vocab: id: sec value: https://w3id.org/security# context: https://w3id.org/security/data-integrity/v2 prefix: - id: cred value: https://www.w3.org/2018/credentials# ontology: - property: dc:title value: Security Vocabulary - property: dc:description value: | vocabulary used to ensure the authenticity and integrity of Verifiable Credentials and similar types of constrained digital documents using cryptography, especially through the use of digital signatures and related mathematical proofs - property: rdfs:seeAlso value: https://www.w3.org/TR/vc-data-integrity/ class: - id: ControlledIdentifierDocument label: Controlled Identifier Document defined_by: https://www.w3.org/TR/cid-1.0/#controlled-identifier-documents context: none - id: Proof label: Digital proof defined_by: https://www.w3.org/TR/vc-data-integrity/#dfn-data-integrity-proof comment: This class represents a digital proof on serialized data. context: none - id: ProofGraph label: An RDF Graph for a digital proof comment: Instances of this class are RDF Graphs [[RDF11-CONCEPTS]], where each of these graphs must include exactly one Proof instance. context: none - id: VerificationMethod label: Verification method comment: Instances of this class must be denoted by URLs, i.e., they cannot be blank nodes. defined_by: https://www.w3.org/TR/cid-1.0/#verification-methods context: none - id: VerificationRelationship comment: Instances of this class are verification relationships like, for example, authentication or assertionMethod. These resources can also appear as values of the proofPurpose property. defined_by: https://www.w3.org/TR/cid-1.0/#verification-relationships upper_value: rdf:Property context: none - id: DataIntegrityProof label: A Data Integrity Proof upper_value: sec:Proof defined_by: https://www.w3.org/TR/vc-data-integrity/#dataintegrityproof context: none - id: Multikey label: Multikey Verification Method upper_value: sec:VerificationMethod defined_by: https://www.w3.org/TR/cid-1.0/#multikey see_also: - label: EdDSA Cryptosuites url: https://www.w3.org/TR/vc-di-eddsa/#multikey - label: ECDSA Cryptosuites url: https://www.w3.org/TR/vc-di-ecdsa/#multikey - label: BBS Cryptosuites url: https://www.w3.org/TR/vc-di-bbs/#multikey context: [https://w3id.org/security/multikey/v1, https://www.w3.org/ns/cid/v1] - id: JsonWebKey label: JSON Web Key Verification Method upper_value: sec:VerificationMethod defined_by: https://www.w3.org/TR/cid-1.0/#jsonwebkey context: [https://w3id.org/security/jwk/v1, https://www.w3.org/ns/cid/v1] - id: Ed25519VerificationKey2020 label: ED2559 Verification Key, 2020 version upper_value: sec:VerificationMethod defined_by: https://www.w3.org/TR/vc-di-eddsa/#ed25519verificationkey2020 context: none - id: Ed25519Signature2020 label: Ed25519 Signature Suite, 2020 version upper_value: sec:Proof defined_by: https://www.w3.org/TR/vc-di-eddsa/#ed25519signature2020 context: none - id: ProcessingError label: Processing error defined_by: https://www.w3.org/TR/vc-data-integrity/#processing-errors context: none # These are the class definitions in the CCG documents that are not defined in a VCWG document; they are all deprecated. # In some cases, a CCG document was found and used for the definition, but in other cases, even that is missing... - id: Key label: Cryptographic key deprecated: true comment: This class represents a cryptographic key that may be used for encryption, decryption, or digitally signing data. This class serves as a supertype for specific key types. context: none - id: EcdsaSecp256k1Signature2019 deprecated: true label: ecdsa-sep256k1, 2019 version defined_by: https://w3c-ccg.github.io/ld-cryptosuite-registry/#ecdsa-secp256k1 context: none - id: EcdsaSecp256k1Signature2020 deprecated: true label: ecdsa-sep256k1, 2020 version defined_by: https://w3c-ccg.github.io/ld-cryptosuite-registry/#ecdsa-secp256k1 