The purpose of this test suite is to demonstrate a path to interoperability for the ECDSA data integrity cryptosuites. The technologies explored in this test suite are experimental. This document contains the most recent interoperability report for a DataIntegrityProof using the `ecdsa-rdfc-2019`, `ecdsa-jcs-2019`, or `ecdsa-sd-2023` cryptosuites. This report is auto-generated.
Tests passed 635/707 89%
Tests failed 72/707 11%
Failures 72
Tests skipped 0
Total tests 707
These tests were run on
The results of the tests are shown below:
|
Issuer ⇒
⇓Test Name
|
apicatalog.com: P-256 | apicatalog.com: P-384 | Digital Bazaar: P-256 | Digital Bazaar: P-384 | SpruceID: P-256 | SpruceID: P-384 | bovine: P-256 |
|---|---|---|---|---|---|---|---|
| When expressing a data integrity proof on an object, a proof property MUST be used. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| If present (proof), its value MUST be either a single object, or an unordered set of objects |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| ("proof.id") An optional identifier for the proof, which MUST be a URL. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| The specific proof type used for the cryptographic proof MUST be specified as a string that maps to a URL. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| The type property MUST contain the string DataIntegrityProof. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| If the proof type is DataIntegrityProof, cryptosuite MUST be specified; otherwise, cryptosuite MAY be specified. If specified, its value MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| The date and time the proof was created is OPTIONAL and, if included, MUST be specified as an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| The expires property is OPTIONAL and, if present, specifies when the proof expires. If present, it MUST be an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| A verification method is the means and information needed to verify the proof. If included, the value MUST be a string that maps to a [URL] |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| The reason the proof was created ("proof.proofPurpose") MUST be specified as a string that maps to a URL |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| The proofValue property MUST be used, as specified in 2.1 Proofs. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| The contents of the value ("proof.proofValue") MUST be expressed with a header and encoding as described in Section 2.4 Multibase. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| if "proof.domain" field exists, it MUST be either a string, or an unordered set of strings. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| if "proof.challenge" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| if "proof.previousProof" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| if "proof.nonce" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| The value of the cryptosuite property MUST be a string that identifies the cryptographic suite. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| The value of the cryptosuite property MUST be a string that identifies the cryptographic suite. If the processing environment supports subtypes of string, the type of the cryptosuite value MUST be the https://w3id.org/security#cryptosuiteString subtype of string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
|
Implementation ⇒
⇓Test Name
|
apicatalog.com: P-256 | apicatalog.com: P-384 | Digital Bazaar: P-256 | Digital Bazaar: P-384 | SpruceID: P-256 | SpruceID: P-384 | bovine: P-256 |
|---|---|---|---|---|---|---|---|
| The (proof) type property MUST be DataIntegrityProof. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| The cryptosuite property of the proof MUST be ecdsa-rdfc-2019 or ecdsa-jcs-2019. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| the signature value (proofValue) MUST be expressed according to section 7 of [RFC4754] (sometimes referred to as the IEEE P1363 format) and encoded according to the specific cryptosuite proof generation algorithm. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| The "proof" MUST verify with a conformant verifier. |
❌
|
❌
|
✓
|
✓
|
✓
|
❌
|
✓
|
