2sUY_N_EWIN1lapUzO8ro",
  "alg": "ES256"
}
{
  "iat": 1745594772,
  "exp": 1746804372,
  "_sd_alg": "sha-256",
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "issuer": "https://university.example/issuers/14",
  "validFrom": "2010-01-01T19:23:24Z",
  "credentialSubject": {
    "degree": {
      "name": "Bachelor of Science and Arts",
      "_sd": [
        "GQ0vkeEFgdVZLLtHYa7OJFjBkIyTFTj7JP1_Zgoxiz8"
      ]
    },
    "alumniOf": {
      "name": "Example University"
    },
    "_sd": [
      "QG8WcvFiqPJpOXUAOZrykaX1hSEhJDp6qQMdXb92OG4"
    ]
  },
  "credentialSchema": [
    {
      "_sd": [
        "7KiNHCEHEcGrclLNkkuMvGsIewfBiUN0BVfp5c55Lio",
        "q02YMzuiD_ncCAyKW8CLLmxfwdjUBoj-mmaa5RUN5eU"
      ]
    },
    {
      "_sd": [
        "Gddvot-e67xiQwBBr0aeqP8cg1t3AfLpEPu0L-JnlPE",
        "yCCmNODhJGwjC2OR4WkoWG3bkU5_Aab3wp14C3cJ0hg"
      ]
    }
  ],
  "_sd": [
    "Gag8nHrV4HlyKC-JZoJMeuMceJ5p5Sgh9Sed7d_asog",
    "piwDQm0MGR9LCfGFyPwlHPb0Ovi3NZANqyFB6_bD14c"
  ]
}

声明: id

SHA-256 哈希: Gag8nHrV4HlyKC-JZoJMeuMceJ5p5Sgh9Sed7d_asog

披露项: WyJGOEprZFJiT3hDbUM3UU9GbjZSX0F3IiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMzczMiJd

内容: [
  "F8JkdRbOxCmC7QOFn6R_Aw",
  "id",
  "http://university.example/credentials/3732"
]

声明: type

SHA-256 哈希: piwDQm0MGR9LCfGFyPwlHPb0Ovi3NZANqyFB6_bD14c

披露项: WyI4d0NOVnpjcHRyZnVlQ3ZkX1ByVnpRIiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVEZWdyZWVDcmVkZW50aWFsIiwgIkV4YW1wbGVQZXJzb25DcmVkZW50aWFsIl1d

内容: [
  "8wCNVzcptrfueCvd_PrVzQ",
  "type",
  [
    "VerifiableCredential",
    "ExampleDegreeCredential",
    "ExamplePersonCredential"
  ]
]

声明: id

SHA-256 哈希: QG8WcvFiqPJpOXUAOZrykaX1hSEhJDp6qQMdXb92OG4

披露项: WyIwcEYzMVBUem9oRnNnZW1qXzNMb2tBIiwgImlkIiwgImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSJd

内容: [
  "0pF31PTzohFsgemj_3LokA",
  "id",
  "did:example:ebfeb1f712ebc6f1c276e12ec21"
]

声明: type

SHA-256 哈希: GQ0vkeEFgdVZLLtHYa7OJFjBkIyTFTj7JP1_Zgoxiz8

披露项: WyJMaU9qeGZZTU9uOTVUcEhnRnp0SGZ3IiwgInR5cGUiLCAiRXhhbXBsZUJhY2hlbG9yRGVncmVlIl0

内容: [
  "LiOjxfYMOn95TpHgFztHfw",
  "type",
  "ExampleBachelorDegree"
]

声明: id

SHA-256 哈希: q02YMzuiD_ncCAyKW8CLLmxfwdjUBoj-mmaa5RUN5eU

披露项: WyJBTlUta1NPWGoxZWg3NHlUcC0xcjNnIiwgImlkIiwgImh0dHBzOi8vZXhhbXBsZS5vcmcvZXhhbXBsZXMvZGVncmVlLmpzb24iXQ

内容: [
  "ANU-kSOXj1eh74yTp-1r3g",
  "id",
  "https://example.org/examples/degree.json"
]

声明: type

SHA-256 哈希: 7KiNHCEHEcGrclLNkkuMvGsIewfBiUN0BVfp5c55Lio

披露项: WyJhcXRSLU93Wk0xWjh0eTFIbzBwa3BRIiwgInR5cGUiLCAiSnNvblNjaGVtYSJd

内容: [
  "aqtR-OwZM1Z8ty1Ho0pkpQ",
  "type",
  "JsonSchema"
]

声明: id

SHA-256 哈希: Gddvot-e67xiQwBBr0aeqP8cg1t3AfLpEPu0L-JnlPE

披露项: WyJIdE91TkllQ2FaN0ZQY0lpQ3RoRS1nIiwgImlkIiwgImh0dHBzOi8vZXhhbXBsZS5vcmcvZXhhbXBsZXMvYWx1bW5pLmpzb24iXQ

内容: [
  "HtOuNIeCaZ7FPcIiCthE-g",
  "id",
  "https://example.org/examples/alumni.json"
]

声明: type

SHA-256 哈希: yCCmNODhJGwjC2OR4WkoWG3bkU5_Aab3wp14C3cJ0hg

披露项: WyJKZWpaYy1JY0JvNjNJcUZiUWVpY19nIiwgInR5cGUiLCAiSnNvblNjaGVtYSJd

内容: [
  "JejZc-IcBo63IqFbQeic_g",
  "type",
  "JsonSchema"
]

有关此示例的更多详细信息,请参见可验证 凭证数据模型 v2.0

3.2.2 使用 SD-JWT 保护 JSON-LD 可验证 呈现

本节详细说明如何使用 [SD-JWT] 来保护 符合 [VC-DATA-MODEL-2.0] 的可验证 呈现

符合一致性的 SD-JWT 签发者实现 MUST 使用 [SD-JWT] 来保护此媒体类型。 未受保护的可验证 呈现是未编码的 [SD-JWT] 载荷。

typ 标头参数 SHOULDvp+sd-jwt。 当存在时,cty 标头参数 SHOULDvp。 在使用 vp+sd-jwt 时,cty 标头参数值可用于区分 不同类型的受保护内容。 content type 标头参数是可选的,并且可以在存在更具体媒体类型时 用于表达比 application/vc 更具体的媒体类型。 有关 typcty 用法的更多详细信息,请参见已注册标头参数 名称

符合一致性的 SD-JWT 验证者实现 MUST 使用 [SD-JWT] 来验证使用此媒体类型的符合一致性的 JWS 文档

可验证 呈现中受保护的可验证凭证 MUST 使用 [VC-DATA-MODEL-2.0] 定义的 Enveloped Verifiable Credential 类型。

可验证 呈现中的可验证呈现 MUST 使用 [VC-DATA-MODEL-2.0] 定义的 Enveloped Verifiable Presentation 类型。

可验证 呈现中的凭证 MUST 受到保护。 在此情况下,这些凭证使用 SD-JWT 进行保护。

使用 [SD-JWT] 保护可验证 呈现时, 实现者 SHOULD 确保凭证的 验证与校验所必需的属性不是可选择性 披露的(即,此类属性 SHOULD 被披露)。 这些属性可以包括但不限于 @contexttypecredentialStatuscredentialSchemarelatedResource

当通过不安全信道传输受保护的可验证 呈现时,为了对其加密, 实现者 MAY 使用 JSON Web Encryption (JWE) [RFC7516],方法是按照 [SD-JWT] 第 11.2 节中的说明, 将受保护的 可验证 呈现作为 JWE 的明文载荷嵌套。

示例 5:使用 SD-JWT 及 EnvelopedVerifiableCredential 类型保护的可验证呈现的简单示例 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "VerifiablePresentation",
  "verifiableCredential": [{
    "@context": "https://www.w3.org/ns/credentials/v2",
    "type": "EnvelopedVerifiableCredential",
    "id": "data:application/vc+sd-jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ.eyJfc2RfYWxnIjoic2hhLTI1NiIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy9leGFtcGxlcy92MiJdLCJpc3N1ZXIiOiJodHRwczovL3VuaXZlcnNpdHkuZXhhbXBsZS9pc3N1ZXJzLzU2NTA0OSIsInZhbGlkRnJvbSI6IjIwMTAtMDEtMDFUMTk6MjM6MjRaIiwiY3JlZGVudGlhbFNjaGVtYSI6eyJfc2QiOlsiNjVFLVZZbmE3UE5mSGVsUDN6THFwcE5ERXhSLWhjWkhSTnlxN2U0ZVdabyIsIjhJbEwtUGx4Ukt3S0hLaTMtTXhXMjM4d0FkTmQ0NHdabC1iY3NBc2JIQjAiXX0sImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImRlZ3JlZSI6eyJuYW1lIjoiQmFjaGVsb3Igb2YgU2NpZW5jZSBhbmQgQXJ0cyIsIl9zZCI6WyJMVXhqcWtsWS1hdDVSVmFoSXpxM3NJZ015dkdwVDlwdlUwdTRyU2ktMXl3Il19LCJfc2QiOlsiVmxZLW50ZklPOUI5RGRsUWp5U2REMldoVWI0bjc3Zl9HWDZ2U1dLQWpCNCJdfSwiX3NkIjpbIi1iREZ4Um94UUVlcEdjZFl6a250aTVGWXBsUTU5N0djaEdUTGVtLVJSY1UiLCJfREFVZ0xrTF9zVkVtLTBvcE8zaWhpeVFhS0ZzT08xUl9ONk1CUmprOWhFIl19.Kc083RKbBxc3Vr5qR3iEEPp3dKxTa6sPaWNsqtkIw8TvMRf9EZL2ajtgkWSBYzyzOzawOrCXryyp4rMTyI9vfA ~WyJiQ1RTaU9HNUo1VXhPY1QwUlNfd01nIiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMTg3MiJd~WyJTclNWMS01SjR6cWhOU3N3STIwaHdRIiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVBbHVtbmlDcmVkZW50aWFsIl1d~WyJKX294dDhtUGUtaDl4MkQzc29uT1N3IiwgImlkIiwgImh0dHBzOi8vZXhhbXBsZS5vcmcvZXhhbXBsZXMvZGVncmVlLmpzb24iXQ~WyJDMlpWektmZ185RUh1ajB2S1ExdWJnIiwgInR5cGUiLCAiSnNvblNjaGVtYSJd~WyJ6Szd5QlFPbFhfX2Q0X0VoYUc0Y0pRIiwgImlkIiwgImRpZDpleGFtcGxlOjEyMyJd~WyJ6b1pzRzMzeXBMeVRGMm9aS3ZmMVFnIiwgInR5cGUiLCAiQmFjaGVsb3JEZWdyZWUiXQ~"
  }]
}
eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ .eyJpYXQiOjE3NDU1OTQ3NzIsImV4cCI6MTc0NjgwNDM3MiwiX3NkX2FsZyI6InNoYS0yNTYiLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwidmVyaWZpYWJsZUNyZWRlbnRpYWwiOlt7IkBjb250ZXh0IjoiaHR0cHM6Ly93d3cudzMub3JnL25zL2NyZWRlbnRpYWxzL3YyIiwiX3NkIjpbIi1UVlJVNnlRUmtWRi01cTA4NmNYdWZ4RnU4dnA0QVpKTy1oX1U4enlGX1EiLCJhZ0wxdzlFS3hLMGw2cVZLeDc5RGt1eUdGaDJzemdIRzlSZjBrR18ybnVnIl19XSwiX3NkIjpbIlJ6VHI4ek0wcDEtMHJ3aEx3czAyX0kzMEQ4RzZrcERQRmxPRmdhZzB5YTAiXX0 .-CPblBXo8Oep4RSgE7QjlZwy2oAMlfmWUue7MHjYlqhyZSX6BvZ4hLGBKNqdqgaKDvq6M-VFXB8xE9GUvF9Iqg ~WyIwempCdDNBa0VRd0tJbllMNmhvX0lBIiwgInR5cGUiLCAiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJd~WyJHRXRVYzJuSS1Qd2xMYVhZM19Wd2p3IiwgInR5cGUiLCAiRW52ZWxvcGVkVmVyaWZpYWJsZUNyZWRlbnRpYWwiXQ~WyJRenl4OTJ5azNZQ2tyZmdRejZQVHVnIiwgImlkIiwgImRhdGE6YXBwbGljYXRpb24vdmMrc2Qtand0LCBleUpyYVdRaU9pSkZlRWhyUWsxWE9XWnRZbXQyVmpJMk5tMVNjSFZRTW5OVldWOU9YMFZYU1U0eGJHRndWWHBQT0hKdklpd2lZV3huSWpvaVJWTXlOVFlpZlEuZXlKZmMyUmZZV3huSWpvaWMyaGhMVEkxTmlJc0lrQmpiMjUwWlhoMElqcGJJbWgwZEhCek9pOHZkM2QzTG5jekxtOXlaeTl1Y3k5amNtVmtaVzUwYVdGc2N5OTJNaUlzSW1oMGRIQnpPaTh2ZDNkM0xuY3pMbTl5Wnk5dWN5OWpjbVZrWlc1MGFXRnNjeTlsZUdGdGNHeGxjeTkyTWlKZExDSnBjM04xWlhJaU9pSm9kSFJ3Y3pvdkwzVnVhWFpsY25OcGRIa3VaWGhoYlhCc1pTOXBjM04xWlhKekx6VTJOVEEwT1NJc0luWmhiR2xrUm5KdmJTSTZJakl3TVRBdE1ERXRNREZVTVRrNk1qTTZNalJhSWl3aVkzSmxaR1Z1ZEdsaGJGTmphR1Z0WVNJNmV5SmZjMlFpT2xzaU5qVkZMVlpaYm1FM1VFNW1TR1ZzVURONlRIRndjRTVFUlhoU0xXaGpXa2hTVG5seE4yVTBaVmRhYnlJc0lqaEpiRXd0VUd4NFVrdDNTMGhMYVRNdFRYaFhNak00ZDBGa1RtUTBOSGRhYkMxaVkzTkJjMkpJUWpBaVhYMHNJbU55WldSbGJuUnBZV3hUZFdKcVpXTjBJanA3SW1SbFozSmxaU0k2ZXlKdVlXMWxJam9pUW1GamFHVnNiM0lnYjJZZ1UyTnBaVzVqWlNCaGJtUWdRWEowY3lJc0lsOXpaQ0k2V3lKTVZYaHFjV3RzV1MxaGREVlNWbUZvU1hweE0zTkpaMDE1ZGtkd1ZEbHdkbFV3ZFRSeVUya3RNWGwzSWwxOUxDSmZjMlFpT2xzaVZteFpMVzUwWmtsUE9VSTVSR1JzVVdwNVUyUkVNbGRvVldJMGJqYzNabDlIV0RaMlUxZExRV3BDTkNKZGZTd2lYM05rSWpwYklpMWlSRVo0VW05NFVVVmxjRWRqWkZsNmEyNTBhVFZHV1hCc1VUVTVOMGRqYUVkVVRHVnRMVkpTWTFVaUxDSmZSRUZWWjB4clRGOXpWa1Z0TFRCdmNFOHphV2hwZVZGaFMwWnpUMDh4VWw5T05rMUNVbXByT1doRklsMTkuS2MwODNSS2JCeGMzVnI1cVIzaUVFUHAzZEt4VGE2c1BhV05zcXRrSXc4VHZNUmY5RVpMMmFqdGdrV1NCWXp5ek96YXdPckNYcnl5cDRyTVR5STl2ZkEgfld5SmlRMVJUYVU5SE5VbzFWWGhQWTFRd1VsTmZkMDFuSWl3Z0ltbGtJaXdnSW1oMGRIQTZMeTkxYm1sMlpYSnphWFI1TG1WNFlXMXdiR1V2WTNKbFpHVnVkR2xoYkhNdk1UZzNNaUpkfld5SlRjbE5XTVMwMVNqUjZjV2hPVTNOM1NUSXdhSGRSSWl3Z0luUjVjR1VpTENCYklsWmxjbWxtYVdGaWJHVkRjbVZrWlc1MGFXRnNJaXdnSWtWNFlXMXdiR1ZCYkhWdGJtbERjbVZrWlc1MGFXRnNJbDFkfld5SktYMjk0ZERodFVHVXRhRGw0TWtRemMyOXVUMU4zSWl3Z0ltbGtJaXdnSW1oMGRIQnpPaTh2WlhoaGJYQnNaUzV2Y21jdlpYaGhiWEJzWlhNdlpHVm5jbVZsTG1wemIyNGlYUX5XeUpETWxwV2VrdG1aMTg1UlVoMWFqQjJTMUV4ZFdKbklpd2dJblI1Y0dVaUxDQWlTbk52YmxOamFHVnRZU0pkfld5SjZTemQ1UWxGUGJGaGZYMlEwWDBWb1lVYzBZMHBSSWl3Z0ltbGtJaXdnSW1ScFpEcGxlR0Z0Y0d4bE9qRXlNeUpkfld5SjZiMXB6UnpNemVYQk1lVlJHTW05YVMzWm1NVkZuSWl3Z0luUjVjR1VpTENBaVFtRmphR1ZzYjNKRVpXZHlaV1VpWFF-Il0~ 
{
  "kid": "ExHkBMW9fmbkvV266mRpuP2sUY_N_EWIN1lapUzO8ro",
  "alg": "ES256"
}
{
  "iat": 1745594772,
  "exp": 1746804372,
  "_sd_alg": "sha-256",
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "verifiableCredential": [
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "_sd": [
        "-TVRU6yQRkVF-5q086cXufxFu8vp4AZJO-h_U8zyF_Q",
        "agL1w9EKxK0l6qVKx79DkuyGFh2szgHG9Rf0kG_2nug"
      ]
    }
  ],
  "_sd": [
    "RzTr8zM0p1-0rwhLws02_I30D8G6kpDPFlOFgag0ya0"
  ]
}

声明: type

SHA-256 哈希: RzTr8zM0p1-0rwhLws02_I30D8G6kpDPFlOFgag0ya0

披露项: WyIwempCdDNBa0VRd0tJbllMNmhvX0lBIiwgInR5cGUiLCAiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJd

内容: [
  "0zjBt3AkEQwKInYL6ho_IA",
  "type",
  "VerifiablePresentation"
]

声明: type

SHA-256 哈希: agL1w9EKxK0l6qVKx79DkuyGFh2szgHG9Rf0kG_2nug

披露项: WyJHRXRVYzJuSS1Qd2xMYVhZM19Wd2p3IiwgInR5cGUiLCAiRW52ZWxvcGVkVmVyaWZpYWJsZUNyZWRlbnRpYWwiXQ

内容: [
  "GEtUc2nI-PwlLaXY3_Vwjw",
  "type",
  "EnvelopedVerifiableCredential"
]

声明: id

SHA-256 哈希: -TVRU6yQRkVF-5q086cXufxFu8vp4AZJO-h_U8zyF_Q

披露项: WyJRenl4OTJ5azNZQ2tyZmdRejZQVHVnIiwgImlkIiwgImRhdGE6YXBwbGljYXRpb24vdmMrc2Qtand0LCBleUpyYVdRaU9pSkZlRWhyUWsxWE9XWnRZbXQyVmpJMk5tMVNjSFZRTW5OVldWOU9YMFZYU1U0eGJHRndWWHBQT0hKdklpd2lZV3huSWpvaVJWTXlOVFlpZlEuZXlKZmMyUmZZV3huSWpvaWMyaGhMVEkxTmlJc0lrQmpiMjUwWlhoMElqcGJJbWgwZEhCek9pOHZkM2QzTG5jekxtOXlaeTl1Y3k5amNtVmtaVzUwYVdGc2N5OTJNaUlzSW1oMGRIQnpPaTh2ZDNkM0xuY3pMbTl5Wnk5dWN5OWpjbVZrWlc1MGFXRnNjeTlsZUdGdGNHeGxjeTkyTWlKZExDSnBjM04xWlhJaU9pSm9kSFJ3Y3pvdkwzVnVhWFpsY25OcGRIa3VaWGhoYlhCc1pTOXBjM04xWlhKekx6VTJOVEEwT1NJc0luWmhiR2xrUm5KdmJTSTZJakl3TVRBdE1ERXRNREZVTVRrNk1qTTZNalJhSWl3aVkzSmxaR1Z1ZEdsaGJGTmphR1Z0WVNJNmV5SmZjMlFpT2xzaU5qVkZMVlpaYm1FM1VFNW1TR1ZzVURONlRIRndjRTVFUlhoU0xXaGpXa2hTVG5seE4yVTBaVmRhYnlJc0lqaEpiRXd0VUd4NFVrdDNTMGhMYVRNdFRYaFhNak00ZDBGa1RtUTBOSGRhYkMxaVkzTkJjMkpJUWpBaVhYMHNJbU55WldSbGJuUnBZV3hUZFdKcVpXTjBJanA3SW1SbFozSmxaU0k2ZXlKdVlXMWxJam9pUW1GamFHVnNiM0lnYjJZZ1UyTnBaVzVqWlNCaGJtUWdRWEowY3lJc0lsOXpaQ0k2V3lKTVZYaHFjV3RzV1MxaGREVlNWbUZvU1hweE0zTkpaMDE1ZGtkd1ZEbHdkbFV3ZFRSeVUya3RNWGwzSWwxOUxDSmZjMlFpT2xzaVZteFpMVzUwWmtsUE9VSTVSR1JzVVdwNVUyUkVNbGRvVldJMGJqYzNabDlIV0RaMlUxZExRV3BDTkNKZGZTd2lYM05rSWpwYklpMWlSRVo0VW05NFVVVmxjRWRqWkZsNmEyNTBhVFZHV1hCc1VUVTVOMGRqYUVkVVRHVnRMVkpTWTFVaUxDSmZSRUZWWjB4clRGOXpWa1Z0TFRCdmNFOHphV2hwZVZGaFMwWnpUMDh4VWw5T05rMUNVbXByT1doRklsMTkuS2MwODNSS2JCeGMzVnI1cVIzaUVFUHAzZEt4VGE2c1BhV05zcXRrSXc4VHZNUmY5RVpMMmFqdGdrV1NCWXp5ek96YXdPckNYcnl5cDRyTVR5STl2ZkEgfld5SmlRMVJUYVU5SE5VbzFWWGhQWTFRd1VsTmZkMDFuSWl3Z0ltbGtJaXdnSW1oMGRIQTZMeTkxYm1sMlpYSnphWFI1TG1WNFlXMXdiR1V2WTNKbFpHVnVkR2xoYkhNdk1UZzNNaUpkfld5SlRjbE5XTVMwMVNqUjZjV2hPVTNOM1NUSXdhSGRSSWl3Z0luUjVjR1VpTENCYklsWmxjbWxtYVdGaWJHVkRjbVZrWlc1MGFXRnNJaXdnSWtWNFlXMXdiR1ZCYkhWdGJtbERjbVZrWlc1MGFXRnNJbDFkfld5SktYMjk0ZERodFVHVXRhRGw0TWtRemMyOXVUMU4zSWl3Z0ltbGtJaXdnSW1oMGRIQnpPaTh2WlhoaGJYQnNaUzV2Y21jdlpYaGhiWEJzWlhNdlpHVm5jbVZsTG1wemIyNGlYUX5XeUpETWxwV2VrdG1aMTg1UlVoMWFqQjJTMUV4ZFdKbklpd2dJblI1Y0dVaUxDQWlTbk52YmxOamFHVnRZU0pkfld5SjZTemQ1UWxGUGJGaGZYMlEwWDBWb1lVYzBZMHBSSWl3Z0ltbGtJaXdnSW1ScFpEcGxlR0Z0Y0d4bE9qRXlNeUpkfld5SjZiMXB6UnpNemVYQk1lVlJHTW05YVMzWm1NVkZuSWl3Z0luUjVjR1VpTENBaVFtRmphR1ZzYjNKRVpXZHlaV1VpWFF-Il0