context: none - id: EcdsaSecp256k1VerificationKey2019 deprecated: true label: ecdsa-secp256k1 verification key, 2019 version defined_by: https://w3c-ccg.github.io/ld-cryptosuite-registry/#ecdsasecp256k1recoverysignature2020 upper_value: sec:Key context: none - id: EcdsaSecp256k1RecoverySignature2020 deprecated: true label: ecdsa-secp256k1 recovery signature, 2020 version defined_by: https://w3c-ccg.github.io/ld-cryptosuite-registry/#ecdsasecp256k1recoverysignature2020 context: none - id: EcdsaSecp256k1RecoveryMethod2020 deprecated: true label: ecdsa-secp256k1 recovery method, 2020 version #upper_value: sec:Key defined_by: https://w3c-ccg.github.io/ld-cryptosuite-registry/#ecdsasecp256k1recoverymethod2020 context: none - id: MerkleProof2019 deprecated: true label: Merkle Proof defined_by: https://w3c-ccg.github.io/lds-merkle-proof-2019/ context: none - id: X25519KeyAgreementKey2019 deprecated: true label: X25519 Key Agreement Key, 2019 version #upper_value: sec:Key defined_by: https://w3c-ccg.github.io/security-vocab/#X25519KeyAgreementKey2019 context: none - id: Ed25519VerificationKey2018 deprecated: true label: ED2559 Verification Key, 2018 version defined_by: https://w3c-ccg.github.io/ld-cryptosuite-registry/#ed25519 #upper_value: sec:Key context: none - id: JsonWebKey2020 deprecated: true label: JSON Web Key, 2020 version #upper_value: sec:Key defined_by: https://w3c-ccg.github.io/security-vocab/#JsonWebKey2020 comment: A linked data proof suite verification method type used with `JsonWebSignature2020` context: none - id: JsonWebSignature2020 deprecated: true label: JSON Web Signature, 2020 version defined_by: https://w3c-ccg.github.io/security-vocab/#JsonWebSignature2020 context: none - id: BbsBlsSignature2020 deprecated: true label: BBS Signature, 2020 version defined_by: https://w3c-ccg.github.io/security-vocab/#BbsBlsSignature2020 context: none - id: BbsBlsSignatureProof2020 deprecated: true label: BBS Signature Proof, 2020 version defined_by: https://w3c-ccg.github.io/security-vocab/#BbsBlsSignatureProof2020 context: none - id: Bls12381G1Key2020 deprecated: true label: BLS 12381 G1 Signature Key, 2020 version #upper_value: sec:Key defined_by: https://w3c-ccg.github.io/security-vocab/#Bls12381G1Key2020 context: none - id: Bls12381G2Key2020 deprecated: true label: BLS 12381 G2 Signature Key, 2020 version #upper_value: sec:Key defined_by: https://w3c-ccg.github.io/security-vocab/#Bls12381G2Key2020 context: none property: - id: verificationMethod label: Verification method range: sec:VerificationMethod defined_by: https://www.w3.org/TR/cid-1.0/#dfn-verificationmethod see_also: - label: Decentralized Identifiers (DIDs) v1.0 url: https://www.w3.org/TR/did-core/#verification-methods context: [vocab, https://www.w3.org/ns/credentials/v2, https://www.w3.org/ns/cid/v1] - id: controller label: Controller domain: - sec:VerificationMethod - sec:ControlledIdentifierDocument range: IRI defined_by: https://www.w3.org/TR/cid-1.0/#defn-controller context: [https://w3id.org/security/multikey/v1, https://w3id.org/security/jwk/v1, https://www.w3.org/ns/did/v1, https://www.w3.org/ns/cid/v1] - id: proof label: Proof sets range: sec:ProofGraph defined_by: https://www.w3.org/TR/vc-data-integrity/#proof-sets context: [https://www.w3.org/ns/credentials/v2, vocab] - id: domain label: Domain of a proof domain: sec:Proof range: xsd:string defined_by: https://www.w3.org/TR/vc-data-integrity/#defn-domain context: [vocab, https://www.w3.org/ns/credentials/v2] - id: challenge label: Challenge of a proof domain: sec:Proof range: xsd:string defined_by: https://www.w3.org/TR/vc-data-integrity/#defn-challenge context: [vocab, https://www.w3.org/ns/credentials/v2] - id: previousProof label: Previous proof domain: sec:Proof range: sec:Proof defined_by: https://www.w3.org/TR/vc-data-integrity/#dfn-previousproof context: [vocab, https://www.w3.org/ns/credentials/v2] - id: proofPurpose label: Proof purpose domain: sec:Proof range: sec:VerificationRelationship defined_by: https://www.w3.org/TR/vc-data-integrity/#dfn-proofpurpose context: [vocab, https://www.w3.org/ns/credentials/v2] - id: proofValue label: Proof value domain: sec:Proof range: sec:multibase defined_by: https://www.w3.org/TR/vc-data-integrity/#dfn-proofvalue context: [vocab, https://www.w3.org/ns/credentials/v2] - id: created label: Proof creation time defined_by: https://www.w3.org/TR/vc-data-integrity/#dfn-created domain: sec:Proof range: xsd:dateTime - id: expiration label: Expiration time for a proof or verification method defined_by: [https://www.w3.org/TR/vc-data-integrity/#defn-proof-expires, https://www.w3.org/TR/cid-1.0/#defn-vm-expires] comment: Historically, this property has often been expressed using `expires` as a shortened term in JSON-LD. Since this shortened term and its mapping to this property are in significant use in the ecosystem, the inconsistency between the short term name (`expires`) and the property identifier (`...#expiration`) is expected and should not trigger an error. domain: - sec:Proof - sec:VerificationMethod range: xsd:dateTime context: [vocab, https://www.w3.org/ns/credentials/v2, https://www.w3.org/ns/cid/v1] - id: nonce label: Nonce supplied by proof creator defined_by: https://www.w3.org/TR/vc-data-integrity/#dfn-nonce domain: sec:Proof range: xsd:string context: [vocab, https://www.w3.org/ns/credentials/v2] - id: authentication label: Authentication method range: sec:VerificationMethod type: sec:VerificationRelationship defined_by: https://www.w3.org/TR/cid-1.0/#authentication context: [vocab, https://www.w3.org/ns/credentials/v2, https://www.w3.org/ns/did/v1, https://www.w3.org/ns/cid/v1] - id: assertionMethod label: Assertion method range: sec:VerificationMethod type: sec:VerificationRelationship defined_by: https://www.w3.org/TR/cid-1.0/#assertion context: [vocab, https://www.w3.org/ns/credentials/v2, https://www.w3.org/ns/did/v1, https://www.w3.org/ns/cid/v1] - id: capabilityDelegationMethod label: Capability delegation method range: sec:VerificationMethod type: sec:VerificationRelationship comment: Historically, this property has often been expressed using `capabilityDelegation` as a shortened term in JSON-LD. Since this shortened term and its mapping to this property are in significant use in the ecosystem, the inconsistency between the short term name (`capabilityDelegation`) and the property identifier (`...#capabilityDelegationMethod`) is expected and should not trigger an error. defined_by: https://www.w3.org/TR/cid-1.0/#capability-delegation context: [vocab, https://www.w3.org/ns/credentials/v2, https://www.w3.org/ns/did/v1, https://www.w3.org/ns/cid/v1] - id: capabilityInvocationMethod label: Capability invocation method range: sec:VerificationMethod type: sec:VerificationRelationship comment: Historically, this property has often been expressed using `capabilityInvocation` as a shortened term in JSON-LD. Since this shortened term and its mapping to this property are in significant use in the ecosystem, the inconsistency between the short term name (`capabilityInvocation`) and the property identifier (`...#capabilityInvocationMethod`) is expected and should not trigger an error. defined_by: https://www.w3.org/TR/cid-1.0/#capability-invocation context: [vocab, https://www.w3.org/ns/credentials/v2, https://www.w3.org/ns/did/v1, https://www.w3.org/ns/cid/v1] - id: keyAgreementMethod label: Key agreement protocols type: sec:VerificationRelationship range: sec:VerificationMethod comment: Historically, this property has often been expressed using `keyAgreement` as a shortened term in JSON-LD. Since this shortened term and its mapping to this property are in significant use in the ecosystem, the inconsistency between the short term name (`keyAgreement`) and the property identifier (`...