From 3f527a4efb7a9fb29cfddd813e4c7c8c54b61272 Mon Sep 17 00:00:00 2001
From: Jan Vereecken <jan.vereecken@hey.com>
Date: Mon, 21 Oct 2024 12:29:34 +0200
Subject: [PATCH] Add valid signatures for jwt_vc_json section (#403)

editorial. 2 approvals. open for more than a week
---
 ...ntial_request_jwt_vc_json_with_claims.json | 16 +++++--
 examples/credential_response_jwt_vc_json.txt  | 48 ++++++++++++-------
 examples/issuer_jwks.json                     | 12 +++++
 ...id-4-verifiable-credential-issuance-1_0.md |  4 ++
 4 files changed, 60 insertions(+), 20 deletions(-)
 create mode 100644 examples/issuer_jwks.json

diff --git a/examples/credential_request_jwt_vc_json_with_claims.json b/examples/credential_request_jwt_vc_json_with_claims.json
index f9ea96b9..f6574fe5 100644
--- a/examples/credential_request_jwt_vc_json_with_claims.json
+++ b/examples/credential_request_jwt_vc_json_with_claims.json
@@ -13,9 +13,17 @@
   },
   "proof": {
     "proof_type": "jwt",
-    "jwt": "eyJraWQiOiJkaWQ6ZXhhbXBsZTplYmZlYjFmNzEyZWJjNmYxYzI3NmUxMmVjMjEva2V5cy8
-    xIiwiYWxnIjoiRVMyNTYiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJzNkJoZFJrcXQzIiwiYXVkIjoiaHR
-    0cHM6Ly9zZXJ2ZXIuZXhhbXBsZS5jb20iLCJpYXQiOiIyMDE4LTA5LTE0VDIxOjE5OjEwWiIsIm5vbm
-    NlIjoidFppZ25zbkZicCJ9.ewdkIkPV50iOeBUqMXCC_aZKPxgihac0aW9EkL1nOzM"
+    "jwt": "eyJ0eXAiOiJvcGVuaWQ0dmNpLXByb29mK2p3dCIsImFsZyI6IkVT
+    MjU2Iiwia2lkIjoiZGlkOmp3azpleUpyYVdRaU9pSjFjbTQ2YVdWMFpqcHdZ
+    WEpoYlhNNmIyRjFkR2c2YW5kckxYUm9kVzFpY0hKcGJuUTZjMmhoTFRJMU5q
+    cFdZa3BQVTNacWVGVTJURGhETjBkVlR6UmtjMmhKV1ZZemVtSjJSbmRyV1VJ
+    ME0xbEtOVXQwZERoRklpd2lhM1I1SWpvaVJVTWlMQ0pqY25ZaU9pSlFMVEkx
+    TmlJc0ltRnNaeUk2SWtWVE1qVTJJaXdpZUNJNklrMWtReTFQUzNFMFFWRkta
+    bFpEV0RWNmNGRnZURGhxTkZaRlpuWlFXRGs0ZEZVNWFIaGpUbGhIY204aUxD
+    SjVJam9pYm5OWGJtWmlOazVYYzBzek9VSklMV2hCWVZOclExTmxORUo1YldW
+    T2MyTktSVjl6WVVRelJETmlUU0o5In0.eyJhdWQiOiJodHRwczovL2NyZWRl
+    bnRpYWwtaXNzdWVyLmV4YW1wbGUuY29tIiwiaWF0IjoxNzI4MDcxNDYyLCJu
+    b25jZSI6InRaaWduc25GYnAifQ.Er4QnNhoJWNHcS7FPpr4QpINYuL7nGWhX
+    rKF8U9irPsyv7BJ02tyOFck4J8DKLTv7ELncULsU0rIQXT3tgLzGQ"
   }
 }
\ No newline at end of file
diff --git a/examples/credential_response_jwt_vc_json.txt b/examples/credential_response_jwt_vc_json.txt
index 01252bcb..33831260 100644
--- a/examples/credential_response_jwt_vc_json.txt