内容: [
  "Qzyx92yk3YCkrfgQz6PTug",
  "id",
  "data:application/vc+sd-jwt, eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ.eyJfc2RfYWxnIjoic2hhLTI1NiIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy9leGFtcGxlcy92MiJdLCJpc3N1ZXIiOiJodHRwczovL3VuaXZlcnNpdHkuZXhhbXBsZS9pc3N1ZXJzLzU2NTA0OSIsInZhbGlkRnJvbSI6IjIwMTAtMDEtMDFUMTk6MjM6MjRaIiwiY3JlZGVudGlhbFNjaGVtYSI6eyJfc2QiOlsiNjVFLVZZbmE3UE5mSGVsUDN6THFwcE5ERXhSLWhjWkhSTnlxN2U0ZVdabyIsIjhJbEwtUGx4Ukt3S0hLaTMtTXhXMjM4d0FkTmQ0NHdabC1iY3NBc2JIQjAiXX0sImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImRlZ3JlZSI6eyJuYW1lIjoiQmFjaGVsb3Igb2YgU2NpZW5jZSBhbmQgQXJ0cyIsIl9zZCI6WyJMVXhqcWtsWS1hdDVSVmFoSXpxM3NJZ015dkdwVDlwdlUwdTRyU2ktMXl3Il19LCJfc2QiOlsiVmxZLW50ZklPOUI5RGRsUWp5U2REMldoVWI0bjc3Zl9HWDZ2U1dLQWpCNCJdfSwiX3NkIjpbIi1iREZ4Um94UUVlcEdjZFl6a250aTVGWXBsUTU5N0djaEdUTGVtLVJSY1UiLCJfREFVZ0xrTF9zVkVtLTBvcE8zaWhpeVFhS0ZzT08xUl9ONk1CUmprOWhFIl19.Kc083RKbBxc3Vr5qR3iEEPp3dKxTa6sPaWNsqtkIw8TvMRf9EZL2ajtgkWSBYzyzOzawOrCXryyp4rMTyI9vfA ~WyJiQ1RTaU9HNUo1VXhPY1QwUlNfd01nIiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMTg3MiJd~WyJTclNWMS01SjR6cWhOU3N3STIwaHdRIiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVBbHVtbmlDcmVkZW50aWFsIl1d~WyJKX294dDhtUGUtaDl4MkQzc29uT1N3IiwgImlkIiwgImh0dHBzOi8vZXhhbXBsZS5vcmcvZXhhbXBsZXMvZGVncmVlLmpzb24iXQ~WyJDMlpWektmZ185RUh1ajB2S1ExdWJnIiwgInR5cGUiLCAiSnNvblNjaGVtYSJd~WyJ6Szd5QlFPbFhfX2Q0X0VoYUc0Y0pRIiwgImlkIiwgImRpZDpleGFtcGxlOjEyMyJd~WyJ6b1pzRzMzeXBMeVRGMm9aS3ZmMVFnIiwgInR5cGUiLCAiQmFjaGVsb3JEZWdyZWUiXQ~"
]

有关此示例的更多详细信息,请参见可验证 凭证数据模型 v2.0

示例 6:使用 SD-JWT 及 EnvelopedVerifiablePresentation 类型保护的可验证呈现的简单示例 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "EnvelopedVerifiablePresentation",
  "id": "data:application/vp+sd-jwt,eyJhbGciOiJFUzM4NCIsImtpZCI6IlVRTV9fblE0UzZCTzhuUTRuT05YeHB4aHRob3lOeGI1M0xZZ1l6LTJBQnMiLCJ0eXAiOiJ2cCtsZCtqc29uK3NkLWp3dCIsImN0eSI6InZwK2xkK2pzb24ifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwidmVyaWZpYWJsZUNyZWRlbnRpYWwiOlt7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy9leGFtcGxlcy92MiJdLCJpc3N1ZXIiOiJodHRwczovL3VuaXZlcnNpdHkuZXhhbXBsZS9pc3N1ZXJzLzU2NTA0OSIsInZhbGlkRnJvbSI6IjIwMTAtMDEtMDFUMTk6MjM6MjRaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYWx1bW5pT2YiOnsibmFtZSI6IkV4YW1wbGUgVW5pdmVyc2l0eSIsIl9zZCI6WyJoek9LRzU2cDI5c1ByTGFDNUE4RndFdUczVU05dUlZU1p1cU9YczJlVGJBIl19LCJfc2QiOlsiWVdXVmVDRndxQmk4WDBqSF9jV0NWWU16STNhOHBjTEVYRWZicFNSQVlndyJdfSwiX3NkIjpbIjJJZjhhaUs4REZwVWJ4dEc1cGMwel9SaFJzbm1ybGFRMEhzcTk4WFNyYWsiLCJUeDZ4ZWZMVUdUZUpfYWtVUFdGeHNvbUhobGtWVnpfNzVoaVZ6eWpyYmVzIl19XSwiX3NkIjpbIjd2anl0VVN3ZEJ0MXQ5RktlOVFfS3JIRXhFWGxrTEFaTzBKM0Jpd200dlkiXSwiX3NkX2FsZyI6InNoYS0yNTYiLCJpYXQiOjE3MDY1NjI4NDksImV4cCI6MTczODE4NTI0OSwiY25mIjp7Imp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwiYWxnIjoiRVMzODQiLCJ4IjoidWtEd1U2ZzlQUVRFUWhYaEgyckRZNndMQlg3UHFlUjZBcGlhVHBEUXowcl8tdDl6UXNxem54Z0hEcE5oekZlQyIsInkiOiJMQnhVYnBVdFNGMVVKVTVpYnJIdkpINjBUSG5YMk1xa0xHZGltU1l0UGR4RlkxOEdhcldiS3FZV0djUkZHVE9BIn19fQ.kYD63YtBNYnLUTw6Szf1vs_Ug3UBXhPwCyqpNmPnPDa3rXZQhQLdB1BgaoO8zgQ-c3B41fxaXMnLHYV9-B20uboSpJP0B-2Vre917eQt1cSDswDGA_Ytvn4BSqYVBB2J~WyJFMkFsRzhsY2p0QVFrcllIbjlIbnVRIiwgInR5cGUiLCAiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJd~WyI5NldYMDRneno4cVZzOVZLU2wwYTVnIiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMTg3MiJd~WyJaekU2VFVaamtHMW1DWXBKMEhnc0l3IiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVBbHVtbmlDcmVkZW50aWFsIl1d~WyItQ3NsS25GZGFYb2JiQWsyU0JBVGR3IiwgImlkIiwgImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSJd~WyJuRm1OWl9IczB3WWNoOFdkeTdnQUNRIiwgImlkIiwgImRpZDpleGFtcGxlOmMyNzZlMTJlYzIxZWJmZWIxZjcxMmViYzZmMSJd~"
}
eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ .eyJpYXQiOjE3NDU1OTQ3NzIsImV4cCI6MTc0NjgwNDM3MiwiX3NkX2FsZyI6InNoYS0yNTYiLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiX3NkIjpbIjNoUmczNzNhVEhVblI0b2NrMkNBU2EzeHdpaVdlOGVVUndWNU1GVFA3dlEiLCJXb2J4dDdHZ1VtRVpKaEJJZGkyb1NyaDN4aEtqak5Xa0Rnc2t4M0RJNmtnIl19 .789HJKTur9F0FpxUR_EUk8SudozGvoayr83QyxuoiDbP7BudeJMibmU_CWB_AGSVR5XNDMlqJW4XLvj3XQ3WCw ~WyJZM3JRNVNkUFd3YW5ieTRlMGhMSDF3IiwgInR5cGUiLCAiRW52ZWxvcGVkVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJd~WyJFUWRUZEprS3Fjd3RrMkVVMUxkOTZnIiwgImlkIiwgImRhdGE6YXBwbGljYXRpb24vdnArc2Qtand0LCBleUpoYkdjaU9pSkZVek00TkNJc0ltdHBaQ0k2SWxWUlRWOWZibEUwVXpaQ1R6aHVVVFJ1VDA1WWVIQjRhSFJvYjNsT2VHSTFNMHhaWjFsNkxUSkJRbk1pTENKMGVYQWlPaUoyY0N0c1pDdHFjMjl1SzNOa0xXcDNkQ0lzSW1OMGVTSTZJblp3SzJ4a0sycHpiMjRpZlEuZXlKQVkyOXVkR1Y0ZENJNld5Sm9kSFJ3Y3pvdkwzZDNkeTUzTXk1dmNtY3Zibk12WTNKbFpHVnVkR2xoYkhNdmRqSWlMQ0pvZEhSd2N6b3ZMM2QzZHk1M015NXZjbWN2Ym5NdlkzSmxaR1Z1ZEdsaGJITXZaWGhoYlhCc1pYTXZkaklpWFN3aWRtVnlhV1pwWVdKc1pVTnlaV1JsYm5ScFlXd2lPbHQ3SWtCamIyNTBaWGgwSWpwYkltaDBkSEJ6T2k4dmQzZDNMbmN6TG05eVp5OXVjeTlqY21Wa1pXNTBhV0ZzY3k5Mk1pSXNJbWgwZEhCek9pOHZkM2QzTG5jekxtOXlaeTl1Y3k5amNtVmtaVzUwYVdGc2N5OWxlR0Z0Y0d4bGN5OTJNaUpkTENKcGMzTjFaWElpT2lKb2RIUndjem92TDNWdWFYWmxjbk5wZEhrdVpYaGhiWEJzWlM5cGMzTjFaWEp6THpVMk5UQTBPU0lzSW5aaGJHbGtSbkp2YlNJNklqSXdNVEF0TURFdE1ERlVNVGs2TWpNNk1qUmFJaXdpWTNKbFpHVnVkR2xoYkZOMVltcGxZM1FpT25zaVlXeDFiVzVwVDJZaU9uc2libUZ0WlNJNklrVjRZVzF3YkdVZ1ZXNXBkbVZ5YzJsMGVTSXNJbDl6WkNJNld5Sm9lazlMUnpVMmNESTVjMUJ5VEdGRE5VRTRSbmRGZFVjelZVMDVkVWxaVTFwMWNVOVljekpsVkdKQklsMTlMQ0pmYzJRaU9sc2lXVmRYVm1WRFJuZHhRbWs0V0RCcVNGOWpWME5XV1UxNlNUTmhPSEJqVEVWWVJXWmljRk5TUVZsbmR5SmRmU3dpWDNOa0lqcGJJakpKWmpoaGFVczRSRVp3VldKNGRFYzFjR013ZWw5U2FGSnpibTF5YkdGUk1FaHpjVGs0V0ZOeVlXc2lMQ0pVZURaNFpXWk1WVWRVWlVwZllXdFZVRmRHZUhOdmJVaG9iR3RXVm5wZk56Vm9hVlo2ZVdweVltVnpJbDE5WFN3aVgzTmtJanBiSWpkMmFubDBWVk4zWkVKME1YUTVSa3RsT1ZGZlMzSklSWGhGV0d4clRFRmFUekJLTTBKcGQyMDBkbGtpWFN3aVgzTmtYMkZzWnlJNkluTm9ZUzB5TlRZaUxDSnBZWFFpT2pFM01EWTFOakk0TkRrc0ltVjRjQ0k2TVRjek9ERTROVEkwT1N3aVkyNW1JanA3SW1wM2F5STZleUpyZEhraU9pSkZReUlzSW1OeWRpSTZJbEF0TXpnMElpd2lZV3huSWpvaVJWTXpPRFFpTENKNElqb2lkV3RFZDFVMlp6bFFVVlJGVVdoWWFFZ3lja1JaTm5kTVFsZzNVSEZsVWpaQmNHbGhWSEJFVVhvd2NsOHRkRGw2VVhOeGVtNTRaMGhFY0U1b2VrWmxReUlzSW5raU9pSk1RbmhWWW5CVmRGTkdNVlZLVlRWcFluSklka3BJTmpCVVNHNVlNazF4YTB4SFpHbHRVMWwwVUdSNFJsa3hPRWRoY2xkaVMzRlpWMGRqVWtaSFZFOUJJbjE5ZlEua1lENjNZdEJOWW5MVVR3NlN6ZjF2c19VZzNVQlhoUHdDeXFwTm1QblBEYTNyWFpRaFFMZEIxQmdhb084emdRLWMzQjQxZnhhWE1uTEhZVjktQjIwdWJvU3BKUDBCLTJWcmU5MTdlUXQxY1NEc3dER0FfWXR2bjRCU3FZVkJCMkp-V3lKRk1rRnNSemhzWTJwMFFWRnJjbGxJYmpsSWJuVlJJaXdnSW5SNWNHVWlMQ0FpVm1WeWFXWnBZV0pzWlZCeVpYTmxiblJoZEdsdmJpSmR-V3lJNU5sZFlNRFJuZW5vNGNWWnpPVlpMVTJ3d1lUVm5JaXdnSW1sa0lpd2dJbWgwZEhBNkx5OTFibWwyWlhKemFYUjVMbVY0WVcxd2JHVXZZM0psWkdWdWRHbGhiSE12TVRnM01pSmR-V3lKYWVrVTJWRlZhYW10SE1XMURXWEJLTUVobmMwbDNJaXdnSW5SNWNHVWlMQ0JiSWxabGNtbG1hV0ZpYkdWRGNtVmtaVzUwYVdGc0lpd2dJa1Y0WVcxd2JHVkJiSFZ0Ym1sRGNtVmtaVzUwYVdGc0lsMWR-V3lJdFEzTnNTMjVHWkdGWWIySmlRV3N5VTBKQlZHUjNJaXdnSW1sa0lpd2dJbVJwWkRwbGVHRnRjR3hsT21WaVptVmlNV1kzTVRKbFltTTJaakZqTWpjMlpURXlaV015TVNKZH5XeUp1Um0xT1dsOUljekIzV1dOb09GZGtlVGRuUVVOUklpd2dJbWxrSWl3Z0ltUnBaRHBsZUdGdGNHeGxPbU15TnpabE1USmxZekl4WldKbVpXSXhaamN4TW1WaVl6Wm1NU0pkfiJd~ 
{
  "kid": "ExHkBMW9fmbkvV266mRpuP2sUY_N_EWIN1lapUzO8ro",
  "alg": "ES256"
}
{
  "iat": 1745594772,
  "exp": 1746804372,
  "_sd_alg": "sha-256",
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "_sd": [
    "3hRg373aTHUnR4ock2CASa3xwiiWe8eURwV5MFTP7vQ",
    "Wobxt7GgUmEZJhBIdi2oSrh3xhKjjNWkDgskx3DI6kg"
  ]
}

声明: type

SHA-256 哈希: 3hRg373aTHUnR4ock2CASa3xwiiWe8eURwV5MFTP7vQ

披露项: WyJZM3JRNVNkUFd3YW5ieTRlMGhMSDF3IiwgInR5cGUiLCAiRW52ZWxvcGVkVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJd

内容: [
  "Y3rQ5SdPWwanby4e0hLH1w",
  "type",
  "EnvelopedVerifiablePresentation"
]

声明: id

SHA-256 哈希: Wobxt7GgUmEZJhBIdi2oSrh3xhKjjNWkDgskx3DI6kg

披露项: WyJFUWRUZEprS3Fjd3RrMkVVMUxkOTZnIiwgImlkIiwgImRhdGE6YXBwbGljYXRpb24vdnArc2Qtand0LCBleUpoYkdjaU9pSkZVek00TkNJc0ltdHBaQ0k2SWxWUlRWOWZibEUwVXpaQ1R6aHVVVFJ1VDA1WWVIQjRhSFJvYjNsT2VHSTFNMHhaWjFsNkxUSkJRbk1pTENKMGVYQWlPaUoyY0N0c1pDdHFjMjl1SzNOa0xXcDNkQ0lzSW1OMGVTSTZJblp3SzJ4a0sycHpiMjRpZlEuZXlKQVkyOXVkR1Y0ZENJNld5Sm9kSFJ3Y3pvdkwzZDNkeTUzTXk1dmNtY3Zibk12WTNKbFpHVnVkR2xoYkhNdmRqSWlMQ0pvZEhSd2N6b3ZMM2QzZHk1M015NXZjbWN2Ym5NdlkzSmxaR1Z1ZEdsaGJITXZaWGhoYlhCc1pYTXZkaklpWFN3aWRtVnlhV1pwWVdKc1pVTnlaV1JsYm5ScFlXd2lPbHQ3SWtCamIyNTBaWGgwSWpwYkltaDBkSEJ6T2k4dmQzZDNMbmN6TG05eVp5OXVjeTlqY21Wa1pXNTBhV0ZzY3k5Mk1pSXNJbWgwZEhCek9pOHZkM2QzTG5jekxtOXlaeTl1Y3k5amNtVmtaVzUwYVdGc2N5OWxlR0Z0Y0d4bGN5OTJNaUpkTENKcGMzTjFaWElpT2lKb2RIUndjem92TDNWdWFYWmxjbk5wZEhrdVpYaGhiWEJzWlM5cGMzTjFaWEp6THpVMk5UQTBPU0lzSW5aaGJHbGtSbkp2YlNJNklqSXdNVEF0TURFdE1ERlVNVGs2TWpNNk1qUmFJaXdpWTNKbFpHVnVkR2xoYkZOMVltcGxZM1FpT25zaVlXeDFiVzVwVDJZaU9uc2libUZ0WlNJNklrVjRZVzF3YkdVZ1ZXNXBkbVZ5YzJsMGVTSXNJbDl6WkNJNld5Sm9lazlMUnpVMmNESTVjMUJ5VEdGRE5VRTRSbmRGZFVjelZVMDVkVWxaVTFwMWNVOVljekpsVkdKQklsMTlMQ0pmYzJRaU9sc2lXVmRYVm1WRFJuZHhRbWs0V0RCcVNGOWpWME5XV1UxNlNUTmhPSEJqVEVWWVJXWmljRk5TUVZsbmR5SmRmU3dpWDNOa0lqcGJJakpKWmpoaGFVczRSRVp3VldKNGRFYzFjR013ZWw5U2FGSnpibTF5YkdGUk1FaHpjVGs0V0ZOeVlXc2lMQ0pVZURaNFpXWk1WVWRVWlVwZllXdFZVRmRHZUhOdmJVaG9iR3RXVm5wZk56Vm9hVlo2ZVdweVltVnpJbDE5WFN3aVgzTmtJanBiSWpkMmFubDBWVk4zWkVKME1YUTVSa3RsT1ZGZlMzSklSWGhGV0d4clRFRmFUekJLTTBKcGQyMDBkbGtpWFN3aVgzTmtYMkZzWnlJNkluTm9ZUzB5TlRZaUxDSnBZWFFpT2pFM01EWTFOakk0TkRrc0ltVjRjQ0k2TVRjek9ERTROVEkwT1N3aVkyNW1JanA3SW1wM2F5STZleUpyZEhraU9pSkZReUlzSW1OeWRpSTZJbEF0TXpnMElpd2lZV3huSWpvaVJWTXpPRFFpTENKNElqb2lkV3RFZDFVMlp6bFFVVlJGVVdoWWFFZ3lja1JaTm5kTVFsZzNVSEZsVWpaQmNHbGhWSEJFVVhvd2NsOHRkRGw2VVhOeGVtNTRaMGhFY0U1b2VrWmxReUlzSW5raU9pSk1RbmhWWW5CVmRGTkdNVlZLVlRWcFluSklka3BJTmpCVVNHNVlNazF4YTB4SFpHbHRVMWwwVUdSNFJsa3hPRWRoY2xkaVMzRlpWMGRqVWtaSFZFOUJJbjE5ZlEua1lENjNZdEJOWW5MVVR3NlN6ZjF2c19VZzNVQlhoUHdDeXFwTm1QblBEYTNyWFpRaFFMZEIxQmdhb084emdRLWMzQjQxZnhhWE1uTEhZVjktQjIwdWJvU3BKUDBCLTJWcmU5MTdlUXQxY1NEc3dER0FfWXR2bjRCU3FZVkJCMkp-V3lKRk1rRnNSemhzWTJwMFFWRnJjbGxJYmpsSWJuVlJJaXdnSW5SNWNHVWlMQ0FpVm1WeWFXWnBZV0pzWlZCeVpYTmxiblJoZEdsdmJpSmR-V3lJNU5sZFlNRFJuZW5vNGNWWnpPVlpMVTJ3d1lUVm5JaXdnSW1sa0lpd2dJbWgwZEhBNkx5OTFibWwyWlhKemFYUjVMbVY0WVcxd2JHVXZZM0psWkdWdWRHbGhiSE12TVRnM01pSmR-V3lKYWVrVTJWRlZhYW10SE1XMURXWEJLTUVobmMwbDNJaXdnSW5SNWNHVWlMQ0JiSWxabGNtbG1hV0ZpYkdWRGNtVmtaVzUwYVdGc0lpd2dJa1Y0WVcxd2JHVkJiSFZ0Ym1sRGNtVmtaVzUwYVdGc0lsMWR-V3lJdFEzTnNTMjVHWkdGWWIySmlRV3N5VTBKQlZHUjNJaXdnSW1sa0lpd2dJbVJwWkRwbGVHRnRjR3hsT21WaVptVmlNV1kzTVRKbFltTTJaakZqTWpjMlpURXlaV015TVNKZH5XeUp1Um0xT1dsOUljekIzV1dOb09GZGtlVGRuUVVOUklpd2dJbWxrSWl3Z0ltUnBaRHBsZUdGdGNHeGxPbU15TnpabE1USmxZekl4WldKbVpXSXhaamN4TW1WaVl6Wm1NU0pkfiJd