| The "proof.proofPurpose" field MUST match the verification relationship expressed by the verification method controller. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| Dereferencing "verificationMethod" MUST result in an object containing a type property with "Multikey" value. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
| The "publicKeyMultibase" property of the verification method MUST be public key encoded according to MULTICODEC and formatted according to MULTIBASE. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
|
Implementation ⇒
⇓Test Name
|
Digital Bazaar: P-256 | Digital Bazaar: P-384 | SpruceID: P-256 | SpruceID: P-384 |
|---|---|---|---|---|
| The (proof) type property MUST be DataIntegrityProof. |
✓
|
✓
|
✓
|
✓
|
| The cryptosuite property of the proof MUST be ecdsa-rdfc-2019 or ecdsa-jcs-2019. |
✓
|
✓
|
✓
|
✓
|
| the signature value (proofValue) MUST be expressed according to section 7 of [RFC4754] (sometimes referred to as the IEEE P1363 format) and encoded according to the specific cryptosuite proof generation algorithm. |
✓
|
✓
|
✓
|
✓
|
| The "proof" MUST verify with a conformant verifier. |
✓
|
✓
|
✓
|
❌
|
| The "proof.proofPurpose" field MUST match the verification relationship expressed by the verification method controller. |
✓
|
✓
|
✓
|
✓
|
| Dereferencing "verificationMethod" MUST result in an object containing a type property with "Multikey" value. |
✓
|
✓
|
✓
|
✓
|
| The "publicKeyMultibase" property of the verification method MUST be public key encoded according to MULTICODEC and formatted according to MULTIBASE. |
✓
|
✓
|
✓
|
✓
|
|
Verifier ⇒
⇓Test Name
|
apicatalog.com: P-256 | Digital Bazaar: P-256 | SpruceID: P-256 | bovine: P-256 |
|---|---|---|---|---|
| If the "proof" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.type" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.type" field is not the string "DataIntegrityProof", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.verificationMethod" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.verificationMethod" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.proofPurpose" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.proofPurpose" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.proofPurpose" value does not match "options.expectedProofPurpose", an error MUST be raised. |
✓
|
❌
|
✓
|
❌
|
| If the "proof.proofValue" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.proofValue" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| The date and time the proof was created is OPTIONAL and, if included, MUST be specified as an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
✓
|
❌
|
✓
|
✓
|
| (created) Time values that are incorrectly serialized without an offset MUST be interpreted as UTC. |
✓
|
❌
|
✓
|
✓
|
| (expires) Time values that are incorrectly serialized without an offset MUST be interpreted as UTC. |
❌
|
❌
|
✓
|
✓
|
| If the "proof.proofValue" field is not multibase-encoded, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| The value of the cryptosuite property MUST be a string that identifies the cryptographic suite. If the processing environment supports subtypes of string, the type of the cryptosuite value MUST be the https://w3id.org/security#cryptosuiteString subtype of string. |
✓
|
✓
|
✓
|
✓
|
| If the "options.domain" is set and it does not match "proof.domain", an error MUST be raised. |
✓
|
✓
|
✓
|
❌
|
| If the "options.challenge" is set and it does not match "proof.challenge", an error MUST be raised. |
✓
|
✓
|
✓
|
❌
|
|
Verifier ⇒
⇓Test Name
|
Digital Bazaar: P-256 | SpruceID: P-256 |
|---|---|---|
| If the "proof" field is missing, an error MUST be raised. |
✓
|
✓
|
| If the "proof" field is invalid, an error MUST be raised. |
✓
|
✓
|
| If the "proof.type" field is missing, an error MUST be raised. |
✓
|
✓
|
| If the "proof.type" field is not the string "DataIntegrityProof", an error MUST be raised. |
✓
|
✓
|
| If the "proof.verificationMethod" field is missing, an error MUST be raised. |
✓
|
✓
|
| If the "proof.verificationMethod" field is invalid, an error MUST be raised. |
✓
|
✓
|
| If the "proof.proofPurpose" field is missing, an error MUST be raised. |
✓
|
✓
|
| If the "proof.proofPurpose" field is invalid, an error MUST be raised. |
✓
|
✓
|
| If the "proof.proofPurpose" value does not match "options.expectedProofPurpose", an error MUST be raised. |
❌
|
✓
|
| If the "proof.proofValue" field is missing, an error MUST be raised. |
