Comments (7)
As we've discussed on the API calls, all APIs should be designed as external.
(Why are APIs being discussed in the "interop" space, which I would have thought was mostly about data generation, transfer, and/or consumption? Or, given that APIs are how "interop" happens, why are APIs being focused on outside of the "interop" space? It seems this split may have been made prematurely.)
Entities which don't care about some piece of the external security because they believe that all API callers coming from "internal" IP addresses (or whatever criteria) are automatically "safe" should be able to turn off enforcement of whatever "externally" focused elements they find problematic "internally".
from traceability-interop.
I think this issue was overtaken by events, we solved this in most recent PR.
These have been differentiated in the most recent PR: #35
from traceability-interop.
Will likely be covered by vc-http-api is my sense and that work should be covered there to prevent duplicate efforts - my sense is that this spec should focus on cross trust boundary interop items that may be raised by additions to the vc-http-api
good call out from @OR13 on the weekly call - the api spec likely is covered best by the vc-http-api - the testing and validation of interop is covered by this spec - e.g. a test demonstrating trace use cases and credentials from the trace vocab between multiple parties hosting their own implementations of the vc-http-api using oauth for authentication, etc.
from traceability-interop.
We're in a holding pattern waiting for the vc-http-api to split these holder apis up.
from traceability-interop.
I have proposal in the works for the vc-http-api that should help with this, this issue is blocked by taking that action, and making these holder APIs clearer.
from traceability-interop.
@OR13 would you be able to link to that proposal
from traceability-interop.
@OR13 : mostly closed already. Suggest opening a more focused issue once interop has progressed further.
from traceability-interop.
Related Issues (20)
- [BUG] expanding traceability did document with pyld HOT 5
- [Discussion] Should the created field be removed as an option when creating a credential? HOT 3
- [Question] When verifying a presentation, is it expected that all VC have also been verified? HOT 1
- @context values can be objects according to the spec, conformance test-suite will raise this as a failed step HOT 2
- Editors (and authors?) lists need update
- Outdated Interoperability Testing section HOT 4
- Reschedule meeting cadence HOT 7
- Cleanup issue tracker on respec docs
- Confusing "allow-list" reference
- `service` section outdated
- `assertionmethod` section seems unnecessary HOT 2
- Remove did:key from Example 5 HOT 1
- Outdated Authorization section
- Add additional code generation languages HOT 3
- Data Integrity Proof Suites section is outdated
- Update Introduction section
- PR-653 hasn't been published HOT 1
- Update section "Interop Testing" HOT 2
- Testing Interop HOT 3
- Service endpoint discovery is pointless when client_credentials have already been exchanged HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from traceability-interop.