diff --git a/README.md b/README.md index 3c3a79a..ccb7872 100644 --- a/README.md +++ b/README.md @@ -92,15 +92,18 @@ EncryptionParamaters = { ### API - -One idea a new `CredentialRequest` (et al) +Add an Identity Managment API, which mirrors the Credential Managment API and add a `DocumentCredential` type to that extends Credential. ``` -dictionary CredentialElement { +partial interface Navigator { + [SecureContext, SameObject] readonly attribute CredentialsContainer identity; +}; + +dictionary DocumentCredentialElement { required DOMString namespace; // As defined in ISO 18013-5 clause 8. required DOMString name; }; -dictionary CredentialStorageDuration { +dictionary DocumentCredentialStorageDuration { // At least one of these is required. boolean forever; // Cannot be used with any other properties. @@ -108,32 +111,19 @@ dictionary CredentialStorageDuration { long days; // Cannot (currently) be used with any other properties. }; -dictionary CredentialDocumentDescriptor { +dictionary DocumentCredentialOptions { required DOMString documentType; // As defined in ISO 18013-5 clause 8. - required sequence requestedElements; + required sequence requestedElements; - CredentialStorageDuration desiredStorageDuration; // Not providing this is equivalent to not asking to store. + DocumentCredentialStorageDuration desiredStorageDuration; // Not providing this is equivalent to not asking to store. }; -dictionary CredentialDocument { +[Exposed=Window, SecureContext] +interface DocumentCredential : Credential { object data; // The CBOR encoded `CredentialDocument` defined above. }; -dictionary RequestConfiguration { - required DOMString nonce; -}; - -[ - SecureContext, - Exposed=Window, -] interface CredentialRequest { - constructor(DOMString requesterIdentity, CredentialDocumentDescriptor documentDescriptor); // This throws if anything in the `documentDescriptor` is not recognized (e.g. an invalid `documentType`). - - Promise requestDocument(RequestConfiguration configuration); - - Promise abort(); -}; ``` @@ -141,7 +131,7 @@ dictionary RequestConfiguration { ```js // Driver's License -let mDLCredentialRequest = new CredentialRequest(certificate, { +let options = { documentType: "org.iso.18013.5.1.mDL", requestedElements: [ { namespace: "org.iso.18013.5.1", name: "document_number" }, @@ -153,20 +143,22 @@ let mDLCredentialRequest = new CredentialRequest(certificate, { desiredStorageDuration: { days: 7, }, -}); -mDLCredentialRequest.request({ nonce }).then((credentialDocument) => { ... }); + nonce, +}; +navigator.identity.get({mdoc: options}).then((credentialDocument) => { ... }); ``` ```js // Vaccination Card -let micovCredentialRequest = new CredentialRequest(certificate, { +let options = { documentType: "org.micov.1", requestedElements: [ { namespace: "org.micov.attestation.1", name: "PersonId_dl" }, { namespace: "org.micov.attestation.1", name: "portrait" }, ], -}); -micovCredentialRequest.request({ nonce }).then((credentialDocument) => { ... }); + nonce, +}; +navigator.identity.get({mdoc: options}).then((credentialDocument) => { ... }); ```