+++ b/examples/credential_response_jwt_vc_json.txt
@@ -6,22 +6,38 @@ Cache-Control: no-store
 {
   "credentials": [
     {
-      "credential": "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJ2YyI6
-      eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50
-      aWFscy92MSIsImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxz
-      L2V4YW1wbGVzL3YxIl0sImlkIjoiaHR0cDovL2V4YW1wbGUuZWR1L2NyZWRl
-      bnRpYWxzLzM3MzIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwi
-      VW5pdmVyc2l0eURlZ3JlZUNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiaHR0cHM6
-      Ly9leGFtcGxlLmVkdS9pc3N1ZXJzLzU2NTA0OSIsImlzc3VhbmNlRGF0ZSI6
-      IjIwMTAtMDEtMDFUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsi
-      aWQiOiJkaWQ6ZXhhbXBsZTplYmZlYjFmNzEyZWJjNmYxYzI3NmUxMmVjMjEi
-      LCJkZWdyZWUiOnsidHlwZSI6IkJhY2hlbG9yRGVncmVlIiwibmFtZSI6IkJh
-      Y2hlbG9yIG9mIFNjaWVuY2UgYW5kIEFydHMifX19LCJpc3MiOiJodHRwczov
-      L2V4YW1wbGUuZWR1L2lzc3VlcnMvNTY1MDQ5IiwibmJmIjoxMjYyMzA0MDAw
-      LCJqdGkiOiJodHRwOi8vZXhhbXBsZS5lZHUvY3JlZGVudGlhbHMvMzczMiIs
-      InN1YiI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMy
-      MSJ9.z5vgMTK1nfizNCg5N-niCOL3WUIAL7nXy-nGhDZYO_-PNGeE-0djCpW
-      AMH8fD8eWSID5PfkPBYkx_dfLJnQ7NA"
+      "credential": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6I
+      nVybjppZXRmOnBhcmFtczpvYXV0aDpqd2stdGh1bWJwcmludDpzaGEtMjU2O
+      m1sVXBvZzd2RWV3RkJlbTZVbDA5YzJkdFR3YzhkRnpWcElEWDNzcUdXVzAif
+      Q.eyJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC
+      9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZW
+      RlbnRpYWxzL2V4YW1wbGVzL3YxIl0sImlkIjoiaHR0cHM6Ly9jcmVkZW50aW
+      FsLWlzc3Vlci5leGFtcGxlLmNvbS9jcmVkZW50aWFscy8zNzMyIiwidHlwZS
+      I6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsIlVuaXZlcnNpdHlEZWdyZWVDcm
+      VkZW50aWFsIl0sImlzc3VlciI6Imh0dHBzOi8vY3JlZGVudGlhbC1pc3N1ZX
+      IuZXhhbXBsZS5jb20iLCJpc3N1YW5jZURhdGUiOiIyMDI1LTAxLTAxVDAwOj
+      AwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOmp3azpleU
+      pyYVdRaU9pSjFjbTQ2YVdWMFpqcHdZWEpoYlhNNmIyRjFkR2c2YW5kckxYUm
+      9kVzFpY0hKcGJuUTZjMmhoTFRJMU5qcFdZa3BQVTNacWVGVTJURGhETjBkVl
+      R6UmtjMmhKV1ZZemVtSjJSbmRyV1VJME0xbEtOVXQwZERoRklpd2lhM1I1SW
+      pvaVJVTWlMQ0pqY25ZaU9pSlFMVEkxTmlJc0ltRnNaeUk2SWtWVE1qVTJJaX
+      dpZUNJNklrMWtReTFQUzNFMFFWRktabFpEV0RWNmNGRnZURGhxTkZaRlpuWl