#keyAgreementMethod`) is expected and should not trigger an error. defined_by: https://www.w3.org/TR/cid-1.0/#key-agreement context: [vocab, https://www.w3.org/ns/credentials/v2, https://www.w3.org/ns/did/v1, https://www.w3.org/ns/cid/v1] - id: cryptosuite label: Cryptographic suite domain: sec:DataIntegrityProof range: sec:cryptosuiteString defined_by: https://www.w3.org/TR/vc-data-integrity/#dfn-cryptosuite context: [vocab, https://www.w3.org/ns/credentials/v2] - id: publicKeyMultibase label: Public key multibase domain: sec:Multikey range: sec:multibase defined_by: https://www.w3.org/TR/cid-1.0/#dfn-publickeymultibase see_also: - label: multibase url: https://datatracker.ietf.org/doc/html/draft-multiformats-multibase-03 - label: multicodec url: https://github.com/multiformats/multicodec/blob/master/table.csv context: [https://w3id.org/security/multikey/v1, https://www.w3.org/ns/cid/v1] - id: secretKeyMultibase label: Secret key multibase domain: sec:Multikey range: sec:multibase defined_by: https://www.w3.org/TR/cid-1.0/#dfn-secretkeymultibase see_also: - label: multibase format url: https://datatracker.ietf.org/doc/html/draft-multiformats-multibase-03 - label: multicodec format url: https://github.com/multiformats/multicodec/blob/master/table.csv context: [https://w3id.org/security/multikey/v1, https://www.w3.org/ns/cid/v1] - id: publicKeyJwk label: Public key JWK range: rdf:JSON domain: sec:JsonWebKey defined_by: https://www.w3.org/TR/cid-1.0/#dfn-publickeyjwk see_also: - label: IANA JOSE url: https://www.iana.org/assignments/jose/jose.xhtml - label: RFC 7517 url: https://tools.ietf.org/html/rfc7517 context: [https://w3id.org/security/jwk/v1, https://www.w3.org/ns/cid/v1] - id: secretKeyJwk label: Secret key JWK range: rdf:JSON domain: sec:JsonWebKey defined_by: https://www.w3.org/TR/cid-1.0/#dfn-secretkeyjwk see_also: - label: IANA JOSE url: https://www.iana.org/assignments/jose/jose.xhtml - label: RFC 7517 url: https://tools.ietf.org/html/rfc7517 context: [https://w3id.org/security/jwk/v1, https://www.w3.org/ns/cid/v1] - id: revoked label: Revocation time range: xsd:dateTime defined_by: https://www.w3.org/TR/cid-1.0/#dfn-revoked domain: sec:VerificationMethod context: [https://w3id.org/security/jwk/v1, https://www.w3.org/ns/cid/v1, https://w3id.org/security/multikey/v1] - id: digestMultibase label: Digest multibase comment: (Feature at Risk) The Working Group is currently attempting to determine whether cryptographic hash expression formats can be unified across all of the VCWG core specifications. Candidates for this mechanism include `digestSRI` and `digestMultibase`. range: multibase defined_by: https://www.w3.org/TR/vc-data-integrity/#dfn-digestmultibase context: https://www.w3.org/ns/credentials/v2 # These are property specifications that have been defined in a CCG document and are in use; for the time being, these are considered as "reserved" - id: allowedAction label: Allowed action status: reserved defined_by: https://w3c-ccg.github.io/zcap-spec/#delegated-capability context: none - id: capabilityChain label: Capability chain status: reserved defined_by: https://w3c-ccg.github.io/zcap-spec/#delegation context: none - id: capabilityAction label: Capability action status: reserved defined_by: https://w3c-ccg.github.io/zcap-spec/#invoking-root-capability context: none - id: caveat label: Caveat status: reserved defined_by: https://w3c-ccg.github.io/zcap-spec/#caveats context: none - id: delegator label: Delegator status: reserved defined_by: https://w3c-ccg.github.io/zcap-spec/#delegation context: none - id: invocationTarget label: Invocation target status: reserved defined_by: https://w3c-ccg.github.io/zcap-spec/#root-capability context: none - id: invoker label: Invoker status: reserved defined_by: https://w3c-ccg.github.io/zcap-spec/#invocation context: none # These are the property definitions in the CCG documents that are not defined in the VCWG document; they are all deprecated - id: blockchainAccountId deprecated: true label: Blockchain account ID range: xsd:string defined_by: https://w3c-ccg.github.io/security-vocab/#blockchainAccountId context: none - id: ethereumAddress deprecated: true label: Ethereum address range: xsd:string defined_by: https://w3c-ccg.github.io/security-vocab/#ethereumAddress see_also: - label: EIP-55 url: https://eips.ethereum.org/EIPS/eip-55 - label: "Ethereum Yellow Paper: Ethereum: a secure decentralised generalised transaction ledger" url: https://ethereum.github.io/yellowpaper/paper.pdf context: none - id: publicKeyBase58 deprecated: true label: Base58-encoded Public Key #domain: sec:Key range: xsd:string defined_by: https://w3c-ccg.github.io/security-vocab/#publicKeyBase58 context: none - id: publicKeyPem deprecated: true label: Public key PEM #domain: sec:Key range: xsd:string defined_by: https://w3c-ccg.github.io/security-vocab/#publicKeyPem context: none - id: publicKeyHex deprecated: true label: Hex-encoded version of public Key #domain: sec:Key range: xsd:string defined_by: https://w3c-ccg.github.io/security-vocab/#publicKeyHex see_also: - label: rfc4648 url: https://tools.ietf.org/html/rfc4648#section-8 context: none - id: jws deprecated: true label: Json Web Signature defined_by: https://w3c-ccg.github.io/security-vocab/#jws see_also: - label: Detached JSON Web Signature url: https://tools.ietf.org/html/rfc7797 context: none individual: - id: PROOF_GENERATION_ERROR type: sec:ProcessingError label: Proof generation error defined_by: https://www.w3.org/TR/vc-data-integrity/#PROOF_GENERATION_ERROR context: none - id: PROOF_VERIFICATION_ERROR type: sec:ProcessingError label: Malformed proof defined_by: https://www.w3.org/TR/vc-data-integrity/#PROOF_VERIFICATION_ERROR context: none - id: PROOF_TRANSFORMATION_ERROR type: sec:ProcessingError label: Mismatched proof purpose defined_by: https://www.w3.org/TR/vc-data-integrity/#PROOF_TRANSFORMATION_ERROR context: none - id: INVALID_DOMAIN_ERROR type: sec:ProcessingError label: Invalid proof domain defined_by: https://www.w3.org/TR/vc-data-integrity/#INVALID_DOMAIN_ERROR context: none - id: INVALID_CHALLENGE_ERROR type: sec:ProcessingError label: Invalid challenge defined_by: https://www.w3.org/TR/vc-data-integrity/#INVALID_CHALLENGE_ERROR context: none - id: INVALID_VERIFICATION_METHOD_URL type: sec:ProcessingError label: Invalid verification method URL defined_by: https://www.w3.org/TR/cid-1.0/#INVALID_VERIFICATION_METHOD_URL context: none - id: INVALID_CONTROLLED_IDENTIFIER_DOCUMENT_ID type: sec:ProcessingError label: Invalid controlled identifier document id defined_by: https://www.w3.org/TR/cid-1.0/#INVALID_CONTROLLED_IDENTIFIER_DOCUMENT_ID context: none - id: INVALID_CONTROLLED_IDENTIFIER_DOCUMENT type: sec:ProcessingError label: Invalid controlled identifier document defined_by: https://www.w3.org/TR/cid-1.0/#INVALID_CONTROLLED_IDENTIFIER_DOCUMENT context: none - id: INVALID_VERIFICATION_METHOD type: sec:ProcessingError label: Invalid verification method defined_by: https://www.w3.org/TR/cid-1.0/#INVALID_VERIFICATION_METHOD context: none - id: INVALID_RELATIONSHIP_FOR_VERIFICATION_METHOD type: sec:ProcessingError label: Invalid relationship for verification method defined_by: https://www.w3.org/TR/cid-1.0/#INVALID_RELATIONSHIP_FOR_VERIFICATION_METHOD context: none datatype: - id: cryptosuiteString label: Datatype for cryptosuite Identifiers upper_value: xsd:string defined_by: https://www.w3.org/TR/vc-data-integrity/#cryptosuiteString - id: multibase label: Datatype for multibase values upper_value: xsd:string defined_by: https://www.w3.org/TR/cid-1.0/#multibase context: https://w3id.org/security/multikey/v1