Following the letter last week to the Biden Administration, the COVID-19 Credentials Initiative (CCI) is releasing “Verifiable Credentials Flavors Explained”, a mini white paper written by CCI’s Ecosystems Director, Kaliya Young, also known as the Identity Woman.
As stated in the background of the letter, “COVID-19 has accelerated the consideration and deployment of Verifiable Credentials (VCs) as organizations, including IATA and WHO, and alliances, such as the CCI and MITRE’s Vaccination Credential Initiative, have all converged on (W3C) VCs as a suitable technology.” However, there exist various flavors of VCs (explained in this paper), which are hindering our path towards full interoperability, especially when the flavors and their differences are not known or well understood by many working within the VC ecosystem yet.
The first part of the paper elaborated on the following three data formats of VCs by walking through a credential lifecycle:
- JSON-LD family with LD Signatures or with BBS+ Signatures that enable Zero Knowledge Proofs (ZKP or ZKPs)
- JSON with JSON Web Signatures, precisely in the form of a JSON Web Token (JWT)
- ZKP with Camenisch-Lysyanskaya Signatures (ZKP-CL)
The second part discussed at length the differences between JSON and JSON-LD and the differences between the two different ways to express ZKPs, namely ZKP-CL and the newest flavor JSON-LD ZKP with BBS+, which is being well received.
Though the paper focuses on explaining to the technically inclined readers the major variants of W3C VCs currently seen in the market, it also makes it easy for policymakers, business leaders, and many others working in the VC ecosystem or considering adopting VCs to get a quick high-level understanding needed for decision-making. It is important that a decision made now is not creating interoperability headaches in the future and is in line with the best long-term interests of all.
To provide feedback and have further discussions, you can reach out directly to Kaliya.