+      FXRGs0ZEZVNWFIaGpUbGhIY204aUxDSjVJam9pYm5OWGJtWmlOazVYYzBzek
+      9VSklMV2hCWVZOclExTmxORUo1YldWT2MyTktSVjl6WVVRelJETmlUU0o5Ii
+      wiZGVncmVlIjp7InR5cGUiOiJCYWNoZWxvckRlZ3JlZSIsIm5hbWUiOiJCYW
+      NoZWxvciBvZiBTY2llbmNlIGFuZCBBcnRzIn19fSwiaXNzIjoiaHR0cHM6Ly
+      9jcmVkZW50aWFsLWlzc3Vlci5leGFtcGxlLmNvbSIsIm5iZiI6MTczNTY4OT
+      YwMCwianRpIjoiaHR0cHM6Ly9jcmVkZW50aWFsLWlzc3Vlci5leGFtcGxlLm
+      NvbS9jcmVkZW50aWFscy8zNzMyIiwic3ViIjoiZGlkOmp3azpleUpyYVdRaU
+      9pSjFjbTQ2YVdWMFpqcHdZWEpoYlhNNmIyRjFkR2c2YW5kckxYUm9kVzFpY0
+      hKcGJuUTZjMmhoTFRJMU5qcFdZa3BQVTNacWVGVTJURGhETjBkVlR6UmtjMm
+      hKV1ZZemVtSjJSbmRyV1VJME0xbEtOVXQwZERoRklpd2lhM1I1SWpvaVJVTW
+      lMQ0pqY25ZaU9pSlFMVEkxTmlJc0ltRnNaeUk2SWtWVE1qVTJJaXdpZUNJNk
+      lrMWtReTFQUzNFMFFWRktabFpEV0RWNmNGRnZURGhxTkZaRlpuWlFXRGs0ZE
+      ZVNWFIaGpUbGhIY204aUxDSjVJam9pYm5OWGJtWmlOazVYYzBzek9VSklMV2
+      hCWVZOclExTmxORUo1YldWT2MyTktSVjl6WVVRelJETmlUU0o5In0.k13xQC
+      nQIKAIuwQIbg37dwlNr8D6_2YUQtDTVQCq-ZsjcXxHagGC_VIZtd7RpR8OvB
+      zTBHVwrBRD-_RzoV2Ofg"
     }
   ],
   "c_nonce": "fGFF7UkhLa",
diff --git a/examples/issuer_jwks.json b/examples/issuer_jwks.json
new file mode 100644
index 00000000..b3541d34
--- /dev/null
+++ b/examples/issuer_jwks.json
@@ -0,0 +1,12 @@
+{
+  "jwks": [
+    {
+      "kid": "urn:ietf:params:oauth:jwk-thumbprint:sha-256:mlUpog7vEewFBem6Ul09c2dtTwc8dFzVpIDX3sqGWW0",
+      "kty": "EC",
+      "crv": "P-256",
+      "alg": "ES256",
+      "x": "_LC1FTUl0MltKAOQzXNsofVMpWFV2obLGrNCat_CQ-g",
+      "y": "kBjoyjNuMVAOq--qVUgylDoLKuMdk4imS-Kk5ahuYIU"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/openid-4-verifiable-credential-issuance-1_0.md b/openid-4-verifiable-credential-issuance-1_0.md
index 3d763c52..bc67b9d9 100644
--- a/openid-4-verifiable-credential-issuance-1_0.md
+++ b/openid-4-verifiable-credential-issuance-1_0.md
@@ -2072,6 +2072,10 @@ The following is a non-normative example of a Credential Response with Credentia
 
 <{{examples/credential_response_jwt_vc_json.txt}}
 
+The following is the dereferenced document for the Issuer HTTP URL identifier that matches the Credential in the above example:
+
+<{{examples/issuer_jwks.json}}
+
 ### VC Secured using Data Integrity, using JSON-LD, with a Proof Suite Requiring Linked Data Canonicalization
 
 #### Format Identifier