内容: [
  "EQdTdJkKqcwtk2EU1Ld96g",
  "id",
  "data:application/vp+sd-jwt, eyJhbGciOiJFUzM4NCIsImtpZCI6IlVRTV9fblE0UzZCTzhuUTRuT05YeHB4aHRob3lOeGI1M0xZZ1l6LTJBQnMiLCJ0eXAiOiJ2cCtsZCtqc29uK3NkLWp3dCIsImN0eSI6InZwK2xkK2pzb24ifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwidmVyaWZpYWJsZUNyZWRlbnRpYWwiOlt7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy9leGFtcGxlcy92MiJdLCJpc3N1ZXIiOiJodHRwczovL3VuaXZlcnNpdHkuZXhhbXBsZS9pc3N1ZXJzLzU2NTA0OSIsInZhbGlkRnJvbSI6IjIwMTAtMDEtMDFUMTk6MjM6MjRaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYWx1bW5pT2YiOnsibmFtZSI6IkV4YW1wbGUgVW5pdmVyc2l0eSIsIl9zZCI6WyJoek9LRzU2cDI5c1ByTGFDNUE4RndFdUczVU05dUlZU1p1cU9YczJlVGJBIl19LCJfc2QiOlsiWVdXVmVDRndxQmk4WDBqSF9jV0NWWU16STNhOHBjTEVYRWZicFNSQVlndyJdfSwiX3NkIjpbIjJJZjhhaUs4REZwVWJ4dEc1cGMwel9SaFJzbm1ybGFRMEhzcTk4WFNyYWsiLCJUeDZ4ZWZMVUdUZUpfYWtVUFdGeHNvbUhobGtWVnpfNzVoaVZ6eWpyYmVzIl19XSwiX3NkIjpbIjd2anl0VVN3ZEJ0MXQ5RktlOVFfS3JIRXhFWGxrTEFaTzBKM0Jpd200dlkiXSwiX3NkX2FsZyI6InNoYS0yNTYiLCJpYXQiOjE3MDY1NjI4NDksImV4cCI6MTczODE4NTI0OSwiY25mIjp7Imp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwiYWxnIjoiRVMzODQiLCJ4IjoidWtEd1U2ZzlQUVRFUWhYaEgyckRZNndMQlg3UHFlUjZBcGlhVHBEUXowcl8tdDl6UXNxem54Z0hEcE5oekZlQyIsInkiOiJMQnhVYnBVdFNGMVVKVTVpYnJIdkpINjBUSG5YMk1xa0xHZGltU1l0UGR4RlkxOEdhcldiS3FZV0djUkZHVE9BIn19fQ.kYD63YtBNYnLUTw6Szf1vs_Ug3UBXhPwCyqpNmPnPDa3rXZQhQLdB1BgaoO8zgQ-c3B41fxaXMnLHYV9-B20uboSpJP0B-2Vre917eQt1cSDswDGA_Ytvn4BSqYVBB2J~WyJFMkFsRzhsY2p0QVFrcllIbjlIbnVRIiwgInR5cGUiLCAiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJd~WyI5NldYMDRneno4cVZzOVZLU2wwYTVnIiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMTg3MiJd~WyJaekU2VFVaamtHMW1DWXBKMEhnc0l3IiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVBbHVtbmlDcmVkZW50aWFsIl1d~WyItQ3NsS25GZGFYb2JiQWsyU0JBVGR3IiwgImlkIiwgImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSJd~WyJuRm1OWl9IczB3WWNoOFdkeTdnQUNRIiwgImlkIiwgImRpZDpleGFtcGxlOmMyNzZlMTJlYzIxZWJmZWIxZjcxMmViYzZmMSJd~"
]

有关此示例的更多详细信息,请参见可验证 凭证数据模型 v2.0

实现 MUST 支持紧凑序列化 (application/sd-jwt),并且 MAY 支持 JSON 序列化 (application/sd-jwt+json)。 如果使用 JSON 序列化,则 RECOMMENDED 定义一个配置文件, 以确保所有附加 JSON 成员都能被一致地理解。

3.3 使用 COSE

COSE [RFC9052] 是一种使用 CBOR [RFC8949] 对信息进行编码和保护的常见方法。 可验证凭证 MAY 使用 COSE [RFC9052] 进行保护,并且 SHOULD 按照本节所述通过使用内容类型来标识。

3.3.1 使用 COSE 保护 JSON-LD 可验证凭证

本节详细说明如何使用 COSE 来保护 符合 [VC-DATA-MODEL-2.0] 的可验证凭证

符合一致性的 COSE 签发者实现 MUST 使用 [RFC9052] 中指定的 COSE_Sign1 来保护此媒体类型。 未受保护的可验证凭证是 未编码的 COSE_Sign1 载荷。

typ (16) 标头参数,如 COSE “typ”(类型)标头参数中所述, SHOULDapplication/vc+cosecontent type (3) 标头参数 SHOULDapplication/vccontent type (3) 标头参数是可选的,并且可以在存在更具体媒体类型时 用于表达比 application/vc 更具体的媒体类型。 有关更多详细信息,请参见通用 COSE 标头参数

符合一致性的 COSE 验证者实现 MUST 使用 [RFC9052] 中指定的 COSE_Sign1 来验证使用此媒体类型的符合一致性的 COSE 文档

当在 可验证 呈现中,将使用 COSE 保护的可验证凭证 作为 Enveloped Verifiable Credentials 包含时, 这些凭证 MUST 按 [RFC2397] 中指定使用 base64 编码。

当通过不安全信道传输受保护的可验证凭证时, 为了对其加密,实现者 MAY 使用 COSE 加密, 如 [RFC9052] 第 5 节所定义, 方法是将受保护的 可验证凭证作为已加密 COSE 对象的明文载荷嵌套。

示例 7:使用 COSE 保护的可验证凭证的简单示例 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "id": "http://university.example/credentials/3732",
  "type": ["VerifiableCredential", "ExampleDegreeCredential", "ExamplePersonCredential"],
  "issuer": "https://university.example/issuers/14",
  "validFrom": "2010-01-01T19:23:24Z",
  "credentialSubject": {
    "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
    "degree": {
      "type": "ExampleBachelorDegree",
      "name": "Bachelor of Science and Arts"
    },
    "alumniOf": {
      "name": "Example University"
    }
  },
  "credentialSchema": [{
    "id": "https://example.org/examples/degree.json",
    "type": "JsonSchema"
  },
  {
    "id": "https://example.org/examples/alumni.json",
    "type": "JsonSchema"
  }]
}
application/vc 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "id": "http://university.example/credentials/3732",
  "type": [
    "VerifiableCredential",
    "ExampleDegreeCredential",
    "ExamplePersonCredential"
  ],
  "issuer": "https://university.example/issuers/14",
  "validFrom": "2010-01-01T19:23:24Z",
  "credentialSubject": {
    "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
    "degree": {
      "type": "ExampleBachelorDegree",
      "name": "Bachelor of Science and Arts"
    },
    "alumniOf": {
      "name": "Example University"
    }
  },
  "credentialSchema": [
    {
      "id": "https://example.org/examples/degree.json",
      "type": "JsonSchema"
    },
    {
      "id": "https://example.org/examples/alumni.json",
      "type": "JsonSchema"
    }
  ]
}
application/vc+cose
d28444a1013822a059029e7b2240636f6e74657874223a5b2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f7632222c2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f6578616d706c65732f7632225d2c226964223a22687474703a2f2f756e69766572736974792e6578616d706c652f63726564656e7469616c732f33373332222c2274797065223a5b2256657269666961626c6543726564656e7469616c222c224578616d706c6544656772656543726564656e7469616c222c224578616d706c65506572736f6e43726564656e7469616c225d2c22697373756572223a2268747470733a2f2f756e69766572736974792e6578616d706c652f697373756572732f3134222c2276616c696446726f6d223a22323031302d30312d30315431393a32333a32345a222c2263726564656e7469616c5375626a656374223a7b226964223a226469643a6578616d706c653a656266656231663731326562633666316332373665313265633231222c22646567726565223a7b2274797065223a224578616d706c6542616368656c6f72446567726565222c226e616d65223a2242616368656c6f72206f6620536369656e636520616e642041727473227d2c22616c756d6e694f66223a7b226e616d65223a224578616d706c6520556e6976657273697479227d7d2c2263726564656e7469616c536368656d61223a5b7b226964223a2268747470733a2f2f6578616d706c652e6f72672f6578616d706c65732f6465677265652e6a736f6e222c2274797065223a224a736f6e536368656d61227d2c7b226964223a2268747470733a2f2f6578616d706c652e6f72672f6578616d706c65732f616c756d6e692e6a736f6e222c2274797065223a224a736f6e536368656d61227d5d7d5840be50900a466b077ece4d0bfe1e96588e048e43b6f45fbc3fb3e659a1b3f8b4431678db4d352bb933ab9aeb9010aea13bf177c775d7927ff074e3f86402fe3a97

有关此示例的更多详细信息,请参见可验证 凭证数据模型 v2.0

3.3.2 使用 COSE 保护 JSON-LD 可验证 呈现

本节详细说明如何使用 COSE 来保护 符合 [VC-DATA-MODEL-2.0] 的可验证 呈现

符合一致性的 COSE 签发者实现 MUST 使用 [RFC9052] 中指定的 COSE_Sign1 来保护此媒体类型。 未受保护的可验证 呈现是未编码的 COSE_Sign1 载荷。

typ (16) 标头参数,如 COSE “typ”(类型)标头参数中所述, SHOULDapplication/vp+cosecontent type (3) 标头参数 SHOULDapplication/vpcontent type (3) 标头参数是可选的,并且可以在存在更具体媒体类型时 用于表达比 application/vp 更具体的媒体类型。 有关更多详细信息,请参见通用 COSE 标头参数

符合一致性的 COSE 验证者实现 MUST 使用 [RFC9052] 中指定的 COSE_Sign1 来验证使用此媒体类型的符合一致性的 COSE 文档

可验证 呈现中受保护的可验证凭证 MUST 使用 [VC-DATA-MODEL-2.0] 定义的 Enveloped Verifiable Credential 类型。

可验证 呈现中的可验证呈现 MUST 使用 [VC-DATA-MODEL-2.0] 定义的 Enveloped Verifiable Presentation 类型。

可验证 呈现中的凭证 MUST 受到保护。 在此情况下,这些凭证使用 COSE 进行保护。

当通过不安全信道传输受保护的可验证 呈现时,为了对其加密, 实现者 MAY 使用 COSE 加密, 如 [RFC9052] 第 5 节所定义, 方法是将受保护的 可验证 呈现作为已加密 COSE 对象的明文载荷嵌套。

示例 8:使用 COSE 及 EnvelopedVerifiableCredential 类型保护的可验证呈现的简单示例 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "VerifiablePresentation",
  "verifiableCredential": [{
    "@context": "https://www.w3.org/ns/credentials/v2",
    "type": "EnvelopedVerifiableCredential",
    "id": "data:application/vc+sd-jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ.eyJfc2RfYWxnIjoic2hhLTI1NiIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy9leGFtcGxlcy92MiJdLCJpc3N1ZXIiOiJodHRwczovL3VuaXZlcnNpdHkuZXhhbXBsZS9pc3N1ZXJzLzU2NTA0OSIsInZhbGlkRnJvbSI6IjIwMTAtMDEtMDFUMTk6MjM6MjRaIiwiY3JlZGVudGlhbFNjaGVtYSI6eyJfc2QiOlsiNWJBeDMteHBmQWxVS0ZJOXNuM2hWQ21wR2trcUlzWmMzLUxiMzNmWmpiayIsIlpjQXZIMDhsdEJySUpmSWh0OF9tS1BfYzNscG5YMWNHclltVG8wZ1lCeTgiXX0sImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImRlZ3JlZSI6eyJuYW1lIjoiQmFjaGVsb3Igb2YgU2NpZW5jZSBhbmQgQXJ0cyIsIl9zZCI6WyJST1Q3MUl0dTNMNlVXWFVqby1oWVdJQjY3bHVPTkVEUlNCaGxEVENxVU9RIl19LCJfc2QiOlsiTUVuZXNnMlhPUk5jY3NCTWVaXzE2MDJneTQwUi00WUJ2VlIweFE4b0Y4YyJdfSwiX3NkIjpbIkVlc2Jiay1mcGZwd2ZMOXdOczFxcjZ0aU43ZnEtSXQzWVM2V3ZCbl9iWG8iLCJab1I1ZGRhckdtZk15NEhuV0xVak5URnFURjNYRjZpdFBnZnlGQkhVX3FVIl19.gw3paxbkLjpi8CTsyRpXKbC7tpVa0q2sWKSD-_dcbuZ1LpZV3oQ8Ifzcm2bE8RY3fmJgbuyA9gbPL3sQBaTzkg ~WyJSeUQxVlB4VHBvbmtPeXZpczkta293IiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMTg3MiJd~WyJfVjd1eTd3ay1RM3VZd2ZpZ0NvWUVBIiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVBbHVtbmlDcmVkZW50aWFsIl1d~WyJhazdqMTlnYVMtRDJLX2hzY3RVZGNRIiwgImlkIiwgImh0dHBzOi8vZXhhbXBsZS5vcmcvZXhhbXBsZXMvZGVncmVlLmpzb24iXQ~WyJUTjBXaXVZRkhXWkV2ZDZIQUJHQS1nIiwgInR5cGUiLCAiSnNvblNjaGVtYSJd~WyJVMnBzMkxYVERVbVh3MDcxRVBmRUpnIiwgImlkIiwgImRpZDpleGFtcGxlOjEyMyJd~WyJsQ042eTNEaTNDUk9VX3JuXzRENWRnIiwgInR5cGUiLCAiQmFjaGVsb3JEZWdyZWUiXQ~"
  }]
}
application/vp 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "VerifiablePresentation",
  "verifiableCredential": [
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "id": "data:application/vc+sd-jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ.eyJfc2RfYWxnIjoic2hhLTI1NiIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy9leGFtcGxlcy92MiJdLCJpc3N1ZXIiOiJodHRwczovL3VuaXZlcnNpdHkuZXhhbXBsZS9pc3N1ZXJzLzU2NTA0OSIsInZhbGlkRnJvbSI6IjIwMTAtMDEtMDFUMTk6MjM6MjRaIiwiY3JlZGVudGlhbFNjaGVtYSI6eyJfc2QiOlsiNWJBeDMteHBmQWxVS0ZJOXNuM2hWQ21wR2trcUlzWmMzLUxiMzNmWmpiayIsIlpjQXZIMDhsdEJySUpmSWh0OF9tS1BfYzNscG5YMWNHclltVG8wZ1lCeTgiXX0sImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImRlZ3JlZSI6eyJuYW1lIjoiQmFjaGVsb3Igb2YgU2NpZW5jZSBhbmQgQXJ0cyIsIl9zZCI6WyJST1Q3MUl0dTNMNlVXWFVqby1oWVdJQjY3bHVPTkVEUlNCaGxEVENxVU9RIl19LCJfc2QiOlsiTUVuZXNnMlhPUk5jY3NCTWVaXzE2MDJneTQwUi00WUJ2VlIweFE4b0Y4YyJdfSwiX3NkIjpbIkVlc2Jiay1mcGZwd2ZMOXdOczFxcjZ0aU43ZnEtSXQzWVM2V3ZCbl9iWG8iLCJab1I1ZGRhckdtZk15NEhuV0xVak5URnFURjNYRjZpdFBnZnlGQkhVX3FVIl19.gw3paxbkLjpi8CTsyRpXKbC7tpVa0q2sWKSD-_dcbuZ1LpZV3oQ8Ifzcm2bE8RY3fmJgbuyA9gbPL3sQBaTzkg ~WyJSeUQxVlB4VHBvbmtPeXZpczkta293IiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMTg3MiJd~WyJfVjd1eTd3ay1RM3VZd2ZpZ0NvWUVBIiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVBbHVtbmlDcmVkZW50aWFsIl1d~WyJhazdqMTlnYVMtRDJLX2hzY3RVZGNRIiwgImlkIiwgImh0dHBzOi8vZXhhbXBsZS5vcmcvZXhhbXBsZXMvZGVncmVlLmpzb24iXQ~WyJUTjBXaXVZRkhXWkV2ZDZIQUJHQS1nIiwgInR5cGUiLCAiSnNvblNjaGVtYSJd~WyJVMnBzMkxYVERVbVh3MDcxRVBmRUpnIiwgImlkIiwgImRpZDpleGFtcGxlOjEyMyJd~WyJsQ042eTNEaTNDUk9VX3JuXzRENWRnIiwgInR5cGUiLCAiQmFjaGVsb3JEZWdyZWUiXQ~;data:application/vc+sd-jwt,eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ.eyJfc2RfYWxnIjoic2hhLTI1NiIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy9leGFtcGxlcy92MiJdLCJpc3N1ZXIiOiJodHRwczovL3VuaXZlcnNpdHkuZXhhbXBsZS9pc3N1ZXJzLzU2NTA0OSIsInZhbGlkRnJvbSI6IjIwMTAtMDEtMDFUMTk6MjM6MjRaIiwiY3JlZGVudGlhbFNjaGVtYSI6eyJfc2QiOlsiNWJBeDMteHBmQWxVS0ZJOXNuM2hWQ21wR2trcUlzWmMzLUxiMzNmWmpiayIsIlpjQXZIMDhsdEJySUpmSWh0OF9tS1BfYzNscG5YMWNHclltVG8wZ1lCeTgiXX0sImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImRlZ3JlZSI6eyJuYW1lIjoiQmFjaGVsb3Igb2YgU2NpZW5jZSBhbmQgQXJ0cyIsIl9zZCI6WyJST1Q3MUl0dTNMNlVXWFVqby1oWVdJQjY3bHVPTkVEUlNCaGxEVENxVU9RIl19LCJfc2QiOlsiTUVuZXNnMlhPUk5jY3NCTWVaXzE2MDJneTQwUi00WUJ2VlIweFE4b0Y4YyJdfSwiX3NkIjpbIkVlc2Jiay1mcGZwd2ZMOXdOczFxcjZ0aU43ZnEtSXQzWVM2V3ZCbl9iWG8iLCJab1I1ZGRhckdtZk15NEhuV0xVak5URnFURjNYRjZpdFBnZnlGQkhVX3FVIl19.gw3paxbkLjpi8CTsyRpXKbC7tpVa0q2sWKSD-_dcbuZ1LpZV3oQ8Ifzcm2bE8RY3fmJgbuyA9gbPL3sQBaTzkg ~WyJSeUQxVlB4VHBvbmtPeXZpczkta293IiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMTg3MiJd~WyJfVjd1eTd3ay1RM3VZd2ZpZ0NvWUVBIiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVBbHVtbmlDcmVkZW50aWFsIl1d~WyJhazdqMTlnYVMtRDJLX2hzY3RVZGNRIiwgImlkIiwgImh0dHBzOi8vZXhhbXBsZS5vcmcvZXhhbXBsZXMvZGVncmVlLmpzb24iXQ~WyJUTjBXaXVZRkhXWkV2ZDZIQUJHQS1nIiwgInR5cGUiLCAiSnNvblNjaGVtYSJd~WyJVMnBzMkxYVERVbVh3MDcxRVBmRUpnIiwgImlkIiwgImRpZDpleGFtcGxlOjEyMyJd~WyJsQ042eTNEaTNDUk9VX3JuXzRENWRnIiwgInR5cGUiLCAiQmFjaGVsb3JEZWdyZWUiXQ~",
      "type": "EnvelopedVerifiableCredential"
    }
  ]
}
application/vp+cose
d28444a1013822a0590d1c7b2240636f6e74657874223a5b2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f7632222c2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f6578616d706c65732f7632225d2c2274797065223a2256657269666961626c6550726573656e746174696f6e222c2276657269666961626c6543726564656e7469616c223a5b7b2240636f6e74657874223a2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f7632222c226964223a22646174613a6170706c69636174696f6e2f76632b73642d6a77742c65794a72615751694f694a4665456872516b31584f575a74596d7432566a49324e6d3153634856514d6e4e565756394f583056585355347862474677565870504f484a76496977695957786e496a6f6952564d794e54596966512e65794a66633252665957786e496a6f69633268684c5449314e694973496b426a623235305a586830496a7062496d68306448427a4f693876643364334c6e637a4c6d39795a7939756379396a636d566b5a57353061574673637939324d694973496d68306448427a4f693876643364334c6e637a4c6d39795a7939756379396a636d566b5a573530615746736379396c654746746347786c637939324d694a644c434a7063334e315a5849694f694a6f64485277637a6f764c33567561585a6c636e4e7064486b755a586868625842735a53397063334e315a584a7a4c7a55324e5441304f534973496e5a6862476c6b526e4a7662534936496a49774d5441744d4445744d4446554d546b364d6a4d364d6a52614969776959334a6c5a47567564476c6862464e6a614756745953493665794a66633251694f6c73694e574a4265444d746548426d5157785653305a4a4f584e754d326857513231775232747263556c7a576d4d7a4c5578694d7a4e6d576d706961794973496c706a51585a494d44687364454a795355706d535768304f46397453314266597a4e73634735594d574e48636c6c74564738775a316c436554676958583073496d4e795a57526c626e52705957785464574a715a574e30496a7037496d526c5a334a6c5a53493665794a755957316c496a6f69516d466a61475673623349676232596755324e705a57356a5a534268626d516751584a3063794973496c397a5a43493657794a53543151334d556c3064544e4d4e6c5658574656716279316f5756644a516a593362485650546b5645556c4e436147784556454e7856553952496c31394c434a66633251694f6c7369545556755a584e6e4d6c6850556b356a59334e4354575661587a45324d444a6e655451775569303057554a32566c4977654645346230593459794a646653776958334e6b496a7062496b566c63324a696179316d63475a7764325a4d4f58644f637a4678636a5a30615534335a6e45745358517a57564d3256335a43626c3969574738694c434a61623149315a475268636b64745a6b31354e45687556307856616b3555526e4655526a4e59526a5a706446426e5a6e6c47516b685658334656496c31392e677733706178626b4c6a706938435473795270584b6243377470566130713273574b53442d5f646362755a314c705a56336f513849667a636d32624538525933666d4a6762757941396762504c3373514261547a6b67207e57794a5365555178566c423456484276626d745065585a70637a6b746132393349697767496d6c6b49697767496d6830644841364c793931626d6c325a584a7a615852354c6d5634595731776247557659334a6c5a47567564476c6862484d764d5467334d694a647e57794a66566a643165546433617931524d33565a64325a705a304e765755564249697767496e5235634755694c434262496c5a6c636d6c6d6157466962475644636d566b5a5735306157467349697767496b5634595731776247564262485674626d6c44636d566b5a57353061574673496c31647e57794a68617a64714d546c6e59564d7452444a4c5832687a593352565a474e5249697767496d6c6b49697767496d68306448427a4f6938765a586868625842735a533576636d63765a586868625842735a584d765a47566e636d566c4c6d707a6232346958517e57794a55546a42586158565a526b6858576b56325a445a4951554a485153316e49697767496e5235634755694c434169536e4e76626c4e6a6147567459534a647e57794a564d6e427a4d6b785956455256625668334d4463785256426d5255706e49697767496d6c6b49697767496d52705a44706c654746746347786c4f6a45794d794a647e57794a735130343265544e4561544e44556b395658334a75587a52454e57526e49697767496e5235634755694c434169516d466a6147567362334a455a5764795a57556958517e3b646174613a6170706c69636174696f6e2f76632b73642d6a77742c65794a72615751694f694a4665456872516b31584f575a74596d7432566a49324e6d3153634856514d6e4e565756394f583056585355347862474677565870504f484a76496977695957786e496a6f6952564d794e54596966512e65794a66633252665957786e496a6f69633268684c5449314e694973496b426a623235305a586830496a7062496d68306448427a4f693876643364334c6e637a4c6d39795a7939756379396a636d566b5a57353061574673637939324d694973496d68306448427a4f693876643364334c6e637a4c6d39795a7939756379396a636d566b5a573530615746736379396c654746746347786c637939324d694a644c434a7063334e315a5849694f694a6f64485277637a6f764c33567561585a6c636e4e7064486b755a586868625842735a53397063334e315a584a7a4c7a55324e5441304f534973496e5a6862476c6b526e4a7662534936496a49774d5441744d4445744d4446554d546b364d6a4d364d6a52614969776959334a6c5a47567564476c6862464e6a614756745953493665794a66633251694f6c73694e574a4265444d746548426d5157785653305a4a4f584e754d326857513231775232747263556c7a576d4d7a4c5578694d7a4e6d576d706961794973496c706a51585a494d44687364454a795355706d535768304f46397453314266597a4e73634735594d574e48636c6c74564738775a316c436554676958583073496d4e795a57526c626e52705957785464574a715a574e30496a7037496d526c5a334a6c5a53493665794a755957316c496a6f69516d466a61475673623349676232596755324e705a57356a5a534268626d516751584a3063794973496c397a5a43493657794a53543151334d556c3064544e4d4e6c5658574656716279316f5756644a516a593362485650546b5645556c4e436147784556454e7856553952496c31394c434a66633251694f6c7369545556755a584e6e4d6c6850556b356a59334e4354575661587a45324d444a6e655451775569303057554a32566c4977654645346230593459794a646653776958334e6b496a7062496b566c63324a696179316d63475a7764325a4d4f58644f637a4678636a5a30615534335a6e45745358517a57564d3256335a43626c3969574738694c434a61623149315a475268636b64745a6b31354e45687556307856616b3555526e4655526a4e59526a5a706446426e5a6e6c47516b685658334656496c31392e677733706178626b4c6a706938435473795270584b6243377470566130713273574b53442d5f646362755a314c705a56336f513849667a636d32624538525933666d4a6762757941396762504c3373514261547a6b67207e57794a5365555178566c423456484276626d745065585a70637a6b746132393349697767496d6c6b49697767496d6830644841364c793931626d6c325a584a7a615852354c6d5634595731776247557659334a6c5a47567564476c6862484d764d5467334d694a647e57794a66566a643165546433617931524d33565a64325a705a304e765755564249697767496e5235634755694c434262496c5a6c636d6c6d6157466962475644636d566b5a5735306157467349697767496b5634595731776247564262485674626d6c44636d566b5a57353061574673496c31647e57794a68617a64714d546c6e59564d7452444a4c5832687a593352565a474e5249697767496d6c6b49697767496d68306448427a4f6938765a586868625842735a533576636d63765a586868625842735a584d765a47566e636d566c4c6d707a6232346958517e57794a55546a42586158565a526b6858576b56325a445a4951554a485153316e49697767496e5235634755694c434169536e4e76626c4e6a6147567459534a647e57794a564d6e427a4d6b785956455256625668334d4463785256426d5255706e49697767496d6c6b49697767496d52705a44706c654746746347786c4f6a45794d794a647e57794a735130343265544e4561544e44556b395658334a75587a52454e57526e49697767496e5235634755694c434169516d466a6147567362334a455a5764795a57556958517e222c2274797065223a22456e76656c6f70656456657269666961626c6543726564656e7469616c227d5d7d584048aa5ace527e2bf29b91fb5e84434f101d848b930c0ff9e5ddd82c9b3e2087351b47d26ce2f4c8a0101b2586c9e33d9f830d100a77be54c15a8cb1a51ad68291