✓
|
✓
|
| If the "proof.proofValue" field is invalid, an error MUST be raised. |
✓
|
✓
|
| The date and time the proof was created is OPTIONAL and, if included, MUST be specified as an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
❌
|
✓
|
| (created) Time values that are incorrectly serialized without an offset MUST be interpreted as UTC. |
❌
|
✓
|
| (expires) Time values that are incorrectly serialized without an offset MUST be interpreted as UTC. |
❌
|
✓
|
| If the "proof.proofValue" field is not multibase-encoded, an error MUST be raised. |
✓
|
✓
|
| The value of the cryptosuite property MUST be a string that identifies the cryptographic suite. If the processing environment supports subtypes of string, the type of the cryptosuite value MUST be the https://w3id.org/security#cryptosuiteString subtype of string. |
✓
|
✓
|
| If the "options.domain" is set and it does not match "proof.domain", an error MUST be raised. |
✓
|
✓
|
| If the "options.challenge" is set and it does not match "proof.challenge", an error MUST be raised. |
✓
|
✓
|
|
Verifier ⇒
⇓Issuer
|
apicatalog.com: P-256, P-384 | Digital Bazaar: P-256, P-384 | SpruceID: P-256, P-384 | bovine: P-256 |
|---|---|---|---|---|
| apicatalog.com: P-256 |
✓
|
❌
|
✓
|
✓
|
| apicatalog.com: P-384 |
✓
|
❌
|
✓
|
🚫
|
| Digital Bazaar: P-256 |
✓
|
✓
|
✓
|
✓
|
| Digital Bazaar: P-384 |
❌
|
✓
|
❌
|
🚫
|
| SpruceID: P-256 |
❌
|
✓
|
✓
|
✓
|
| SpruceID: P-384 |
❌
|
❌
|
✓
|
🚫
|
| bovine: P-256 |
✓
|
✓
|
✓
|
✓
|
|
Issuer ⇒
⇓Test Name
|
apicatalog.com: P-256 | Digital Bazaar: P-256 | Grotto Networking: P-256 | SpruceID: P-256 | SpruceID: P-384 |
|---|---|---|---|---|---|
| When expressing a data integrity proof on an object, a proof property MUST be used. |
✓
|
✓
|
✓
|
✓
|
✓
|
| If present (proof), its value MUST be either a single object, or an unordered set of objects |
✓
|
✓
|
✓
|
✓
|
✓
|
| ("proof.id") An optional identifier for the proof, which MUST be a URL. |
✓
|
✓
|
✓
|
✓
|
✓
|
| The specific proof type used for the cryptographic proof MUST be specified as a string that maps to a URL. |
✓
|
❌
|
❌
|
❌
|
❌
|
| The type property MUST contain the string DataIntegrityProof. |
✓
|
✓
|
✓
|
✓
|
✓
|
| If the proof type is DataIntegrityProof, cryptosuite MUST be specified; otherwise, cryptosuite MAY be specified. If specified, its value MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
| The date and time the proof was created is OPTIONAL and, if included, MUST be specified as an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
✓
|
✓
|
✓
|
✓
|
✓
|
| The expires property is OPTIONAL and, if present, specifies when the proof expires. If present, it MUST be an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
✓
|
✓
|
✓
|
✓
|
✓
|
| A verification method is the means and information needed to verify the proof. If included, the value MUST be a string that maps to a [URL] |
✓
|
❌
|
❌
|
❌
|
❌
|
| The reason the proof was created ("proof.proofPurpose") MUST be specified as a string that maps to a URL |
❌
|
❌
|
❌
|
❌
|
❌
|
| The proofValue property MUST be used, as specified in 2.1 Proofs. |
✓
|
✓
|
✓
|
✓
|
✓
|
| The contents of the value ("proof.proofValue") MUST be expressed with a header and encoding as described in Section 2.4 Multibase. |
✓
|
✓
|
✓
|
✓
|
✓
|
| if "proof.domain" field exists, it MUST be either a string, or an unordered set of strings. |
✓
|
✓
|
✓
|
✓
|
✓
|
| if "proof.challenge" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
| if "proof.previousProof" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
| if "proof.nonce" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
| The value of the cryptosuite property MUST be a string that identifies the cryptographic suite. |
✓
|
✓
|
✓
|
✓
|
✓
|
| The value of the cryptosuite property MUST be a string that identifies the cryptographic suite. If the processing environment supports subtypes of string, the type of the cryptosuite value MUST be the https://w3id.org/security#cryptosuiteString subtype of string. |
❌
|
❌
|
❌
|
❌
|
❌
|
|
Implementation ⇒
⇓Test Name
|
apicatalog.com: P-256 | Digital Bazaar: P-256 | Grotto Networking: P-256 | SpruceID: P-256 |
|---|---|---|---|---|
| The field "cryptosuite" MUST be "ecdsa-sd-2023". |
✓
|
✓
|
✓
|
✓
|
| the signature value (proofValue) MUST be expressed according to section 7 of [RFC4754] (sometimes referred to as the IEEE P1363 format) and encoded according to the specific cryptosuite proof generation algorithm. |