有关此示例的更多 详细信息,请参见可验证 凭证数据模型 v2.0

示例 9:使用 COSE 及 EnvelopedVerifiablePresentation 类型保护的可验证呈现的简单示例 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "EnvelopedVerifiablePresentation",
  "id": "data:application/vp+sd-jwt,eyJhbGciOiJFUzM4NCIsImtpZCI6IlVRTV9fblE0UzZCTzhuUTRuT05YeHB4aHRob3lOeGI1M0xZZ1l6LTJBQnMiLCJ0eXAiOiJ2cCtsZCtqc29uK3NkLWp3dCIsImN0eSI6InZwK2xkK2pzb24ifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwidmVyaWZpYWJsZUNyZWRlbnRpYWwiOlt7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy9leGFtcGxlcy92MiJdLCJpc3N1ZXIiOiJodHRwczovL3VuaXZlcnNpdHkuZXhhbXBsZS9pc3N1ZXJzLzU2NTA0OSIsInZhbGlkRnJvbSI6IjIwMTAtMDEtMDFUMTk6MjM6MjRaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYWx1bW5pT2YiOnsibmFtZSI6IkV4YW1wbGUgVW5pdmVyc2l0eSIsIl9zZCI6WyJoek9LRzU2cDI5c1ByTGFDNUE4RndFdUczVU05dUlZU1p1cU9YczJlVGJBIl19LCJfc2QiOlsiWVdXVmVDRndxQmk4WDBqSF9jV0NWWU16STNhOHBjTEVYRWZicFNSQVlndyJdfSwiX3NkIjpbIjJJZjhhaUs4REZwVWJ4dEc1cGMwel9SaFJzbm1ybGFRMEhzcTk4WFNyYWsiLCJUeDZ4ZWZMVUdUZUpfYWtVUFdGeHNvbUhobGtWVnpfNzVoaVZ6eWpyYmVzIl19XSwiX3NkIjpbIjd2anl0VVN3ZEJ0MXQ5RktlOVFfS3JIRXhFWGxrTEFaTzBKM0Jpd200dlkiXSwiX3NkX2FsZyI6InNoYS0yNTYiLCJpYXQiOjE3MDY1NjI4NDksImV4cCI6MTczODE4NTI0OSwiY25mIjp7Imp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwiYWxnIjoiRVMzODQiLCJ4IjoidWtEd1U2ZzlQUVRFUWhYaEgyckRZNndMQlg3UHFlUjZBcGlhVHBEUXowcl8tdDl6UXNxem54Z0hEcE5oekZlQyIsInkiOiJMQnhVYnBVdFNGMVVKVTVpYnJIdkpINjBUSG5YMk1xa0xHZGltU1l0UGR4RlkxOEdhcldiS3FZV0djUkZHVE9BIn19fQ.kYD63YtBNYnLUTw6Szf1vs_Ug3UBXhPwCyqpNmPnPDa3rXZQhQLdB1BgaoO8zgQ-c3B41fxaXMnLHYV9-B20uboSpJP0B-2Vre917eQt1cSDswDGA_Ytvn4BSqYVBB2J~WyJFMkFsRzhsY2p0QVFrcllIbjlIbnVRIiwgInR5cGUiLCAiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJd~WyI5NldYMDRneno4cVZzOVZLU2wwYTVnIiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMTg3MiJd~WyJaekU2VFVaamtHMW1DWXBKMEhnc0l3IiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVBbHVtbmlDcmVkZW50aWFsIl1d~WyItQ3NsS25GZGFYb2JiQWsyU0JBVGR3IiwgImlkIiwgImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSJd~WyJuRm1OWl9IczB3WWNoOFdkeTdnQUNRIiwgImlkIiwgImRpZDpleGFtcGxlOmMyNzZlMTJlYzIxZWJmZWIxZjcxMmViYzZmMSJd~"
}
application/vp 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "EnvelopedVerifiablePresentation",
  "id": "data:application/vp+sd-jwt,eyJhbGciOiJFUzM4NCIsImtpZCI6IlVRTV9fblE0UzZCTzhuUTRuT05YeHB4aHRob3lOeGI1M0xZZ1l6LTJBQnMiLCJ0eXAiOiJ2cCtsZCtqc29uK3NkLWp3dCIsImN0eSI6InZwK2xkK2pzb24ifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwidmVyaWZpYWJsZUNyZWRlbnRpYWwiOlt7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy9leGFtcGxlcy92MiJdLCJpc3N1ZXIiOiJodHRwczovL3VuaXZlcnNpdHkuZXhhbXBsZS9pc3N1ZXJzLzU2NTA0OSIsInZhbGlkRnJvbSI6IjIwMTAtMDEtMDFUMTk6MjM6MjRaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYWx1bW5pT2YiOnsibmFtZSI6IkV4YW1wbGUgVW5pdmVyc2l0eSIsIl9zZCI6WyJoek9LRzU2cDI5c1ByTGFDNUE4RndFdUczVU05dUlZU1p1cU9YczJlVGJBIl19LCJfc2QiOlsiWVdXVmVDRndxQmk4WDBqSF9jV0NWWU16STNhOHBjTEVYRWZicFNSQVlndyJdfSwiX3NkIjpbIjJJZjhhaUs4REZwVWJ4dEc1cGMwel9SaFJzbm1ybGFRMEhzcTk4WFNyYWsiLCJUeDZ4ZWZMVUdUZUpfYWtVUFdGeHNvbUhobGtWVnpfNzVoaVZ6eWpyYmVzIl19XSwiX3NkIjpbIjd2anl0VVN3ZEJ0MXQ5RktlOVFfS3JIRXhFWGxrTEFaTzBKM0Jpd200dlkiXSwiX3NkX2FsZyI6InNoYS0yNTYiLCJpYXQiOjE3MDY1NjI4NDksImV4cCI6MTczODE4NTI0OSwiY25mIjp7Imp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwiYWxnIjoiRVMzODQiLCJ4IjoidWtEd1U2ZzlQUVRFUWhYaEgyckRZNndMQlg3UHFlUjZBcGlhVHBEUXowcl8tdDl6UXNxem54Z0hEcE5oekZlQyIsInkiOiJMQnhVYnBVdFNGMVVKVTVpYnJIdkpINjBUSG5YMk1xa0xHZGltU1l0UGR4RlkxOEdhcldiS3FZV0djUkZHVE9BIn19fQ.kYD63YtBNYnLUTw6Szf1vs_Ug3UBXhPwCyqpNmPnPDa3rXZQhQLdB1BgaoO8zgQ-c3B41fxaXMnLHYV9-B20uboSpJP0B-2Vre917eQt1cSDswDGA_Ytvn4BSqYVBB2J~WyJFMkFsRzhsY2p0QVFrcllIbjlIbnVRIiwgInR5cGUiLCAiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJd~WyI5NldYMDRneno4cVZzOVZLU2wwYTVnIiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMTg3MiJd~WyJaekU2VFVaamtHMW1DWXBKMEhnc0l3IiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVBbHVtbmlDcmVkZW50aWFsIl1d~WyItQ3NsS25GZGFYb2JiQWsyU0JBVGR3IiwgImlkIiwgImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSJd~WyJuRm1OWl9IczB3WWNoOFdkeTdnQUNRIiwgImlkIiwgImRpZDpleGFtcGxlOmMyNzZlMTJlYzIxZWJmZWIxZjcxMmViYzZmMSJd~"
}
application/vp+cose
d28444a1013822a05908837b2240636f6e74657874223a5b2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f7632222c2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f6578616d706c65732f7632225d2c2274797065223a22456e76656c6f70656456657269666961626c6550726573656e746174696f6e222c226964223a22646174613a6170706c69636174696f6e2f76702b73642d6a77742c65794a68624763694f694a46557a4d344e434973496d74705a434936496c565254563966626c4530557a5a43547a68755554527554303559654842346148526f62336c4f654749314d30785a5a316c364c544a42516e4d694c434a30655841694f694a32634374735a437471633239754b334e6b4c57703364434973496d4e3065534936496e5a774b32786b4b32707a6232346966512e65794a4159323975644756346443493657794a6f64485277637a6f764c336433647935334d793576636d6376626e4d7659334a6c5a47567564476c6862484d76646a49694c434a6f64485277637a6f764c336433647935334d793576636d6376626e4d7659334a6c5a47567564476c6862484d765a586868625842735a584d76646a496958537769646d567961575a7059574a735a554e795a57526c626e5270595777694f6c7437496b426a623235305a586830496a7062496d68306448427a4f693876643364334c6e637a4c6d39795a7939756379396a636d566b5a57353061574673637939324d694973496d68306448427a4f693876643364334c6e637a4c6d39795a7939756379396a636d566b5a573530615746736379396c654746746347786c637939324d694a644c434a7063334e315a5849694f694a6f64485277637a6f764c33567561585a6c636e4e7064486b755a586868625842735a53397063334e315a584a7a4c7a55324e5441304f534973496e5a6862476c6b526e4a7662534936496a49774d5441744d4445744d4446554d546b364d6a4d364d6a52614969776959334a6c5a47567564476c6862464e31596d706c593351694f6e73695957783162573570543259694f6e7369626d46745a534936496b5634595731776247556756573570646d567963326c3065534973496c397a5a43493657794a6f656b394c527a55326344493563314279544746444e554534526e64466455637a5655303564556c5a5531703163553959637a4a6c56474a42496c31394c434a66633251694f6c736957566458566d5644526e6478516d6b34574442715346396a56304e575755313653544e684f48426a5445565952575a6963464e5351566c6e64794a646653776958334e6b496a7062496a4a4a5a6a68686155733452455a7756574a346445633163474d77656c395361464a7a626d3179624746524d45687a63546b3457464e79595773694c434a5565445a345a575a4d565564555a557066595774565546644765484e766255686f62477457566e70664e7a566f61565a3665577079596d567a496c31395853776958334e6b496a7062496a6432616e6c3056564e335a454a304d585135526b746c4f56466653334a49525868465747787254454661547a424b4d304a7064323030646c6b695853776958334e6b583246735a794936496e4e6f595330794e5459694c434a70595851694f6a45334d4459314e6a49344e446b73496d5634634349364d54637a4f4445344e5449304f5377695932356d496a7037496d70336179493665794a7264486b694f694a4651794973496d4e7964694936496c41744d7a6730496977695957786e496a6f6952564d7a4f4451694c434a34496a6f6964577445643155325a7a6c51555652465557685961456779636b525a4e6e644d516c67335548466c556a5a4263476c685648424555586f77636c387464446c3655584e78656d35345a3068456345356f656b5a6c51794973496e6b694f694a4d516e6856596e425664464e474d56564b56545670596e4a49646b70494e6a4255534735594d6b3178613078485a476c7455316c3055475234526c6b784f456468636c64695333465a5630646a556b5a4856453942496e313966512e6b594436335974424e596e4c55547736537a663176735f556733554258685077437971704e6d506e5044613372585a5168514c6442314267616f4f387a67512d6333423431667861584d6e4c485956392d42323075626f53704a5030422d325672653931376551743163534473774447415f5974766e3442537159564242324a7e57794a464d6b4673527a68735932703051564672636c6c49626a6c49626e565249697767496e5235634755694c434169566d567961575a7059574a735a5642795a584e6c626e526864476c7662694a647e577949354e6c64594d44526e656e6f3463565a7a4f565a4c553277775954566e49697767496d6c6b49697767496d6830644841364c793931626d6c325a584a7a615852354c6d5634595731776247557659334a6c5a47567564476c6862484d764d5467334d694a647e57794a61656b553256465661616d74484d5731445758424b4d45686e63306c3349697767496e5235634755694c434262496c5a6c636d6c6d6157466962475644636d566b5a5735306157467349697767496b5634595731776247564262485674626d6c44636d566b5a57353061574673496c31647e5779497451334e73533235475a47465962324a695157737955304a425647523349697767496d6c6b49697767496d52705a44706c654746746347786c4f6d56695a6d56694d5759334d544a6c596d4d325a6a466a4d6a63325a5445795a574d794d534a647e57794a75526d314f576c3949637a423357574e6f4f46646b6554646e51554e5249697767496d6c6b49697767496d52705a44706c654746746347786c4f6d4d794e7a5a6c4d544a6c597a49785a574a6d5a5749785a6a63784d6d5669597a5a6d4d534a647e222c2276657269666961626c6543726564656e7469616c223a5b5d7d58403e5b7774a6fd70c0736455e8f28c3809df399f132d5e5e66f390c7632812bd718705cb2af5acdcfb9193f274814e9fd12a872d7fbf5c44a5a0cfed3f3ef798b4

有关此示例的更多详细信息,请参见可验证 凭证数据模型 v2.0

3.3.3 COSE 标头参数和 CWT 声明

当已注册在 IANA CBOR Web Token (CWT) Claims 注册表或 IANA COSE Header Parameters 注册表中的成员出现在 COSE Header 中,或作为 CWT Claims 出现时, 应按照这些注册表中引用的规范所定义的方式解释这些成员。CBOR Web Token (CWT) [RFC8392] Claims MAYI-D.ietf-cose-cwt-claims-in-headers 中指定包含在 COSE 标头参数中。

标头参数声明以及 COSE 标头中的 CBOR Web Token (CWT) 声明 中的规范性语句适用于保护凭证和呈现。

RECOMMENDED 使用 IANA CBOR Web Token Claims 注册表和 IANA COSE Header Parameters 注册表来识别可能会与 [VC-DATA-MODEL-2.0] 定义的成员 混淆的任何声明和标头参数。 这些包括但不限于:isskidalgiatexpcnf

当存在 iat(Issued At)和/或 exp(Expiration Time)CWT 声明时,它们分别 表示签名的签发时间和过期时间。 注意,它们不同于 validFromvalidUntil 属性, 后两者定义于 有效期, 表示受保护数据的有效性。 NOT RECOMMENDED 使用 nbf(Not Before)声明, 因为试图为签名指定一个未来日期并没有多大意义。

可以存在其他成员作为标头参数和声明。 如果不能理解它们,则 MUST 忽略它们。

4. 密钥发现

要完成 验证流程, 验证者需要 获取用于保护 凭证的密码密钥。

有几种不同的方式可以发现 签发者持有者的验证密钥。

4.1 使用标头参数 和声明进行密钥发现

这些 JOSE 标头参数和 JWT 声明可供 验证者用于 发现验证密钥。

4.1.1 kid

如果 kid 出现在 JOSE HeaderCOSE Header 中, 则验证者可以 在执行 验证 流程时,将此参数用作提示,以指示哪个密钥被用于 保护该可验证凭证, 如 RFC7515 中所定义。

签发者主体的密钥 表达为 DID URL 时,kid MUST 存在。

4.1.2 iss

如果 iss 出现在 JOSE HeaderJWT ClaimsCOSE Header 中, 则验证者 可以使用此参数来获取一个 JSON Web Key,以用于 验证流程。

issuer 属性的值可以是字符串或对象。 当 issuer 值为字符串时,如果存在 iss 值, 则该值 MUSTissuer 值匹配。当 issuer 值为带有 id 值的对象时,如果存在 iss 值,则该值 MUSTissuer.id 值匹配。

如果 kid 也出现在 JOSE Header 中, 则它用于区分所使用的具体密钥。

4.1.3 cnf

如果 cnf 出现在 JOSE HeaderJWT ClaimsCOSE Header 中, 则验证者 MAY 使用此参数,以 [RFC7800] 或 [RFC8747] 中描述的方式 标识持有证明密钥,以用于 验证流程。

RECOMMENDED 使用由持有者提供给 签发者的 持有证明密钥,以在可验证凭证中建立与持有者 的密码学绑定,并且该绑定可由 验证者可验证 呈现中进行验证。

4.2 使用受控标识符 文档

受控标识符 文档与本规范一起使用时, 以下要求适用。

验证方法的 type 属性值 MUSTJsonWebKey

验证材料 MUST 表达在 JsonWebKeypublicKeyJwk 属性中。 此密钥材料会根据 JOSE 或 COSE 消息信封中的提示 (例如 kidiss)来检索。 在撰写本文时,还没有从 DID URL 或受控标识符文档中 检索 JWK 格式公钥的标准方式。

iss 缺失,并且 签发者被标识 为 [URL] 时,kid MUST 是一个绝对 [URL], 指向列在受控标识符文档DID Document 中的验证方法。

使用 [URL] 标识符时,kid RECOMMENDED 为一个绝对 [URL],并包含 [RFC7638] 中定义的 JWK Thumbprint URI。 例如: https://vendor.example/issuers/42/keys/urn:ietf:params:oauth:jwk-thumbprint:sha-256:NzbLsXh8uDCcd-6MNwXF4W_7noWXFZAfHkxZsRGC9Xs