✓
|
✓
|
✓
|
✓
|
| The field "proofValue" MUST start with "u". |
✓
|
✓
|
✓
|
✓
|
| The "proof" MUST verify when using a conformant verifier. |
❌
|
✓
|
✓
|
✓
|
| The "proof.proofPurpose" field MUST match the verification relationship expressed by the verification method controller. |
✓
|
✓
|
✓
|
✓
|
| Dereferencing "verificationMethod" MUST result in an object containing a type property with "Multikey" value. |
✓
|
✓
|
✓
|
✓
|
| The "publicKeyMultibase" property of the verification method MUST be public key encoded according to MULTICODEC and formatted according to MULTIBASE. |
✓
|
✓
|
✓
|
✓
|
|
Implementation ⇒
⇓Test Name
|
Digital Bazaar: P-256 | SpruceID: P-256 |
|---|---|---|
| The field "cryptosuite" MUST be "ecdsa-sd-2023". |
✓
|
✓
|
| the signature value (proofValue) MUST be expressed according to section 7 of [RFC4754] (sometimes referred to as the IEEE P1363 format) and encoded according to the specific cryptosuite proof generation algorithm. |
✓
|
✓
|
| The field "proofValue" MUST start with "u". |
✓
|
✓
|
| The "proof" MUST verify when using a conformant verifier. |
✓
|
✓
|
| The "proof.proofPurpose" field MUST match the verification relationship expressed by the verification method controller. |
✓
|
✓
|
| Dereferencing "verificationMethod" MUST result in an object containing a type property with "Multikey" value. |
✓
|
✓
|
| The "publicKeyMultibase" property of the verification method MUST be public key encoded according to MULTICODEC and formatted according to MULTIBASE. |
✓
|
✓
|
|
Verifier ⇒
⇓Test Name
|
apicatalog.com: P-256 | apicatalog.com: P-384 | Digital Bazaar: P-256 | Digital Bazaar: P-384 | SpruceID: P-256 | SpruceID: P-384 | bovine: P-256 | bovine: P-384 |
|---|---|---|---|---|---|---|---|---|
| MUST verify a valid VC with an ecdsa-rdfc-2019 proof. |
✓
|
❌
|
✓
|
✓
|
✓
|
❌
|
✓
|
❌
|
| If the "cryptosuite" field is not the string "ecdsa-rdfc-2019" or the string "ecdsa-jcs-2019", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
❌
|
|
Verifier ⇒
⇓Test Name
|
apicatalog.com: P-256 | apicatalog.com: P-384 | Digital Bazaar: P-256 | Digital Bazaar: P-384 | SpruceID: P-256 | SpruceID: P-384 | bovine: P-256 | bovine: P-384 |
|---|---|---|---|---|---|---|---|---|
| MUST verify a valid VC with an ecdsa-rdfc-2019 proof. |
✓
|
❌
|
✓
|
✓
|
✓
|
❌
|
✓
|
❌
|
| If the "cryptosuite" field is not the string "ecdsa-rdfc-2019" or the string "ecdsa-jcs-2019", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
❌
|
|
Verifier ⇒
⇓Test Name
|
Digital Bazaar: P-256 | SpruceID: P-256 |
|---|---|---|
| If the "proof" field is missing, an error MUST be raised. |
✓
|
✓
|
| If the "proof" field is invalid, an error MUST be raised. |
✓
|
✓
|
| If the "proof.type" field is missing, an error MUST be raised. |
✓
|
✓
|
| If the "proof.type" field is not the string "DataIntegrityProof", an error MUST be raised. |
✓
|
✓
|
| If the "proof.verificationMethod" field is missing, an error MUST be raised. |
✓
|
✓
|
| If the "proof.verificationMethod" field is invalid, an error MUST be raised. |
✓
|
✓
|
| If the "proof.proofPurpose" field is missing, an error MUST be raised. |
✓
|
✓
|
| If the "proof.proofPurpose" field is invalid, an error MUST be raised. |
✓
|
✓
|
| If the "proof.proofPurpose" value does not match "options.expectedProofPurpose", an error MUST be raised. |
❌
|
✓
|
| If the "proof.proofValue" field is missing, an error MUST be raised. |
✓
|
✓
|
| If the "proof.proofValue" field is invalid, an error MUST be raised. |
✓
|
✓
|
| The date and time the proof was created is OPTIONAL and, if included, MUST be specified as an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
❌
|
✓
|
| (created) Time values that are incorrectly serialized without an offset MUST be interpreted as UTC. |
❌
|
✓
|
| (expires) Time values that are incorrectly serialized without an offset MUST be interpreted as UTC. |
❌
|
✓
|
| If the "proof.proofValue" field is not multibase-encoded, an error MUST be raised. |
✓
|
✓
|
| The value of the cryptosuite property MUST be a string that identifies the cryptographic suite. If the processing environment supports subtypes of string, the type of the cryptosuite value MUST be the https://w3id.org/security#cryptosuiteString subtype of string. |
✓
|
✓
|