示例 10:由受控标识符文档标识符标识的签发者 
{
  "issuer": {
    "id": "https://university.example/issuers/565049"
  }
  // ...
}
示例 11:作为受控标识符文档验证方法标识符的 kid 
{
  "alg": "ES384",
  "kid": "https://university.example/issuers/565049#key-123
}

持有者被标识 为 [URL],并且 iss 缺失时, kid MUST 是一个绝对 [URL], 指向列在受控标识符文档中的 验证方法。

示例 12:由受控标识符文档标识符标识的持有者 
{
  "holder": {
    "id": "https://university.example/issuers/565049"
  }
  // ...
}
示例 13:作为受控标识符文档验证方法标识符的 kid 
{
  "alg": "ES384",
  "kid": "https://university.example/issuers/565049#key-123
}

5. 算法

本规范可以与许多不同的密钥发现 协议一起使用。因此,验证密钥的发现 在 4. 密钥发现中描述, 并且假定在开始验证流程之前 已经成功完成。

作为一般规则,验证者 SHOULD 尽力最小化对 不受信任数据的处理。 这包括在密钥发现流程中,最小化对受保护标头、 未受保护标头或载荷的任何处理。

验证成功后,SHOULD 执行附加验证检查, 如第 5.4 验证 节所述。

以下算法的输出为:

5.1 验证使用 JOSE 保护的凭证或呈现

此算法的输入为:

在收到作为 JWT [RFC7519] 保护的可验证凭证或呈现后, 持有者或验证者遵循以下算法:

  1. 遵循 验证 JWT [RFC7519] 中定义的算法。
  2. 如果处理成功完成:
    1. status 设置为 true
    2. mediaType 设置为 vcvp
    3. document 设置为已解码的 JWS 载荷。
    4. 返回
  3. 如果处理因任何原因中止,或 JWT 被拒绝:
    1. status 设置为 false
    2. document 设置为 null
    3. mediaType 设置为 null
    4. 返回

5.2 验证使用 SD-JWT 保护的凭证或呈现

此算法的输入为:

在收到使用 [SD-JWT] 保护的可验证凭证或呈现后, 持有者或验证者遵循以下算法:

  1. 遵循 SD-JWT 中定义的算法,以验证 SD-JWT。
  2. 如果处理成功完成:
    1. status 设置为 true
    2. mediaType 设置为 vc
    3. 通过反转 [SD-JWT] 中的过程, 将 SD-JWT 载荷转换回 JWT Claims Set。将 document 设置为该 JWT Claims Set。 (有关从 JWT Claims Set 到 SD-JWT 载荷转换的示例, 请参见 SD-JWT 示例)。
    4. 返回
  3. 如果处理因任何原因中止,或 SD-JWT 被拒绝:
    1. status 设置为 false
    2. document 设置为 null
    3. mediaType 设置为 null
    4. 返回

5.3 验证使用 COSE 保护的凭证或呈现

此算法的输入为:

在收到使用 [RFC9052] 保护的可验证凭证或呈现后, 持有者或验证者遵循以下算法:

  1. 遵循 CBOR 对象签名和加密 (COSE): 结构和流程 [RFC9052] 中在 COSE_Sign1 的签名和验证流程下定义的算法。
  2. 如果处理成功完成:
    1. status 设置为 true
    2. mediaType 设置为 vcvp
    3. document 设置为已解码的 COSE_Sign1 载荷。
    4. 返回
  3. 如果处理因任何原因中止:
    1. status 设置为 false
    2. document 设置为 null
    3. mediaType 设置为 null
    4. 返回

5.4 验证

typ 所预期的所有声明 MUST 存在。 所有可理解的声明 MUST 根据 验证者的验证策略进行评估。 所有不可理解的声明 MUST 被忽略。

从验证返回的已验证 document MUST 是 格式良好的紧凑 JSON-LD 文档,如 可验证凭证数据模型 v2.0中所述。

credentialSchema 等模式扩展机制 SHOULD 被检查。 如果扩展机制的 type 不可理解, 则此属性 MUST 被忽略。

credentialStatus 等状态扩展机制 SHOULD 被检查。 如果扩展机制的 type 不可理解, 则此属性 MUST 被忽略。

根据验证者的验证策略、凭证类型 以及保护机制类型,可以应用附加的验证检查 MAY。 例如,多个凭证之间的依赖关系、 与多个凭证相关联的顺序或时间信息, 和/或多个呈现可能会导致一个原本有效的凭证 或呈现被认为无效。

6. IANA 注意事项

本节是非规范性的。

6.1 媒体类型

6.1.1 application/vc+jwt

本规范注册 application/vc+jwt 媒体类型,专门用于标识载荷符合 可验证凭证数据 模型JSON Web Token (JWT)

类型名称: application
子类型名称: vc+jwt
必需参数: N/A
可选参数: N/A
编码注意事项: binary;application/jwt 值是一系列以 base64url 编码的 值(其中某些值可以为空字符串),并由句点('.')分隔。
安全注意事项:

本规范中所定义。 另请参见 [RFC7519] 中的安全注意事项。

互操作性注意事项:

本规范中所定义。
已发布规范: https://www.w3.org/TR/vc-jose-cose
将使用此媒体的应用:

符合 [VC-DATA-MODEL-2.0] 的 W3C 可验证凭证签发者、 持有者和验证者软件, 是将使用这些媒体类型的应用之一。 符合一致性的应用类型描述见 此处此处
使用限制: N/A
附加信息:
  1. 此类型的已弃用别名:N/A
  2. 魔数:N/A
  3. 文件扩展名:N/A
  4. Macintosh 文件类型代码:N/A
  5. 对象标识符:N/A
作者: Ivan Herman ivan@w3.org
预期用途: COMMON
变更控制者: W3C 可验证凭证工作组 public-vc-wg@w3.org

6.1.2 application/vp+jwt

本规范注册 application/vp+jwt 媒体类型,专门用于标识载荷符合 可验证凭证数据模型中的可验证呈现定义JSON Web Token (JWT)

类型名称: application
子类型名称: vp+jwt
必需参数: N/A
可选参数: N/A
编码注意事项: binary;application/jwt 值是一系列以 base64url 编码的 值(其中某些值可以为空字符串),并由句点('.')分隔。
安全注意事项:

本规范中所定义。 另请参见 [RFC7519] 中的安全注意事项。

互操作性注意事项:

本规范中所定义。
已发布规范: https://www.w3.org/TR/vc-jose-cose
将使用此媒体的应用:

符合 [VC-DATA-MODEL-2.0] 的 W3C 可验证凭证签发者、 持有者和验证者软件, 是将使用这些媒体类型的 应用之一。 符合一致性的应用类型描述见 此处此处
使用限制: N/A
附加信息:
  1. 此类型的已弃用别名:N/A
  2. 魔数:N/A
  3. 文件扩展名:N/A
  4. Macintosh 文件类型代码:N/A
  5. 对象标识符:N/A
作者: Ivan Herman ivan@w3.org
预期用途: COMMON
变更控制者: W3C 可验证凭证工作组 public-vc-wg@w3.org

6.1.3 application/vc+sd-jwt

本规范注册 application/vc+sd-jwt 媒体类型,专门用于标识载荷符合 可验证凭证数据 模型JWT 选择性披露 (SD-JWT)

类型名称: application
子类型名称: vc+sd-jwt
必需参数: N/A
可选参数: N/A
编码注意事项: binary;application/sd-jwt 值是一系列以 base64url 编码的 值(其中某些值可以为空字符串),并由 句点('.')和波浪号('~')字符分隔。
安全注意事项:

本规范中所定义。 另请参见 JWT 选择性披露 (SD-JWT) 中的安全注意事项。

互操作性注意事项:

本规范中所定义。
已发布规范: https://www.w3.org/TR/vc-jose-cose
将使用此媒体的应用:

符合 [VC-DATA-MODEL-2.0] 的 W3C 可验证凭证签发者、 持有者和验证者软件, 是将使用这些媒体类型的 应用之一。 符合一致性的应用类型描述见此处此处
使用限制: N/A
附加信息:
  1. 此类型的已弃用别名:N/A
  2. 魔数:N/A
  3. 文件扩展名:N/A
  4. Macintosh 文件类型代码:N/A
  5. 对象标识符:N/A
作者: Ivan Herman ivan@w3.org
预期用途: COMMON
变更控制者: W3C 可验证凭证工作组 public-vc-wg@w3.org

6.1.4 application/vp+sd-jwt

本规范注册 application/vp+sd-jwt 媒体类型,专门用于标识载荷符合 可验证凭证数据模型中的可验证呈现定义JWT 选择性披露 (SD-JWT)

类型名称: application
子类型名称: vp+sd-jwt
必需参数: N/A
可选参数: N/A
编码注意事项: binary;application/sd-jwt 值是一系列以 base64url 编码的 值(其中某些值可以为空字符串),并由 句点('.')和波浪号('~')字符分隔。
安全注意事项:

本规范中所定义。 另请参见 JWT 选择性披露 (SD-JWT) 中的安全注意事项。

互操作性注意事项:

本规范中所定义。
已发布规范: https://www.w3.org/TR/vc-jose-cose
将使用此媒体的应用:

符合 [VC-DATA-MODEL-2.0] 的 W3C 可验证凭证签发者、 持有者和验证者软件, 是将使用这些媒体类型的应用之一。 符合一致性的应用类型描述见 此处此处
使用限制: N/A
附加信息:
  1. 此类型的已弃用别名:N/A
  2. 魔数:N/A
  3. 文件扩展名:N/A
  4. Macintosh 文件类型代码:N/A
  5. 对象标识符:N/A
作者: Ivan Herman ivan@w3.org
预期用途: COMMON
变更控制者: W3C 可验证凭证工作组 public-vc-wg@w3.org

6.1.5 application/vc+cose

本规范注册 application/vc+cose 媒体类型,专门用于标识载荷符合 可验证凭证数据 模型的 COSE 对象 [RFC9052]。

类型名称: application
子类型名称: vc+cose
必需参数: N/A
可选参数: N/A
编码注意事项: binary (CBOR)
安全注意事项:

本规范中所定义。 另请参见 [RFC9052] 中的安全注意事项。

互操作性注意事项:

本规范中所定义。
已发布规范: https://www.w3.org/TR/vc-jose-cose
将使用此媒体的应用:

符合 [VC-DATA-MODEL-2.0] 的 W3C 可验证凭证签发者、 持有者和验证者软件, 是将使用这些媒体类型的 应用之一。符合一致性的 应用类型描述见 此处此处
使用限制: N/A
附加信息:
  1. 此类型的已弃用别名:N/A
  2. 魔数:N/A
  3. 文件扩展名:N/A
  4. Macintosh 文件类型代码:N/A
  5. 对象标识符:N/A
作者: Ivan Herman ivan@w3.org
预期用途: COMMON
变更控制者: W3C 可验证凭证工作组 public-vc-wg@w3.org

6.1.6 application/vp+cose

本规范注册 application/vp+cose 媒体类型,专门用于标识载荷符合 可验证凭证数据模型中的可验证呈现定义的 COSE 对象 [RFC9052]。

类型名称: application
子类型名称: vp+cose
必需参数: N/A
可选参数: N/A
编码注意事项: binary (CBOR)
安全注意事项:

本规范中所定义。 另请参见 [RFC9052] 中的安全注意事项。

互操作性注意事项:

本规范中所定义。
已发布规范: https://www.w3.org/TR/vc-jose-cose
将使用此媒体的应用:

符合 [VC-DATA-MODEL-2.0] 的 W3C 可验证凭证签发者、 持有者和验证者软件, 是将使用这些媒体类型的应用之一。 符合一致性的应用类型描述见 此处此处
使用限制: N/A
附加信息:
  1. 此类型的已弃用别名:N/A
  2. 魔数:N/A
  3. 文件扩展名:N/A
  4. Macintosh 文件类型代码:N/A
  5. 对象标识符:N/A
作者: Ivan Herman ivan@w3.org
预期用途: COMMON
变更控制者: W3C 可验证凭证工作组 public-vc-wg@w3.org

7. 其他注意事项

本节是非规范性的。

7.1 隐私注意事项

可验证凭证通常包含敏感信息, 需要受到保护,以确保组织和个人的 隐私与安全。本节概述一些与实现者和用户 相关的隐私注意事项。

建议实现者注意并遵守 [VC-DATA-MODEL-2.0] 中列出的所有隐私 注意事项。

还建议实现者参考 JWT 规范的 隐私注意事项 一节,以及 NIST Special Publication 800-122 [[SP-800-122] “Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)” 以获取隐私指导。

除了 [VC-DATA-MODEL-2.0] 中的隐私建议之外,还给出以下 注意事项:

这些注意事项并非穷尽无遗,建议实现者和 用户查阅其他隐私资源和 最佳实践,以确保使用本规范实现的可验证 凭证的隐私和安全。

7.2 安全注意事项

本节概述本规范实现者 和用户的安全注意事项。 在使用 JOSE 或 COSE 实现可验证凭证时, 仔细考虑这些因素以确保其安全性和完整性非常重要。

在实现本规范时,必须处理与广泛密码学应用 相关的所有安全问题。 这尤其包括保护用户的非对称 私钥和对称秘密密钥,以及采用 对各种攻击的对策。 未能充分处理这些问题可能会损害 可验证凭证的安全性和完整性,并可能导致 对敏感信息的未经授权访问、修改或披露。

建议实现者遵循最佳实践和 已确立的密码学标准,以确保 密钥和其他敏感数据的安全处理。 此外,还应定期进行安全评估和审计,以 识别并处理任何漏洞或威胁。

遵循 [RFC7515] 和 [RFC7519] 中概述的所有安全注意事项。

使用 JSON-LD 时,应特别注意远程检索 上下文,并遵循 [JSON-LD11] 中指出的附加安全注意事项。

如 [RFC7515] 中指出,当使用 JSON [RFC7159] 时, 严格 校验是一项安全要求。 如果收到格式错误的 JSON,可能无法可靠地 解释生成者的意图,从而可能导致歧义或 可被利用的情形。 为防止这些风险,必须使用严格 校验所有输入数据语法的 JSON 解析器。 任何不符合 [RFC7159] 中定义的 JSON-text 语法的 JSON 输入,都必须 由 JSON 解析器整体拒绝。 未能拒绝无效输入可能会损害可验证凭证的 安全性和完整性。

7.3 无障碍性

在实现本规范时,技术实现者 考虑各种无障碍因素至关重要。 忽视无障碍问题会使相当一部分人群 无法使用相关信息。 为确保所有个人无论其能力如何都能平等访问, 遵循无障碍指南和标准非常重要, 例如 Web 内容无障碍指南 (WCAG 2.1) [WCAG21]。 在建立涉及密码学的系统时,这一点更加关键, 因为这些系统历来给辅助技术带来了挑战。

建议实现者注意并遵守 [VC-DATA-MODEL-2.0] 中列出的所有无障碍性 注意事项。

8. 示例

本节是非规范性的。

8.1 控制器

示例 14:一个最小的受控标识符文档 
{
  "id": "https://vendor.example",
}
示例 15:包含验证 方法的受控标识符文档 
{
  "id": "https://university.example/issuers/565049",
  "verificationMethod": [{
    "id": "https://university.example/issuers/565049#key-123",
    "type": "JsonWebKey",
    "controller": "https://university.example/issuers/565049",
    "publicKeyJwk": {
      "kty": "EC",
      "crv": "P-384",
      "alg": "ES384",
      "x": "PxgAmVYOQvSNcMYL2tOzoLwSWn4Ta3tIMPEUKR8pxeb-gmR11-DyKHBoIiY-2LhM",
      "y": "BZEBTkImVdpwvxR9THIRw16eblnj5-tZa7m-ww5uVd4kyPJNRoWUn2aT9ZuarAe-"
    }
  }]
}
示例 16:包含验证 关系的受控标识符文档 
{
  "id": "https://university.example/issuers/565049",
  "verificationMethod": [{
    "id": "https://university.example/issuers/565049#key-123",
    "type": "JsonWebKey",
    "controller": "https://university.example/issuers/565049",
    "publicKeyJwk": {
      "kty": "EC",
      "crv": "P-384",
      "alg": "ES384",
      "x": "PxgAmVYOQvSNcMYL2tOzoLwSWn4Ta3tIMPEUKR8pxeb-gmR11-DyKHBoIiY-2LhM",
      "y": "BZEBTkImVdpwvxR9THIRw16eblnj5-tZa7m-ww5uVd4kyPJNRoWUn2aT9ZuarAe-"
    }
  }],
  "authentication": ["https://university.example/issuers/565049#key-123"],
  "assertionMethod": ["https://university.example/issuers/565049#key-123"]
}
示例 17:可验证凭证受控标识符 文档 
{
  "@context": [
    "https://www.w3.org/ns/did/v1",
    "https://w3id.org/security/jwk/v1",
    {
        "@vocab": "https://vendor.example#"
    }
  ],
  "id": "did:web:vendor.example",
  "alsoKnownAs": ["https://vendor.example",
    "did:jwk:eyJraWQiOiJ1cm46aWV0ZjpwYXJhbXM6b2F1dGg6andrLXRodW1icHJpbnQ6c2hhLTI1NjpGZk1iek9qTW1RNGVmVDZrdndUSUpqZWxUcWpsMHhqRUlXUTJxb2JzUk1NIiwia3R5IjoiT0tQIiwiY3J2IjoiRWQyNTUxOSIsImFsZyI6IkVkRFNBIiwieCI6IkFOUmpIX3p4Y0tCeHNqUlBVdHpSYnA3RlNWTEtKWFE5QVBYOU1QMWo3azQifQ"
  ],
  "verificationMethod": [{
    "id": "#urn:ietf:params:oauth:jwk-thumbprint:sha-256:NzbLsXh8uDCcd-6MNwXF4W_7noWXFZAfHkxZsRGC9Xs",
    "type": "JsonWebKey",
    "controller": "did:web:vendor.example",
    "publicKeyJwk": {
      "kty": "EC",
      "crv": "P-521",
      "alg": "ES512",
      "x": "AFTyMw-fIYJNg6fBVJvOPOsLxmnNj8HgqMChyRL0swLaefVAc7wrWZ8okQJqMmvv03JRUp277meQZM3JcvXFkH1v",
      "y": "ALn96CrD88b4TClmkl1sk0xk2FgAIda97ZF8TUOjbeWSzbKnN2KB6pqlpbuJ2xIRXvsn5BWQVlAT2JGpGwDNMyV1"
    }
  }, {
    "id": "#z6MkhEdpG12jyQegrr62ACRmNY8gc531W2j9Xo39cHphuCEH",
    "type": "JsonWebKey2020",
    "controller": "https://vendor.example",
    "publicKeyJwk": {
      "kid": "urn:ietf:params:oauth:jwk-thumbprint:sha-256:FfMbzOjMmQ4efT6kvwTIJjelTqjl0xjEIWQ2qobsRMM",
      "kty": "OKP",
      "crv": "Ed25519",
      "alg": "EdDSA",
      "x": "ANRjH_zxcKBxsjRPUtzRbp7FSVLKJXQ9APX9MP1j7k4"
    }
  }, {
    "id": "#subject-authentication",
    "type": "JsonWebKey",
    "controller": "did:web:vendor.example",
    "publicKeyJwk": {
      "kty": "EC",
      "crv": "P-384",
      "alg": "ES384",
      "x": "PxgAmVYOQvSNcMYL2tOzoLwSWn4Ta3tIMPEUKR8pxeb-gmR11-DyKHBoIiY-2LhM",
      "y": "BZEBTkImVdpwvxR9THIRw16eblnj5-tZa7m-ww5uVd4kyPJNRoWUn2aT9ZuarAe-"
    }
  }, {
    "id": "#credential-issuance",
    "type": "JsonWebKey",
    "controller": "did:web:vendor.example",
    "publicKeyJwk": {
      "kty": "EC",
      "crv": "P-256",
      "alg": "ES256",
      "x": "MYvnaI87pfrn3FpTqW-yNiFcF1K7fedJiqapm20_q7c",
      "y": "9YEbT6Tyuc7xp9yRvhOUVKK_NIHkn5HpK9ZMgvK5pVw"
    }
  }, {
    "id": "#key-agreement",
    "type": "JsonWebKey",
    "controller": "did:web:vendor.example",
    "publicKeyJwk": {
      "kty": "OKP",
      "crv": "X25519",
      "alg": "ECDH-ES+A128KW",
      "x": "qLZkSTbstvMWPTivmiQglEFWG2Ff7gNDVoVisdZTr1I"
    }
  }],
  "authentication": ["#subject-authentication"],
  "assertionMethod": ["#credential-issuance"]
}

8.2 凭证

示例 18:包含多个 主体的可撤销凭证 
{
  "@context": ["https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "id": "https://contoso.example/credentials/23894672394",
  "type": ["VerifiableCredential", "K9UnitCredential"],
  "issuer": {
    "id": "https://contoso.example"
  },
  "validFrom": "2015-04-16T05:11:32.432Z",
  "credentialStatus": {
    "id": "https://contoso.example/credentials/status/4#273762",
    "type": "StatusList2021Entry",
    "statusPurpose": "revocation",
    "statusListIndex": "273762",
    "statusListCredential": "https://contoso.example/credentials/status/4"
  },
  "credentialSubject": [{
    "id": "did:example:1312387641",
    "type": "Person"
  }, {
    "id": "did:example:63888231",
    "type": "Dog"
  }]
}
受保护标头 
{
  "kid": "ExHkBMW9fmbkvV266mRpuP2sUY_N_EWIN1lapUzO8ro",
  "alg": "ES256"
}
application/vc 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "id": "https://contoso.example/credentials/23894672394",
  "type": [
    "VerifiableCredential",
    "K9UnitCredential"
  ],
  "issuer": {
    "id": "https://contoso.example"
  },
  "validFrom": "2015-04-16T05:11:32.432Z",
  "credentialStatus": {
    "id": "https://contoso.example/credentials/status/4#273762",
    "type": "StatusList2021Entry",
    "statusPurpose": "revocation",
    "statusListIndex": "273762",
    "statusListCredential": "https://contoso.example/credentials/status/4"
  },
  "credentialSubject": [
    {
      "id": "did:example:1312387641",
      "type": "Person"
    },
    {
      "id": "did:example:63888231",
      "type": "Dog"
    }
  ]
}
application/vc+jwt
eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ .eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaWQiOiJodHRwczovL2NvbnRvc28uZXhhbXBsZS9jcmVkZW50aWFscy8yMzg5NDY3MjM5NCIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJLOVVuaXRDcmVkZW50aWFsIl0sImlzc3VlciI6eyJpZCI6Imh0dHBzOi8vY29udG9zby5leGFtcGxlIn0sInZhbGlkRnJvbSI6IjIwMTUtMDQtMTZUMDU6MTE6MzIuNDMyWiIsImNyZWRlbnRpYWxTdGF0dXMiOnsiaWQiOiJodHRwczovL2NvbnRvc28uZXhhbXBsZS9jcmVkZW50aWFscy9zdGF0dXMvNCMyNzM3NjIiLCJ0eXBlIjoiU3RhdHVzTGlzdDIwMjFFbnRyeSIsInN0YXR1c1B1cnBvc2UiOiJyZXZvY2F0aW9uIiwic3RhdHVzTGlzdEluZGV4IjoiMjczNzYyIiwic3RhdHVzTGlzdENyZWRlbnRpYWwiOiJodHRwczovL2NvbnRvc28uZXhhbXBsZS9jcmVkZW50aWFscy9zdGF0dXMvNCJ9LCJjcmVkZW50aWFsU3ViamVjdCI6W3siaWQiOiJkaWQ6ZXhhbXBsZToxMzEyMzg3NjQxIiwidHlwZSI6IlBlcnNvbiJ9LHsiaWQiOiJkaWQ6ZXhhbXBsZTo2Mzg4ODIzMSIsInR5cGUiOiJEb2cifV19 .yQi8SfQIk9NoQJfJGJnBjFXe9kXZMMS7GvX1o_BztgC4jMMQoQiLTo2nPH_o6OP1IszRuW_M3ubRZs3WEoiZVw
application/vc 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "id": "https://contoso.example/credentials/23894672394",
  "type": [
    "VerifiableCredential",
    "K9UnitCredential"
  ],
  "issuer": {
    "id": "https://contoso.example"
  },
  "validFrom": "2015-04-16T05:11:32.432Z",
  "credentialStatus": {
    "id": "https://contoso.example/credentials/status/4#273762",
    "type": "StatusList2021Entry",
    "statusPurpose": "revocation",
    "statusListIndex": "273762",
    "statusListCredential": "https://contoso.example/credentials/status/4"
  },
  "credentialSubject": [
    {
      "id": "did:example:1312387641",
      "type": "Person"
    },
    {
      "id": "did:example:63888231",
      "type": "Dog"
    }
  ]
}
application/vc+cose
d28444a1013822a059027c7b2240636f6e74657874223a5b2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f7632222c2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f6578616d706c65732f7632225d2c226964223a2268747470733a2f2f636f6e746f736f2e6578616d706c652f63726564656e7469616c732f3233383934363732333934222c2274797065223a5b2256657269666961626c6543726564656e7469616c222c224b39556e697443726564656e7469616c225d2c22697373756572223a7b226964223a2268747470733a2f2f636f6e746f736f2e6578616d706c65227d2c2276616c696446726f6d223a22323031352d30342d31365430353a31313a33322e3433325a222c2263726564656e7469616c537461747573223a7b226964223a2268747470733a2f2f636f6e746f736f2e6578616d706c652f63726564656e7469616c732f7374617475732f3423323733373632222c2274797065223a225374617475734c69737432303231456e747279222c22737461747573507572706f7365223a227265766f636174696f6e222c227374617475734c697374496e646578223a22323733373632222c227374617475734c69737443726564656e7469616c223a2268747470733a2f2f636f6e746f736f2e6578616d706c652f63726564656e7469616c732f7374617475732f34227d2c2263726564656e7469616c5375626a656374223a5b7b226964223a226469643a6578616d706c653a31333132333837363431222c2274797065223a22506572736f6e227d2c7b226964223a226469643a6578616d706c653a3633383838323331222c2274797065223a22446f67227d5d7d58400a6163b3d6e0157f54f5075c112326aa0bfadaeae67c9a49e5028c893529adb474569b9c17eaf9d507f2932e73182867de46a7808be1650ef1ac1f75d685f075
eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ .eyJpYXQiOjE3NDU1OTQ3NzIsImV4cCI6MTc0NjgwNDM3MiwiX3NkX2FsZyI6InNoYS0yNTYiLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaXNzdWVyIjp7Il9zZCI6WyJtU2cwa1pDNzdYNmpVVkhxMklJWU55Z1NsWEtLVnpUU2RoRldvTll5eE9BIl19LCJ2YWxpZEZyb20iOiIyMDE1LTA0LTE2VDA1OjExOjMyLjQzMloiLCJjcmVkZW50aWFsU3RhdHVzIjp7InN0YXR1c1B1cnBvc2UiOiJyZXZvY2F0aW9uIiwic3RhdHVzTGlzdEluZGV4IjoiMjczNzYyIiwic3RhdHVzTGlzdENyZWRlbnRpYWwiOiJodHRwczovL2NvbnRvc28uZXhhbXBsZS9jcmVkZW50aWFscy9zdGF0dXMvNCIsIl9zZCI6WyJtdjZDZXh1LWZ3UGRMVm81WllIN3ljUzhtRkdUUVZNeFRocDJud0VDQlQ0IiwidFFhbnRYLWhoU3BPQU5PVi0xeEtGX0dSb2Y1TG5tNkpiUEtxYm9MdDdSQSJdfSwiY3JlZGVudGlhbFN1YmplY3QiOlt7Il9zZCI6WyJTTXhGcmxPY3N1UHlWTjVMUkJiVlRMWjZ4TVFxYVVCTkJTNjdrTF9YZF93IiwiVkdONDR1NXNWUWduY0VJZmdFTEplWlI5YnBlVEdjOFpBY01tVjZNUXR0ZyJdfSx7Il9zZCI6WyJNQmVfN0hLajAtUDJaZnR0dzV2WWRKMHhVZTN4dHBpMndpZGJTbndfWk9nIiwiZWMxeVVZMEM3NUo3cGd5TXpPNUR3OTBwRFVyM2ZYN1o4R3Q4d1VBSVl6SSJdfV0sIl9zZCI6WyJGSVdneTM5VXp6WjVfYU9LVjNwbzZFeWpYbUJOOWM4b0lRMmpLZV9GdGIwIiwiRm1EY2RlbUlzcGRtUU1NZXVTLTRONEo1d0NGb2JCQnVpdVVlbEdzV012VSJdfQ .iQnJDPmi4pn3fMLecrbwAqfUc0UXJWzUd4J20mUX3rRJSp74r2gRjrd1OATFkVjLsSyBAOBk3xbP5tc9nq9D7A ~WyI0SWQ0aFVoUzMxQThXelBRTlhPUWJBIiwgImlkIiwgImh0dHBzOi8vY29udG9zby5leGFtcGxlL2NyZWRlbnRpYWxzLzIzODk0NjcyMzk0Il0~WyJJSFNyZnVZR0YtcWk5OXcySWJkYUJBIiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIks5VW5pdENyZWRlbnRpYWwiXV0~WyJDeEpTQmlKeDVtdVgzZkhSRmZDYlBRIiwgImlkIiwgImh0dHBzOi8vY29udG9zby5leGFtcGxlIl0~WyJuQVhZQ29yTUNGaGRJMDhZNzh5ckNBIiwgImlkIiwgImh0dHBzOi8vY29udG9zby5leGFtcGxlL2NyZWRlbnRpYWxzL3N0YXR1cy80IzI3Mzc2MiJd~WyI1aUJCSmdual9pMkpQZHdRTTVzRlh3IiwgInR5cGUiLCAiU3RhdHVzTGlzdDIwMjFFbnRyeSJd~WyJBNzFORTByODBmN3ZCVkNrcmU0N01BIiwgImlkIiwgImRpZDpleGFtcGxlOjEzMTIzODc2NDEiXQ~WyJHaFg4N1lJMzg0cjV5b0hXOENTOEJ3IiwgInR5cGUiLCAiUGVyc29uIl0~WyJhQWxrLVhrQ0RCaFItN1Z5NnBXZmNnIiwgImlkIiwgImRpZDpleGFtcGxlOjYzODg4MjMxIl0~WyJzLTFSWGdUWVVQWGJNZ2JLMHVaX0NRIiwgInR5cGUiLCAiRG9nIl0~ 
{
  "kid": "ExHkBMW9fmbkvV266mRpuP2sUY_N_EWIN1lapUzO8ro",
  "alg": "ES256"
}
{
  "iat": 1745594772,
  "exp": 1746804372,
  "_sd_alg": "sha-256",
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "issuer": {
    "_sd": [
      "mSg0kZC77X6jUVHq2IIYNygSlXKKVzTSdhFWoNYyxOA"
    ]
  },
  "validFrom": "2015-04-16T05:11:32.432Z",
  "credentialStatus": {
    "statusPurpose": "revocation",
    "statusListIndex": "273762",
    "statusListCredential": "https://contoso.example/credentials/status/4",
    "_sd": [
      "mv6Cexu-fwPdLVo5ZYH7ycS8mFGTQVMxThp2nwECBT4",
      "tQantX-hhSpOANOV-1xKF_GRof5Lnm6JbPKqboLt7RA"
    ]
  },
  "credentialSubject": [
    {
      "_sd": [
        "SMxFrlOcsuPyVN5LRBbVTLZ6xMQqaUBNBS67kL_Xd_w",
        "VGN44u5sVQgncEIfgELJeZR9bpeTGc8ZAcMmV6MQttg"
      ]
    },
    {
      "_sd": [
        "MBe_7HKj0-P2Zfttw5vYdJ0xUe3xtpi2widbSnw_ZOg",
        "ec1yUY0C75J7pgyMzO5Dw90pDUr3fX7Z8Gt8wUAIYzI"
      ]
    }
  ],
  "_sd": [
    "FIWgy39UzzZ5_aOKV3po6EyjXmBN9c8oIQ2jKe_Ftb0",
    "FmDcdemIspdmQMMeuS-4N4J5wCFobBBuiuUelGsWMvU"
  ]
}

声明: id

SHA-256 哈希: FIWgy39UzzZ5_aOKV3po6EyjXmBN9c8oIQ2jKe_Ftb0

披露项: WyI0SWQ0aFVoUzMxQThXelBRTlhPUWJBIiwgImlkIiwgImh0dHBzOi8vY29udG9zby5leGFtcGxlL2NyZWRlbnRpYWxzLzIzODk0NjcyMzk0Il0

内容: [
  "4Id4hUhS31A8WzPQNXOQbA",
  "id",
  "https://contoso.example/credentials/23894672394"
]

声明: type

SHA-256 哈希: FmDcdemIspdmQMMeuS-4N4J5wCFobBBuiuUelGsWMvU

披露项: WyJJSFNyZnVZR0YtcWk5OXcySWJkYUJBIiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIks5VW5pdENyZWRlbnRpYWwiXV0

内容: [
  "IHSrfuYGF-qi99w2IbdaBA",
  "type",
  [
    "VerifiableCredential",
    "K9UnitCredential"
  ]
]

声明: id

SHA-256 哈希: mSg0kZC77X6jUVHq2IIYNygSlXKKVzTSdhFWoNYyxOA

披露项: WyJDeEpTQmlKeDVtdVgzZkhSRmZDYlBRIiwgImlkIiwgImh0dHBzOi8vY29udG9zby5leGFtcGxlIl0

内容: [
  "CxJSBiJx5muX3fHRFfCbPQ",
  "id",
  "https://contoso.example"
]

声明: id

SHA-256 哈希: mv6Cexu-fwPdLVo5ZYH7ycS8mFGTQVMxThp2nwECBT4

披露项: WyJuQVhZQ29yTUNGaGRJMDhZNzh5ckNBIiwgImlkIiwgImh0dHBzOi8vY29udG9zby5leGFtcGxlL2NyZWRlbnRpYWxzL3N0YXR1cy80IzI3Mzc2MiJd

内容: [
  "nAXYCorMCFhdI08Y78yrCA",
  "id",
  "https://contoso.example/credentials/status/4#273762"
]

声明: type

SHA-256 哈希: tQantX-hhSpOANOV-1xKF_GRof5Lnm6JbPKqboLt7RA

披露项: WyI1aUJCSmdual9pMkpQZHdRTTVzRlh3IiwgInR5cGUiLCAiU3RhdHVzTGlzdDIwMjFFbnRyeSJd

内容: [
  "5iBBJgnj_i2JPdwQM5sFXw",
  "type",
  "StatusList2021Entry"
]

声明: id

SHA-256 哈希: SMxFrlOcsuPyVN5LRBbVTLZ6xMQqaUBNBS67kL_Xd_w

披露项: WyJBNzFORTByODBmN3ZCVkNrcmU0N01BIiwgImlkIiwgImRpZDpleGFtcGxlOjEzMTIzODc2NDEiXQ

内容: [
  "A71NE0r80f7vBVCkre47MA",
  "id",
  "did:example:1312387641"
]

声明: type

SHA-256 哈希: VGN44u5sVQgncEIfgELJeZR9bpeTGc8ZAcMmV6MQttg

披露项: WyJHaFg4N1lJMzg0cjV5b0hXOENTOEJ3IiwgInR5cGUiLCAiUGVyc29uIl0

内容: [
  "GhX87YI384r5yoHW8CS8Bw",
  "type",
  "Person"
]

声明: id

SHA-256 哈希: MBe_7HKj0-P2Zfttw5vYdJ0xUe3xtpi2widbSnw_ZOg

披露项: WyJhQWxrLVhrQ0RCaFItN1Z5NnBXZmNnIiwgImlkIiwgImRpZDpleGFtcGxlOjYzODg4MjMxIl0

内容: [
  "aAlk-XkCDBhR-7Vy6pWfcg",
  "id",
  "did:example:63888231"
]

声明: type

SHA-256 哈希: ec1yUY0C75J7pgyMzO5Dw90pDUr3fX7Z8Gt8wUAIYzI

披露项: WyJzLTFSWGdUWVVQWGJNZ2JLMHVaX0NRIiwgInR5cGUiLCAiRG9nIl0

内容: [
  "s-1RXgTYUPXbMgbK0uZ_CQ",
  "type",
  "Dog"
]

示例 19:带有模式的凭证 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "id": "https://contoso.example/credentials/35327255",
  "type": ["VerifiableCredential", "KYCExample"],
  "issuer": "did:web:contoso.example",
  "validFrom": "2019-05-25T03:10:16.992Z",
  "validUntil": "2027-05-25T03:10:16.992Z",
  "credentialSchema": {
    "id": "https://contoso.example/bafybeigdyr...lqabf3oclgtqy55fbzdi",
    "type": "JsonSchema"
  },
  "credentialSubject": {
    "id": "did:example:1231588",
    "type": "Person"
  }
}
受保护标头 
{
  "kid": "ExHkBMW9fmbkvV266mRpuP2sUY_N_EWIN1lapUzO8ro",
  "alg": "ES256"
}
application/vc 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "id": "https://contoso.example/credentials/35327255",
  "type": [
    "VerifiableCredential",
    "KYCExample"
  ],
  "issuer": "did:web:contoso.example",
  "validFrom": "2019-05-25T03:10:16.992Z",
  "validUntil": "2027-05-25T03:10:16.992Z",
  "credentialSchema": {
    "id": "https://contoso.example/bafybeigdyr...lqabf3oclgtqy55fbzdi",
    "type": "JsonSchema"
  },
  "credentialSubject": {
    "id": "did:example:1231588",
    "type": "Person"
  }
}
application/vc+jwt
eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ .eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaWQiOiJodHRwczovL2NvbnRvc28uZXhhbXBsZS9jcmVkZW50aWFscy8zNTMyNzI1NSIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJLWUNFeGFtcGxlIl0sImlzc3VlciI6ImRpZDp3ZWI6Y29udG9zby5leGFtcGxlIiwidmFsaWRGcm9tIjoiMjAxOS0wNS0yNVQwMzoxMDoxNi45OTJaIiwidmFsaWRVbnRpbCI6IjIwMjctMDUtMjVUMDM6MTA6MTYuOTkyWiIsImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2NvbnRvc28uZXhhbXBsZS9iYWZ5YmVpZ2R5ci4uLmxxYWJmM29jbGd0cXk1NWZiemRpIiwidHlwZSI6Ikpzb25TY2hlbWEifSwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6ZXhhbXBsZToxMjMxNTg4IiwidHlwZSI6IlBlcnNvbiJ9fQ .L7mcUXK-zs1mpGF1iuelE0rr_2RYE5_BorKyYhvv4F5pezJgzH0mv6z-IC-ZXp9ZG1R1Y5k02BvHFX7_Ef5e3A
application/vc 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "id": "https://contoso.example/credentials/35327255",
  "type": [
    "VerifiableCredential",
    "KYCExample"
  ],
  "issuer": "did:web:contoso.example",
  "validFrom": "2019-05-25T03:10:16.992Z",
  "validUntil": "2027-05-25T03:10:16.992Z",
  "credentialSchema": {
    "id": "https://contoso.example/bafybeigdyr...lqabf3oclgtqy55fbzdi",
    "type": "JsonSchema"
  },
  "credentialSubject": {
    "id": "did:example:1231588",
    "type": "Person"
  }
}
application/vc+cose
d28444a1013822a05901e47b2240636f6e74657874223a5b2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f7632222c2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f6578616d706c65732f7632225d2c226964223a2268747470733a2f2f636f6e746f736f2e6578616d706c652f63726564656e7469616c732f3335333237323535222c2274797065223a5b2256657269666961626c6543726564656e7469616c222c224b59434578616d706c65225d2c22697373756572223a226469643a7765623a636f6e746f736f2e6578616d706c65222c2276616c696446726f6d223a22323031392d30352d32355430333a31303a31362e3939325a222c2276616c6964556e74696c223a22323032372d30352d32355430333a31303a31362e3939325a222c2263726564656e7469616c536368656d61223a7b226964223a2268747470733a2f2f636f6e746f736f2e6578616d706c652f62616679626569676479722e2e2e6c71616266336f636c67747179353566627a6469222c2274797065223a224a736f6e536368656d61227d2c2263726564656e7469616c5375626a656374223a7b226964223a226469643a6578616d706c653a31323331353838222c2274797065223a22506572736f6e227d7d5840d89478bd15d530c2cb8af5ad917d257590979cd5f51552effc65552df35326cd08cce2b16f8f6a14166e2b7d62e64c9ef5ab7d4fd6304629c974949299049081
eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ .eyJpYXQiOjE3NDU1OTQ3NzIsImV4cCI6MTc0NjgwNDM3MiwiX3NkX2FsZyI6InNoYS0yNTYiLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaXNzdWVyIjoiZGlkOndlYjpjb250b3NvLmV4YW1wbGUiLCJ2YWxpZEZyb20iOiIyMDE5LTA1LTI1VDAzOjEwOjE2Ljk5MloiLCJ2YWxpZFVudGlsIjoiMjAyNy0wNS0yNVQwMzoxMDoxNi45OTJaIiwiY3JlZGVudGlhbFNjaGVtYSI6eyJfc2QiOlsiSGlhclpVRzdOVkhlVHhNSmZMRkdRTi0zdm1mZDdqVUN6d213NFhid2FCNCIsIktTeTlKVGljY1BQcHBvN2tuVTRaU3FxalpubzM1UnotOVJOTjBZNUVwbmciXX0sImNyZWRlbnRpYWxTdWJqZWN0Ijp7Il9zZCI6WyJBdmplbXo3U3JsQklPcFhUb2tJU1lONGlWNkVIQ21LTDRHSk1fOU9qUHJnIiwiYWVTMGtVVEZBanZvSVBQSVRnQl9CcDg4dm9lM2ZuSHFyQ3Z4LUNKckgxOCJdfSwiX3NkIjpbIjFqaV8zOWllbnBoWEVzck9LeHB1ZGc0MEFBQi1pUTlHQzhCRHNQcTJWMWciLCJVRTlSNmt0cG5XVTBya2Y3cXBGaE9WYTE0Z2M3SDc4d2U5d1FfbEUxSVdzIl19 .y-E31PUTem9cL6n-E6nVIx5h9a8OpnrSBZ3N2Ggn5PncgPqnMROBPzp-tIhS3yfwZnQQfQnEOAuAWhz-M392xA ~WyIxZ3Mxd3lXd002RC1tVWl3U1pnYjJBIiwgImlkIiwgImh0dHBzOi8vY29udG9zby5leGFtcGxlL2NyZWRlbnRpYWxzLzM1MzI3MjU1Il0~WyJNLWlDZmZjZGdod1BFSXV2Wk9NODh3IiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIktZQ0V4YW1wbGUiXV0~WyJ6TV9PQXNIMV9WMXBpZV9fU09QX3BBIiwgImlkIiwgImh0dHBzOi8vY29udG9zby5leGFtcGxlL2JhZnliZWlnZHlyLi4ubHFhYmYzb2NsZ3RxeTU1ZmJ6ZGkiXQ~WyJnNzFUcFFIbHNoQUZjX2FhNDlTaWZ3IiwgInR5cGUiLCAiSnNvblNjaGVtYSJd~WyJ1cUZTLWZobTBkaWlTa1BjYVlFMXhRIiwgImlkIiwgImRpZDpleGFtcGxlOjEyMzE1ODgiXQ~WyJsRU5IX0ZBc253eVJkYnFSSHBkT2l3IiwgInR5cGUiLCAiUGVyc29uIl0~ 
{
  "kid": "ExHkBMW9fmbkvV266mRpuP2sUY_N_EWIN1lapUzO8ro",
  "alg": "ES256"
}
{
  "iat": 1745594772,
  "exp": 1746804372,
  "_sd_alg": "sha-256",
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "issuer": "did:web:contoso.example",
  "validFrom": "2019-05-25T03:10:16.992Z",
  "validUntil": "2027-05-25T03:10:16.992Z",
  "credentialSchema": {
    "_sd": [
      "HiarZUG7NVHeTxMJfLFGQN-3vmfd7jUCzwmw4XbwaB4",
      "KSy9JTiccPPppo7knU4ZSqqjZno35Rz-9RNN0Y5Epng"
    ]
  },
  "credentialSubject": {
    "_sd": [
      "Avjemz7SrlBIOpXTokISYN4iV6EHCmKL4GJM_9OjPrg",
      "aeS0kUTFAjvoIPPITgB_Bp88voe3fnHqrCvx-CJrH18"
    ]
  },
  "_sd": [
    "1ji_39ienphXEsrOKxpudg40AAB-iQ9GC8BDsPq2V1g",
    "UE9R6ktpnWU0rkf7qpFhOVa14gc7H78we9wQ_lE1IWs"
  ]
}