| If the "options.domain" is set and it does not match "proof.domain", an error MUST be raised. |
✓
|
✓
|
| If the "options.challenge" is set and it does not match "proof.challenge", an error MUST be raised. |
✓
|
✓
|
|
Verifier ⇒
⇓Test Name
|
apicatalog.com: P-256 | Digital Bazaar: P-256 | Grotto Networking: P-256 | SpruceID: P-256 |
|---|---|---|---|---|
| If the "proof" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.type" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.type" field is not the string "DataIntegrityProof", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.verificationMethod" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.verificationMethod" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.proofPurpose" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.proofPurpose" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.proofPurpose" value does not match "options.expectedProofPurpose", an error MUST be raised. |
✓
|
❌
|
❌
|
✓
|
| If the "proof.proofValue" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "proof.proofValue" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| The date and time the proof was created is OPTIONAL and, if included, MUST be specified as an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
✓
|
❌
|
✓
|
✓
|
| (created) Time values that are incorrectly serialized without an offset MUST be interpreted as UTC. |
✓
|
❌
|
❌
|
✓
|
| (expires) Time values that are incorrectly serialized without an offset MUST be interpreted as UTC. |
✓
|
❌
|
❌
|
✓
|
| If the "proof.proofValue" field is not multibase-encoded, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| The value of the cryptosuite property MUST be a string that identifies the cryptographic suite. If the processing environment supports subtypes of string, the type of the cryptosuite value MUST be the https://w3id.org/security#cryptosuiteString subtype of string. |
✓
|
✓
|
✓
|
✓
|
| If the "options.domain" is set and it does not match "proof.domain", an error MUST be raised. |
✓
|
✓
|
❌
|
✓
|
| If the "options.challenge" is set and it does not match "proof.challenge", an error MUST be raised. |
✓
|
✓
|
❌
|
✓
|
|
Verifier ⇒
⇓Test Name
|
apicatalog.com: P-256 | Digital Bazaar: P-256 | Grotto Networking: P-256 | SpruceID: P-256 |
|---|---|---|---|---|
| MUST verify a valid VC with an ecdsa-sd-2023 proof. |
✓
|
✓
|
✓
|
✓
|
| MUST verify a valid VC with nested disclosed properties. |
✓
|
✓
|
✓
|
✓
|
| MUST verify a valid VC with disclosed properties and bnodes. |
✓
|
✓
|
✓
|
✓
|
| MUST verify with full array revealed properties |
❌
|
✓
|
✓
|
✓
|
| MUST verify with fewer array revealed properties |
❌
|
✓
|
✓
|
✓
|
| MUST verify w/o first element revealed properties |
✓
|
✓
|
✓
|
✓
|
| If the "proofValue" string does not start with "u", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "cryptosuite" field is not the string "ecdsa-sd-2023", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| MUST fail to verify a base proof. |
✓
|
✓
|
✓
|
✓
|
| MUST fail to verify a modified disclosed credential. |
✓
|
✓
|
✓
|
✓
|
|
Verifier ⇒
⇓Test Name
|
apicatalog.com: P-256 | Digital Bazaar: P-256 | Grotto Networking: P-256 | SpruceID: P-256 |
|---|---|---|---|---|
| MUST verify a valid VC with an ecdsa-sd-2023 proof. |
✓
|
✓
|
✓
|
✓
|
| MUST verify a valid VC with nested disclosed properties. |
✓
|
✓
|
✓
|
✓
|
| MUST verify a valid VC with disclosed properties and bnodes. |
✓
|
✓
|
✓
|
✓
|
| MUST verify with full array revealed properties |
❌
|
✓
|
✓
|
✓
|
| MUST verify with fewer array revealed properties |
❌
|
✓
|
✓
|
✓
|
| MUST verify w/o first element revealed properties |
✓
|
✓
|
✓
|
✓
|
| If the "proofValue" string does not start with "u", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| If the "cryptosuite" field is not the string "ecdsa-sd-2023", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
| MUST fail to verify a base proof. |
✓
|
✓
|
✓
|
✓
|
| MUST fail to verify a modified disclosed credential. |
✓
|
✓
|
✓
|
✓
|
|
Verifier ⇒
⇓Issuer
|
apicatalog.com: P-256, P-384 | Digital Bazaar: P-256, P-384 | Grotto Networking: P-256 | SpruceID: P-256, P-384 |
|---|---|---|---|---|
| apicatalog.com: P-256 |
✓
|
❌
|
✓
|
✓
|
| Digital Bazaar: P-256 |
✓
|
✓
|
✓
|
✓
|
| Grotto Networking: P-256 |
✓
|
✓
|
✓
|
✓
|
| SpruceID: P-256 |
❌
|
✓
|
✓
|
✓
|
| SpruceID: P-384 |
❌
|
❌
|
🚫
|
❌
|