声明: id

SHA-256 哈希: 1ji_39ienphXEsrOKxpudg40AAB-iQ9GC8BDsPq2V1g

披露项: WyIxZ3Mxd3lXd002RC1tVWl3U1pnYjJBIiwgImlkIiwgImh0dHBzOi8vY29udG9zby5leGFtcGxlL2NyZWRlbnRpYWxzLzM1MzI3MjU1Il0

内容: [
  "1gs1wyWwM6D-mUiwSZgb2A",
  "id",
  "https://contoso.example/credentials/35327255"
]

声明: type

SHA-256 哈希: UE9R6ktpnWU0rkf7qpFhOVa14gc7H78we9wQ_lE1IWs

披露项: WyJNLWlDZmZjZGdod1BFSXV2Wk9NODh3IiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIktZQ0V4YW1wbGUiXV0

内容: [
  "M-iCffcdghwPEIuvZOM88w",
  "type",
  [
    "VerifiableCredential",
    "KYCExample"
  ]
]

声明: id

SHA-256 哈希: HiarZUG7NVHeTxMJfLFGQN-3vmfd7jUCzwmw4XbwaB4

披露项: WyJ6TV9PQXNIMV9WMXBpZV9fU09QX3BBIiwgImlkIiwgImh0dHBzOi8vY29udG9zby5leGFtcGxlL2JhZnliZWlnZHlyLi4ubHFhYmYzb2NsZ3RxeTU1ZmJ6ZGkiXQ

内容: [
  "zM_OAsH1_V1pie__SOP_pA",
  "id",
  "https://contoso.example/bafybeigdyr...lqabf3oclgtqy55fbzdi"
]

声明: type

SHA-256 哈希: KSy9JTiccPPppo7knU4ZSqqjZno35Rz-9RNN0Y5Epng

披露项: WyJnNzFUcFFIbHNoQUZjX2FhNDlTaWZ3IiwgInR5cGUiLCAiSnNvblNjaGVtYSJd

内容: [
  "g71TpQHlshAFc_aa49Sifw",
  "type",
  "JsonSchema"
]

声明: id

SHA-256 哈希: aeS0kUTFAjvoIPPITgB_Bp88voe3fnHqrCvx-CJrH18

披露项: WyJ1cUZTLWZobTBkaWlTa1BjYVlFMXhRIiwgImlkIiwgImRpZDpleGFtcGxlOjEyMzE1ODgiXQ

内容: [
  "uqFS-fhm0diiSkPcaYE1xQ",
  "id",
  "did:example:1231588"
]

声明: type

SHA-256 哈希: Avjemz7SrlBIOpXTokISYN4iV6EHCmKL4GJM_9OjPrg

披露项: WyJsRU5IX0ZBc253eVJkYnFSSHBkT2l3IiwgInR5cGUiLCAiUGVyc29uIl0

内容: [
  "lENH_FAsnwyRdbqRHpdOiw",
  "type",
  "Person"
]

8.3 呈现

示例 20:呈现 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "VerifiablePresentation",
  "verifiableCredential": [
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "id": "data:application/vc+cose;base64,0oREo...+Q==",
      "type": "EnvelopedVerifiableCredential"
    },
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "id": "data:application/vc+jwt,eyVjV...RMjU",
      "type": "EnvelopedVerifiableCredential"
    },
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "id": "data:application/vc+sd-jwt,eyVjV...RMjU~",
      "type": "EnvelopedVerifiableCredential"
    }
  ]
}
受保护标头 
{
  "kid": "ExHkBMW9fmbkvV266mRpuP2sUY_N_EWIN1lapUzO8ro",
  "alg": "ES256"
}
application/vp 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "VerifiablePresentation",
  "verifiableCredential": [
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "id": "data:application/vc+cose;base64url,YmFzZTY0LDBvUkVvLi4uK1E9PQ",
      "type": "EnvelopedVerifiableCredential"
    },
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "id": "data:application/vc+jwt,eyVjV...RMjU;data:application/vc+jwt,eyVjV...RMjU",
      "type": "EnvelopedVerifiableCredential"
    },
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "id": "data:application/vc+sd-jwt,eyVjV...RMjU~;data:application/vc+sd-jwt,eyVjV...RMjU~",
      "type": "EnvelopedVerifiableCredential"
    }
  ]
}
application/vp+jwt
eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ .eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwidHlwZSI6IlZlcmlmaWFibGVQcmVzZW50YXRpb24iLCJ2ZXJpZmlhYmxlQ3JlZGVudGlhbCI6W3siQGNvbnRleHQiOiJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJpZCI6ImRhdGE6YXBwbGljYXRpb24vdmMrY29zZTtiYXNlNjR1cmwsWW1GelpUWTBMREJ2VWtWdkxpNHVLMUU5UFEiLCJ0eXBlIjoiRW52ZWxvcGVkVmVyaWZpYWJsZUNyZWRlbnRpYWwifSx7IkBjb250ZXh0IjoiaHR0cHM6Ly93d3cudzMub3JnL25zL2NyZWRlbnRpYWxzL3YyIiwiaWQiOiJkYXRhOmFwcGxpY2F0aW9uL3ZjK2p3dCxleVZqVi4uLlJNalU7ZGF0YTphcHBsaWNhdGlvbi92Yytqd3QsZXlWalYuLi5STWpVIiwidHlwZSI6IkVudmVsb3BlZFZlcmlmaWFibGVDcmVkZW50aWFsIn0seyJAY29udGV4dCI6Imh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsImlkIjoiZGF0YTphcHBsaWNhdGlvbi92YytzZC1qd3QsZXlWalYuLi5STWpVfjtkYXRhOmFwcGxpY2F0aW9uL3ZjK3NkLWp3dCxleVZqVi4uLlJNalV-IiwidHlwZSI6IkVudmVsb3BlZFZlcmlmaWFibGVDcmVkZW50aWFsIn1dfQ ._D2fLzqkl79rrfiNjLKc7yQOb-wa1eu4L5quq82DqDlyWJsGju5rkc6RWWfKT_vv27fth8uh7oEWwPDr9RAhTQ
application/vp 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "VerifiablePresentation",
  "verifiableCredential": [
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "id": "data:application/vc+cose;base64url,WW1GelpUWTBMREJ2VWtWdkxpNHVLMUU5UFE",
      "type": "EnvelopedVerifiableCredential"
    },
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "id": "data:application/vc+jwt,eyVjV...RMjU;data:application/vc+jwt,eyVjV...RMjU",
      "type": "EnvelopedVerifiableCredential"
    },
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "id": "data:application/vc+sd-jwt,eyVjV...RMjU~;data:application/vc+sd-jwt,eyVjV...RMjU~",
      "type": "EnvelopedVerifiableCredential"
    }
  ]
}
application/vp+cose
d28444a1013822a05902a77b2240636f6e74657874223a5b2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f7632222c2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f6578616d706c65732f7632225d2c2274797065223a2256657269666961626c6550726573656e746174696f6e222c2276657269666961626c6543726564656e7469616c223a5b7b2240636f6e74657874223a2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f7632222c226964223a22646174613a6170706c69636174696f6e2f76632b636f73653b62617365363475726c2c57573147656c70555754424d52454a3256577457646b78704e48564c4d555535554645222c2274797065223a22456e76656c6f70656456657269666961626c6543726564656e7469616c227d2c7b2240636f6e74657874223a2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f7632222c226964223a22646174613a6170706c69636174696f6e2f76632b6a77742c6579566a562e2e2e524d6a553b646174613a6170706c69636174696f6e2f76632b6a77742c6579566a562e2e2e524d6a55222c2274797065223a22456e76656c6f70656456657269666961626c6543726564656e7469616c227d2c7b2240636f6e74657874223a2268747470733a2f2f7777772e77332e6f72672f6e732f63726564656e7469616c732f7632222c226964223a22646174613a6170706c69636174696f6e2f76632b73642d6a77742c6579566a562e2e2e524d6a557e3b646174613a6170706c69636174696f6e2f76632b73642d6a77742c6579566a562e2e2e524d6a557e222c2274797065223a22456e76656c6f70656456657269666961626c6543726564656e7469616c227d5d7d58406b63ff0e996d534bb83c906ddd9a8d1d0a286cc9e9336b3da94ddfceb9af09ff91fefd01807e8f5c3835f5131f7b7f97b300cc28cf3826369f5d290e34270712
eyJraWQiOiJFeEhrQk1XOWZtYmt2VjI2Nm1ScHVQMnNVWV9OX0VXSU4xbGFwVXpPOHJvIiwiYWxnIjoiRVMyNTYifQ .eyJpYXQiOjE3NDU1OTQ3NzIsImV4cCI6MTc0NjgwNDM3MiwiX3NkX2FsZyI6InNoYS0yNTYiLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwidmVyaWZpYWJsZUNyZWRlbnRpYWwiOlt7IkBjb250ZXh0IjoiaHR0cHM6Ly93d3cudzMub3JnL25zL2NyZWRlbnRpYWxzL3YyIiwiX3NkIjpbIkNXMnNYREtVdTJZQ2U0bG83clN6WlNGa1hhNG8xT19TQ2FlUnBlTGZQVWciLCJmaFpSeDdlZXZGNW9YV0l1OHhwUWo1dUN4N21VWnZfbXAtTkt6WnI3M0Z3Il19LHsiQGNvbnRleHQiOiJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJfc2QiOlsiMGhfM2Myb3NlZ2x1UGdMUFBuMFR5T2c0TlJWRWFQdnQyMzRBQWU1c242ayIsIk9IbHhSNTYzTENhMThyd0xuNXY5RWJMTGZBd3M3dEZfb29aM3ZlZlRwenciXX0seyJAY29udGV4dCI6Imh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsIl9zZCI6WyJiZXppN0lySTlEOGc2N0Vpa3dtMkJoNjVpSS1MZW9CX1M5NXRuNmdEWnlNIiwiaFpnNlpxQlg4dFVqMzRpZUxnU0M3SjBiNUpFN3NYaG5TMm94OXpDTUZMYyJdfV0sIl9zZCI6WyJ4Nlk2cDFwWkduVzF6aHZ6RjliV1RsWXlFSk9yTDd5NWsySGVSSmFYR0lvIl19 .-BhSlghbRw896hU-9XHB6wf6C3PrZ-pW0IZr8QW7CabHrxytjSQe78NsvMadUZw0afYfDJogqFfjzNapl1evOg ~WyJVRExLMVB5MXRhbi1fT2NSV2VxWkFRIiwgInR5cGUiLCAiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJd~WyJKazJ5OTZlcTB6QXlDbGttd0luQ3lBIiwgImlkIiwgImRhdGE6YXBwbGljYXRpb24vdmMrY29zZTtiYXNlNjR1cmwsIFdXMUdlbHBVV1RCTVJFSjJWV3RXZGt4cE5IVkxNVVU1VUZFIl0~WyJCSDVfaGZ0SHFXR1pNd2puNFJWc0J3IiwgInR5cGUiLCAiRW52ZWxvcGVkVmVyaWZpYWJsZUNyZWRlbnRpYWwiXQ~WyJWVFVsV01mbWV3Wlg5NDVyc1J5Uk9BIiwgImlkIiwgImRhdGE6YXBwbGljYXRpb24vdmMrand0LCBleVZqVi4uLlJNalU7ZGF0YTphcHBsaWNhdGlvbi92Yytqd3QsIGV5VmpWLi4uUk1qVSJd~WyJ6QVA2UUJDdVN2ZVhuSWg3RUVQeml3IiwgInR5cGUiLCAiRW52ZWxvcGVkVmVyaWZpYWJsZUNyZWRlbnRpYWwiXQ~WyJ0eF85eXpwQzlrRE82dkZsLVFyT0lBIiwgImlkIiwgImRhdGE6YXBwbGljYXRpb24vdmMrc2Qtand0LCBleVZqVi4uLlJNalV-O2RhdGE6YXBwbGljYXRpb24vdmMrc2Qtand0LCBleVZqVi4uLlJNalV-Il0~WyJMWVdtZW5EVWQ2WDduSjNtMnY4d0R3IiwgInR5cGUiLCAiRW52ZWxvcGVkVmVyaWZpYWJsZUNyZWRlbnRpYWwiXQ~ 
{
  "kid": "ExHkBMW9fmbkvV266mRpuP2sUY_N_EWIN1lapUzO8ro",
  "alg": "ES256"
}
{
  "iat": 1745594772,
  "exp": 1746804372,
  "_sd_alg": "sha-256",
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "verifiableCredential": [
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "_sd": [
        "CW2sXDKUu2YCe4lo7rSzZSFkXa4o1O_SCaeRpeLfPUg",
        "fhZRx7eevF5oXWIu8xpQj5uCx7mUZv_mp-NKzZr73Fw"
      ]
    },
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "_sd": [
        "0h_3c2osegluPgLPPn0TyOg4NRVEaPvt234AAe5sn6k",
        "OHlxR563LCa18rwLn5v9EbLLfAws7tF_ooZ3vefTpzw"
      ]
    },
    {
      "@context": "https://www.w3.org/ns/credentials/v2",
      "_sd": [
        "bezi7IrI9D8g67Eikwm2Bh65iI-LeoB_S95tn6gDZyM",
        "hZg6ZqBX8tUj34ieLgSC7J0b5JE7sXhnS2ox9zCMFLc"
      ]
    }
  ],
  "_sd": [
    "x6Y6p1pZGnW1zhvzF9bWTlYyEJOrL7y5k2HeRJaXGIo"
  ]
}

声明: type

SHA-256 哈希: x6Y6p1pZGnW1zhvzF9bWTlYyEJOrL7y5k2HeRJaXGIo

披露项: WyJVRExLMVB5MXRhbi1fT2NSV2VxWkFRIiwgInR5cGUiLCAiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJd

内容: [
  "UDLK1Py1tan-_OcRWeqZAQ",
  "type",
  "VerifiablePresentation"
]

声明: id

SHA-256 哈希: fhZRx7eevF5oXWIu8xpQj5uCx7mUZv_mp-NKzZr73Fw

披露项: WyJKazJ5OTZlcTB6QXlDbGttd0luQ3lBIiwgImlkIiwgImRhdGE6YXBwbGljYXRpb24vdmMrY29zZTtiYXNlNjR1cmwsIFdXMUdlbHBVV1RCTVJFSjJWV3RXZGt4cE5IVkxNVVU1VUZFIl0

内容: [
  "Jk2y96eq0zAyClkmwInCyA",
  "id",
  "data:application/vc+cose;base64url, WW1GelpUWTBMREJ2VWtWdkxpNHVLMUU5UFE"
]

声明: type

SHA-256 哈希: CW2sXDKUu2YCe4lo7rSzZSFkXa4o1O_SCaeRpeLfPUg

披露项: WyJCSDVfaGZ0SHFXR1pNd2puNFJWc0J3IiwgInR5cGUiLCAiRW52ZWxvcGVkVmVyaWZpYWJsZUNyZWRlbnRpYWwiXQ

内容: [
  "BH5_hftHqWGZMwjn4RVsBw",
  "type",
  "EnvelopedVerifiableCredential"
]

声明: id

SHA-256 哈希: OHlxR563LCa18rwLn5v9EbLLfAws7tF_ooZ3vefTpzw

披露项: WyJWVFVsV01mbWV3Wlg5NDVyc1J5Uk9BIiwgImlkIiwgImRhdGE6YXBwbGljYXRpb24vdmMrand0LCBleVZqVi4uLlJNalU7ZGF0YTphcHBsaWNhdGlvbi92Yytqd3QsIGV5VmpWLi4uUk1qVSJd

内容: [
  "VTUlWMfmewZX945rsRyROA",
  "id",
  "data:application/vc+jwt, eyVjV...RMjU;data:application/vc+jwt, eyVjV...RMjU"
]

声明: type

SHA-256 哈希: 0h_3c2osegluPgLPPn0TyOg4NRVEaPvt234AAe5sn6k

披露项: WyJ6QVA2UUJDdVN2ZVhuSWg3RUVQeml3IiwgInR5cGUiLCAiRW52ZWxvcGVkVmVyaWZpYWJsZUNyZWRlbnRpYWwiXQ

内容: [
  "zAP6QBCuSveXnIh7EEPziw",
  "type",
  "EnvelopedVerifiableCredential"
]

声明: id

SHA-256 哈希: bezi7IrI9D8g67Eikwm2Bh65iI-LeoB_S95tn6gDZyM

披露项: WyJ0eF85eXpwQzlrRE82dkZsLVFyT0lBIiwgImlkIiwgImRhdGE6YXBwbGljYXRpb24vdmMrc2Qtand0LCBleVZqVi4uLlJNalV-O2RhdGE6YXBwbGljYXRpb24vdmMrc2Qtand0LCBleVZqVi4uLlJNalV-Il0

内容: [
  "tx_9yzpC9kDO6vFl-QrOIA",
  "id",
  "data:application/vc+sd-jwt, eyVjV...RMjU~;data:application/vc+sd-jwt, eyVjV...RMjU~"
]

声明: type

SHA-256 哈希: hZg6ZqBX8tUj34ieLgSC7J0b5JE7sXhnS2ox9zCMFLc

披露项: WyJMWVdtZW5EVWQ2WDduSjNtMnY4d0R3IiwgInR5cGUiLCAiRW52ZWxvcGVkVmVyaWZpYWJsZUNyZWRlbnRpYWwiXQ

内容: [
  "LYWmenDUd6X7nJ3m2v8wDw",
  "type",
  "EnvelopedVerifiableCredential"
]

8.4 Data URI

示例 21:一个简单的 URI 编码 SD-JWT 可验证 凭证 
data:application/vc+sd-jwt,eyJhbGciOiJFUzM4NCIsImtpZCI6IlNJM1JITm91aDhvODFOT09OUFFVQUw3RWdaLWtJNl94ajlvUkV2WDF4T3ciLCJ0eXAiOiJ2YytsZCtqc29uK3NkLWp3dCIsImN0eSI6InZjK2xkK2pzb24ifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaXNzdWVyIjoiaHR0cHM6Ly91bml2ZXJzaXR5LmV4YW1wbGUvaXNzdWVycy81NjUwNDkiLCJ2YWxpZEZyb20iOiIyMDEwLTAxLTAxVDE5OjIzOjI0WiIsImNyZWRlbnRpYWxTY2hlbWEiOnsiX3NkIjpbIkU3dU1sSWFyS29iYXJTdEZGRjctZm5qaV9sQVdnM3BGMkV5dVc4dWFYakUiLCJYelRaSVgyNGdDSWxSQVFHclFoNU5FRm1XWkQtZ3Z3dkIybzB5Y0FwNFZzIl19LCJjcmVkZW50aWFsU3ViamVjdCI6eyJkZWdyZWUiOnsibmFtZSI6IkJhY2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMiLCJfc2QiOlsiT3oxUEZIMG0tWk9TdEhwUVZyeGlmVlpKRzhvNmlQQmNnLVZ2SXQwd2plcyJdfSwiX3NkIjpbIkVZQ1daMTZZMHB5X1VNNzRHU3NVYU9zT19mdDExTlVSaFFUTS1TT1lFTVEiXX0sIl9zZCI6WyJqT055NnZUbGNvVlAzM25oSTdERGN3ekVka3d2R3VVRXlLUjdrWEVLd3VVIiwid21BdHpwc0dRbDJveS1PY2JrSEVZcE8xb3BoX3VYcWVWVTRKekF0aFFibyJdLCJfc2RfYWxnIjoic2hhLTI1NiIsImlzcyI6Imh0dHBzOi8vdW5pdmVyc2l0eS5leGFtcGxlL2lzc3VlcnMvNTY1MDQ5IiwiaWF0IjoxNjk3Mjg5OTk2LCJleHAiOjE3Mjg5MTIzOTYsImNuZiI6eyJqd2siOnsia3R5IjoiRUMiLCJjcnYiOiJQLTM4NCIsImFsZyI6IkVTMzg0IiwieCI6InZFdV84WGxZT0ZFU2hTcVRpZ2JSYWduZ0ZGM1p5U0xrclNHekh3azFBT1loanhlazVhV21HY2UwZU05S0pWOEIiLCJ5IjoiRUpNY2czWXBzUTB3M2RLNHlVa25QczE1Z0lsY2Yyay03dzFKLTNlYlBiOERENmQtUkhBeGUwMDkzSWpfdTRCOSJ9fX0.rYzbxb6j1dwop8_s491iArVVJNm6A6C3b742gOm_qYO3zdkyQU4_VxxOSJ8ECcmWj2r5KyiCNC1ojfO4Yms-zBsjt7PoMYpYWBplsqXpiIvnehmM7D0eOLi40uHXki0X~WyJSWTg1YTZNMmEwX3VDWlFTVGZmTFdRIiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMTg3MiJd~WyJMeG5GYTBXVm8wRUluVy1QdS1fd1dRIiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVBbHVtbmlDcmVkZW50aWFsIl1d~WyJUQVdrakpCaVpxdC1rVU54X1EweUJBIiwgImlkIiwgImh0dHBzOi8vZXhhbXBsZS5vcmcvZXhhbXBsZXMvZGVncmVlLmpzb24iXQ~WyJTd2xuZFpPZzZEZ1ZERFp5X0RvYVFBIiwgInR5cGUiLCAiSnNvblNjaGVtYSJd~WyJuSnJlU3E1Nzg3RGZMSDJCbU03cXFRIiwgImlkIiwgImRpZDpleGFtcGxlOjEyMyJd~WyIxMjNNd3hNcHRiek02YUk2aW03ME1RIiwgInR5cGUiLCAiQmFjaGVsb3JEZWdyZWUiXQ~
示例 22:一个简单的 URI 编码 SD-JWT 可验证 呈现 
data:application/vp+sd-jwt,eyJhbGciOiJFUzM4NCIsImtpZCI6IlNJM1JITm91aDhvODFOT09OUFFVQUw3RWdaLWtJNl94ajlvUkV2WDF4T3ciLCJ0eXAiOiJ2YytsZCtqc29uK3NkLWp3dCIsImN0eSI6InZjK2xkK2pzb24ifQ.eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiLCJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvZXhhbXBsZXMvdjIiXSwiaXNzdWVyIjoiaHR0cHM6Ly91bml2ZXJzaXR5LmV4YW1wbGUvaXNzdWVycy81NjUwNDkiLCJ2YWxpZEZyb20iOiIyMDEwLTAxLTAxVDE5OjIzOjI0WiIsImNyZWRlbnRpYWxTY2hlbWEiOnsiX3NkIjpbIkU3dU1sSWFyS29iYXJTdEZGRjctZm5qaV9sQVdnM3BGMkV5dVc4dWFYakUiLCJYelRaSVgyNGdDSWxSQVFHclFoNU5FRm1XWkQtZ3Z3dkIybzB5Y0FwNFZzIl19LCJjcmVkZW50aWFsU3ViamVjdCI6eyJkZWdyZWUiOnsibmFtZSI6IkJhY2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMiLCJfc2QiOlsiT3oxUEZIMG0tWk9TdEhwUVZyeGlmVlpKRzhvNmlQQmNnLVZ2SXQwd2plcyJdfSwiX3NkIjpbIkVZQ1daMTZZMHB5X1VNNzRHU3NVYU9zT19mdDExTlVSaFFUTS1TT1lFTVEiXX0sIl9zZCI6WyJqT055NnZUbGNvVlAzM25oSTdERGN3ekVka3d2R3VVRXlLUjdrWEVLd3VVIiwid21BdHpwc0dRbDJveS1PY2JrSEVZcE8xb3BoX3VYcWVWVTRKekF0aFFibyJdLCJfc2RfYWxnIjoic2hhLTI1NiIsImlzcyI6Imh0dHBzOi8vdW5pdmVyc2l0eS5leGFtcGxlL2lzc3VlcnMvNTY1MDQ5IiwiaWF0IjoxNjk3Mjg5OTk2LCJleHAiOjE3Mjg5MTIzOTYsImNuZiI6eyJqd2siOnsia3R5IjoiRUMiLCJjcnYiOiJQLTM4NCIsImFsZyI6IkVTMzg0IiwieCI6InZFdV84WGxZT0ZFU2hTcVRpZ2JSYWduZ0ZGM1p5U0xrclNHekh3azFBT1loanhlazVhV21HY2UwZU05S0pWOEIiLCJ5IjoiRUpNY2czWXBzUTB3M2RLNHlVa25QczE1Z0lsY2Yyay03dzFKLTNlYlBiOERENmQtUkhBeGUwMDkzSWpfdTRCOSJ9fX0.rYzbxb6j1dwop8_s491iArVVJNm6A6C3b742gOm_qYO3zdkyQU4_VxxOSJ8ECcmWj2r5KyiCNC1ojfO4Yms-zBsjt7PoMYpYWBplsqXpiIvnehmM7D0eOLi40uHXki0X~WyJTd2xuZFpPZzZEZ1ZERFp5X0RvYVFBIiwgInR5cGUiLCAiSnNvblNjaGVtYSJd~WyIxMjNNd3hNcHRiek02YUk2aW03ME1RIiwgInR5cGUiLCAiQmFjaGVsb3JEZWdyZWUiXQ~WyJMeG5GYTBXVm8wRUluVy1QdS1fd1dRIiwgInR5cGUiLCBbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwgIkV4YW1wbGVBbHVtbmlDcmVkZW50aWFsIl1d~WyJSWTg1YTZNMmEwX3VDWlFTVGZmTFdRIiwgImlkIiwgImh0dHA6Ly91bml2ZXJzaXR5LmV4YW1wbGUvY3JlZGVudGlhbHMvMTg3MiJd~eyJhbGciOiJFUzM4NCIsInR5cCI6ImtiK2p3dCJ9.eyJub25jZSI6IkVmeTROTFJPX3ZvSkszdDIzcUNfQlEiLCJhdWQiOiJodHRwczovL3ZlcmlmaWVyLmV4YW1wbGUiLCJpYXQiOjE2OTcyODk5OTZ9.6G-1nVcrDKFzR6BdbcFHcbtassEb8NZ7ZavTYz3SJ-e4pXleXs0tNcCkUCwMI70gsuOY0AXzeDPbHjp5GKyLDVuNWgWCt3Wo2VSaCwUkyfLyvhkCsmkF9kvFhMIOhp1i~
示例 23:一个简单的 URI 编码 COSE 可验证 呈现 
data:application/vp+cose;base64,0oREoQE4IqBZDSJ7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy9leGFtcGxlcy92MiJdLCJ0eXBlIjoiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiIsInZlcmlmaWFibGVDcmVkZW50aWFsIjpbeyJAY29udGV4dCI6Imh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy92MiIsImlkIjoiZGF0YTphcHBsaWNhdGlvbi92Yy1sZCtzZC1qd3QsZXlKcmFXUWlPaUpGZUVoclFrMVhPV1p0WW10MlZqSTJObTFTY0hWUU1uTlZXVjlPWDBWWFNVNHhiR0Z3VlhwUE9ISnZJaXdpWVd4bklqb2lSVk15TlRZaWZRLmV5SmZjMlJmWVd4bklqb2ljMmhoTFRJMU5pSXNJa0JqYjI1MFpYaDBJanBiSW1oMGRIQnpPaTh2ZDNkM0xuY3pMbTl5Wnk5dWN5OWpjbVZrWlc1MGFXRnNjeTkyTWlJc0ltaDBkSEJ6T2k4dmQzZDNMbmN6TG05eVp5OXVjeTlqY21Wa1pXNTBhV0ZzY3k5bGVHRnRjR3hsY3k5Mk1pSmRMQ0pwYzNOMVpYSWlPaUpvZEhSd2N6b3ZMM1Z1YVhabGNuTnBkSGt1WlhoaGJYQnNaUzlwYzNOMVpYSnpMelUyTlRBME9TSXNJblpoYkdsa1JuSnZiU0k2SWpJd01UQXRNREV0TURGVU1UazZNak02TWpSYUlpd2lZM0psWkdWdWRHbGhiRk5qYUdWdFlTSTZleUpmYzJRaU9sc2lOV0pCZURNdGVIQm1RV3hWUzBaSk9YTnVNMmhXUTIxd1IydHJjVWx6V21NekxVeGlNek5tV21waWF5SXNJbHBqUVhaSU1EaHNkRUp5U1VwbVNXaDBPRjl0UzFCZll6TnNjRzVZTVdOSGNsbHRWRzh3WjFsQ2VUZ2lYWDBzSW1OeVpXUmxiblJwWVd4VGRXSnFaV04wSWpwN0ltUmxaM0psWlNJNmV5SnVZVzFsSWpvaVFtRmphR1ZzYjNJZ2IyWWdVMk5wWlc1alpTQmhibVFnUVhKMGN5SXNJbDl6WkNJNld5SlNUMVEzTVVsMGRUTk1ObFZYV0ZWcWJ5MW9XVmRKUWpZM2JIVlBUa1ZFVWxOQ2FHeEVWRU54VlU5UklsMTlMQ0pmYzJRaU9sc2lUVVZ1WlhObk1saFBVazVqWTNOQ1RXVmFYekUyTURKbmVUUXdVaTAwV1VKMlZsSXdlRkU0YjBZNFl5SmRmU3dpWDNOa0lqcGJJa1ZsYzJKaWF5MW1jR1p3ZDJaTU9YZE9jekZ4Y2paMGFVNDNabkV0U1hReldWTTJWM1pDYmw5aVdHOGlMQ0phYjFJMVpHUmhja2R0WmsxNU5FaHVWMHhWYWs1VVJuRlVSak5ZUmpacGRGQm5abmxHUWtoVlgzRlZJbDE5Lmd3M3BheGJrTGpwaThDVHN5UnBYS2JDN3RwVmEwcTJzV0tTRC1fZGNidVoxTHBaVjNvUThJZnpjbTJiRThSWTNmbUpnYnV5QTlnYlBMM3NRQmFUemtnIH5XeUpTZVVReFZsQjRWSEJ2Ym10UGVYWnBjemt0YTI5M0lpd2dJbWxrSWl3Z0ltaDBkSEE2THk5MWJtbDJaWEp6YVhSNUxtVjRZVzF3YkdVdlkzSmxaR1Z1ZEdsaGJITXZNVGczTWlKZH5XeUpmVmpkMWVUZDNheTFSTTNWWmQyWnBaME52V1VWQklpd2dJblI1Y0dVaUxDQmJJbFpsY21sbWFXRmliR1ZEY21Wa1pXNTBhV0ZzSWl3Z0lrVjRZVzF3YkdWQmJIVnRibWxEY21Wa1pXNTBhV0ZzSWwxZH5XeUpoYXpkcU1UbG5ZVk10UkRKTFgyaHpZM1JWWkdOUklpd2dJbWxrSWl3Z0ltaDBkSEJ6T2k4dlpYaGhiWEJzWlM1dmNtY3ZaWGhoYlhCc1pYTXZaR1ZuY21WbExtcHpiMjRpWFF+V3lKVVRqQlhhWFZaUmtoWFdrVjJaRFpJUVVKSFFTMW5JaXdnSW5SNWNHVWlMQ0FpU25OdmJsTmphR1Z0WVNKZH5XeUpWTW5Cek1reFlWRVJWYlZoM01EY3hSVkJtUlVwbklpd2dJbWxrSWl3Z0ltUnBaRHBsZUdGdGNHeGxPakV5TXlKZH5XeUpzUTA0MmVUTkVhVE5EVWs5VlgzSnVYelJFTldSbklpd2dJblI1Y0dVaUxDQWlRbUZqYUdWc2IzSkVaV2R5WldVaVhRfjtkYXRhOmFwcGxpY2F0aW9uL3ZjLWxkK3NkLWp3dCxleUpyYVdRaU9pSkZlRWhyUWsxWE9XWnRZbXQyVmpJMk5tMVNjSFZRTW5OVldWOU9YMFZYU1U0eGJHRndWWHBQT0hKdklpd2lZV3huSWpvaVJWTXlOVFlpZlEuZXlKZmMyUmZZV3huSWpvaWMyaGhMVEkxTmlJc0lrQmpiMjUwWlhoMElqcGJJbWgwZEhCek9pOHZkM2QzTG5jekxtOXlaeTl1Y3k5amNtVmtaVzUwYVdGc2N5OTJNaUlzSW1oMGRIQnpPaTh2ZDNkM0xuY3pMbTl5Wnk5dWN5OWpjbVZrWlc1MGFXRnNjeTlsZUdGdGNHeGxjeTkyTWlKZExDSnBjM04xWlhJaU9pSm9kSFJ3Y3pvdkwzVnVhWFpsY25OcGRIa3VaWGhoYlhCc1pTOXBjM04xWlhKekx6VTJOVEEwT1NJc0luWmhiR2xrUm5KdmJTSTZJakl3TVRBdE1ERXRNREZVTVRrNk1qTTZNalJhSWl3aVkzSmxaR1Z1ZEdsaGJGTmphR1Z0WVNJNmV5SmZjMlFpT2xzaU5XSkJlRE10ZUhCbVFXeFZTMFpKT1hOdU0yaFdRMjF3UjJ0cmNVbHpXbU16TFV4aU16Tm1XbXBpYXlJc0lscGpRWFpJTURoc2RFSnlTVXBtU1doME9GOXRTMUJmWXpOc2NHNVlNV05IY2xsdFZHOHdaMWxDZVRnaVhYMHNJbU55WldSbGJuUnBZV3hUZFdKcVpXTjBJanA3SW1SbFozSmxaU0k2ZXlKdVlXMWxJam9pUW1GamFHVnNiM0lnYjJZZ1UyTnBaVzVqWlNCaGJtUWdRWEowY3lJc0lsOXpaQ0k2V3lKU1QxUTNNVWwwZFROTU5sVlhXRlZxYnkxb1dWZEpRalkzYkhWUFRrVkVVbE5DYUd4RVZFTnhWVTlSSWwxOUxDSmZjMlFpT2xzaVRVVnVaWE5uTWxoUFVrNWpZM05DVFdWYVh6RTJNREpuZVRRd1VpMDBXVUoyVmxJd2VGRTRiMFk0WXlKZGZTd2lYM05rSWpwYklrVmxjMkppYXkxbWNHWndkMlpNT1hkT2N6RnhjalowYVU0M1puRXRTWFF6V1ZNMlYzWkNibDlpV0c4aUxDSmFiMUkxWkdSaGNrZHRaazE1TkVodVYweFZhazVVUm5GVVJqTllSalpwZEZCblpubEdRa2hWWDNGVklsMTkuZ3czcGF4YmtManBpOENUc3lScFhLYkM3dHBWYTBxMnNXS1NELV9kY2J1WjFMcFpWM29ROElmemNtMmJFOFJZM2ZtSmdidXlBOWdiUEwzc1FCYVR6a2cgfld5SlNlVVF4VmxCNFZIQnZibXRQZVhacGN6a3RhMjkzSWl3Z0ltbGtJaXdnSW1oMGRIQTZMeTkxYm1sMlpYSnphWFI1TG1WNFlXMXdiR1V2WTNKbFpHVnVkR2xoYkhNdk1UZzNNaUpkfld5SmZWamQxZVRkM2F5MVJNM1ZaZDJacFowTnZXVVZCSWl3Z0luUjVjR1VpTENCYklsWmxjbWxtYVdGaWJHVkRjbVZrWlc1MGFXRnNJaXdnSWtWNFlXMXdiR1ZCYkhWdGJtbERjbVZrWlc1MGFXRnNJbDFkfld5SmhhemRxTVRsbllWTXRSREpMWDJoelkzUlZaR05SSWl3Z0ltbGtJaXdnSW1oMGRIQnpPaTh2WlhoaGJYQnNaUzV2Y21jdlpYaGhiWEJzWlhNdlpHVm5jbVZsTG1wemIyNGlYUX5XeUpUUGpCWGFYVlpSa2hYV2tWMlpEWklRVUpIUVMxbklpd2dJblI1Y0dVaUxDQWlTbk52YmxOamFHVnRZU0pkfld5SlZNbkJ6TWt4WVZFUlZiVmgzTURjeFJWQm1SVXBuSWl3Z0ltbGtJaXdnSW1ScFpEcGxlR0Z0Y0d4bE9qRXlNeUpkfld5SnNRMDQyZVRORWFUTkRVazlWWDNKdVh6UkVOV1JuSWl3Z0luUjVjR1VpTENBaVFtRmphR1ZzYjNKRVpXZHlaV1VpWFF+IiwidHlwZSI6IkVudmVsb3BlZFZlcmlmaWFibGVDcmVkZW50aWFsIn1dfVhA4c9H+cu0VfS8NsItpzbB1mpvjP5y2DCxTCW+bY6/4SNPCaeP+uR+JRpJ+GzVNz7/W7ZlHoXguhgBBjWhlnhh+Q==

8.5 COSE 示例

这些示例依赖于 CBOR 诊断表示法。 请记住,所有实际交换始终以二进制格式发生。

示例 24:用于可验证凭证的 COSE Sign 1 受保护标头 
{                                   / Protected                     /
  1: -35,                           / Algorithm                     /
  3: application/vc,                / Content type                  /
  4: h'177f12cb...1933d554',        / Key identifier                /
  15: {                             / CWT Claims                    /
    1: urn:example:123,             / Issuer                        /
    2: urn:example:456,             / Subject                       /
  },
}
示例 25:用于可验证呈现的 COSE Sign 1 受保护标头 
{                                   / Protected                     /
  1: -35,                           / Algorithm                     /
  3: application/vp,                / Content type                  /
  4: h'177f12cb...1933d554',        / Key identifier                /
  15: {                             / CWT Claims                    /
    1: urn:example:123,             / Issuer                        /
    2: urn:example:456,             / Subject                       /
  },
}
示例 26:带有附加载荷的 COSE Sign 1 
18(                                 / COSE Sign 1                   /
    [
      h'a4013822...3a343536',       / Protected Header              /
      {}                            / Unprotected Header            /
      h'0fbe22a0...3a009118',       / Attached payload              /
      h'09772c7f...5c4e736f'        / Signature                     /
    ]
)

载荷可以是 保护机制中所述的凭证或呈现。

A. 修订历史

本节是非规范性的。

本节描述了对本规范所做的实质性更改。

首个候选推荐标准以来的更改:

B. 致谢

本节是非规范性的。

工作组感谢 Orie Steele 对本规范所做的实质性思想 和内容贡献。 没有他们,本规范将不会是现在这样。

C. 参考文献

C.1 规范性参考文献

[CID-1.0]
受控标识符 v1.0. Michael Jones; Manu Sporny. W3C. 2025 年 5 月 15 日. W3C 推荐标准. URL:https://www.w3.org/TR/cid-1.0/
[DID-CORE]
去中心化标识符 (DIDs) v1.0. Manu Sporny; Amy Guy; Markus Sabadello; Drummond Reed. W3C. 2022 年 7 月 19 日. W3C 推荐标准. URL: https://www.w3.org/TR/did-core/
[JSON-LD11]
JSON-LD 1.1. Gregg Kellogg; Pierre-Antoine Champin; Dave Longley. W3C. 2020 年 7 月 16 日. W3C 推荐标准. URL:https://www.w3.org/TR/json-ld11/
[RFC2119]
RFC 中用于表示 要求级别的关键词. S. Bradner. IETF. 1997 年 3 月. 当前最佳实践. URL:https://www.rfc-editor.org/rfc/rfc2119
[RFC2397]
"data" URL 方案. L. Masinter. IETF. 1998 年 8 月. 提议标准. URL:https://www.rfc-editor.org/rfc/rfc2397
[RFC6838]
媒体类型规范和注册 程序. N. Freed; J. Klensin; T. Hansen. IETF. 2013 年 1 月. 当前最佳 实践. URL:https://www.rfc-editor.org/rfc/rfc6838
[RFC7515]
JSON Web Signature (JWS). M. Jones; J. Bradley; N. Sakimura. IETF. 2015 年 5 月. 提议标准. URL:https://www.rfc-editor.org/rfc/rfc7515
[RFC7516]
JSON Web Encryption (JWE). M. Jones; J. Hildebrand. IETF. 2015 年 5 月. 提议标准. URL:https://www.rfc-editor.org/rfc/rfc7516
[RFC7517]
JSON Web Key (JWK). M. Jones. IETF. 2015 年 5 月. 提议标准. URL:https://www.rfc-editor.org/rfc/rfc7517
[RFC7519]
JSON Web Token (JWT). M. Jones; J. Bradley; N. Sakimura. IETF. 2015 年 5 月. 提议标准. URL:https://www.rfc-editor.org/rfc/rfc7519
[RFC7638]
JSON Web Key (JWK) Thumbprint. M. Jones; N. Sakimura. IETF. 2015 年 9 月. 提议标准. URL:https://www.rfc-editor.org/rfc/rfc7638
[RFC7800]
JSON Web Tokens (JWTs) 的持有证明密钥语义. M. Jones; J. Bradley; H. Tschofenig. IETF. 2016 年 4 月. 提议标准. URL:https://www.rfc-editor.org/rfc/rfc7800
[RFC8174]
RFC 2119 关键词中大写与小写的歧义. B. Leiba. IETF. 2017 年 5 月. 当前最佳实践. URL:https://www.rfc-editor.org/rfc/rfc8174
[RFC8392]
CBOR Web Token (CWT). M. Jones; E. Wahlstroem; S. Erdtman; H. Tschofenig. IETF. 2018 年 5 月. 提议标准. URL:https://www.rfc-editor.org/rfc/rfc8392
[RFC8747]
CBOR Web Tokens (CWTs) 的持有证明密钥语义. M. Jones; L. Seitz; G. Selander; S. Erdtman; H. Tschofenig. IETF. 2020 年 3 月. 提议标准. URL:https://www.rfc-editor.org/rfc/rfc8747
[RFC8949]
简洁二进制对象表示 (CBOR). C. Bormann; P. Hoffman. IETF. 2020 年 12 月. 互联网标准. URL:https://www.rfc-editor.org/rfc/rfc8949
[RFC9052]
CBOR 对象签名和加密 (COSE): 结构和流程. J. Schaad. IETF. 2022 年 8 月. 互联网标准. URL:https://www.rfc-editor.org/rfc/rfc9052
[RFC9596]
CBOR 对象签名和加密 (COSE) "typ"(类型)标头参数. M.B. Jones; O. Steele. IETF. 2024 年 6 月. 提议 标准. URL:https://www.rfc-editor.org/rfc/rfc9596
[SD-JWT]
JWT 选择性披露 (SD-JWT). Daniel Fett; Kristina Yasuda; Brian Campbell. IETF. 互联网草案. URL:https://datatracker.ietf.org/doc/html/draft-ietf-oauth-selective-disclosure-jwt
[URL]
URL 标准. Anne van Kesteren. WHATWG. 现行标准. URL:https://url.spec.whatwg.org/
[VC-DATA-MODEL-2.0]
可验证凭证数据模型 v2.0. Ivan Herman; Michael Jones; Manu Sporny; Ted Thibodeau Jr; Gabe Cohen. W3C. 2025 年 5 月 15 日. W3C 推荐标准. URL:https://www.w3.org/TR/vc-data-model-2.0/

C.2 资料性参考文献

[JWT]
JSON Web Token (JWT). M. Jones; J. Bradley; N. Sakimura. IETF. 2015 年 5 月. 提议标准. URL:https://www.rfc-editor.org/rfc/rfc7519
[RFC7049]
简洁二进制对象表示 (CBOR). C. Bormann; P. Hoffman. IETF. 2013 年 10 月. 提议标准. URL:https://www.rfc-editor.org/rfc/rfc7049
[RFC7159]
JavaScript 对象表示法 (JSON) 数据 交换格式. T. Bray, Ed. IETF. 2014 年 3 月. 提议标准. URL:https://www.rfc-editor.org/rfc/rfc7159
[WCAG21]
Web 内容无障碍指南 (WCAG) 2.1. Michael Cooper; Andrew Kirkpatrick; Joshue O'Connor; Alastair Campbell. W3C. 2024 年 12 月 12 日. W3C 推荐标准. URL:https://www.w3.org/TR/WCAG21/