This is a feature proposal
Context
- Some documents issued may have expiry dates (e.g. trade related documents such as Certificate of Origin, CITES permits)
- expiry could be handled in one of two ways:
- leave it up to the consumer to know about the OA payload structure and implement it's own rules about expiry, or
- implement expiry at the OA wrapper layer
I'm raising this proposal under the assumption that, document expiry is general enough to qualify as something that might better be implemented at the OA layer, and that here (rather than as a document specific extension of this library) is a sensible place to do this.
Proposal
Implement a 'document_expired' verifier which returns a verifier status of INVALID for documents containing a payload with an expiry date in the past
Problems
How do we allow for the creation of a wrapped open attestation document containing a document expiry verifier fragment with an expiry date that does not diverge from an expiry date given by the raw payload?
let's say we have a document something like this:
{
"certificateOfOrigin":
{
"id": "1234567",
"issueDateTime": "2021-02-22T07:42:01.149943+00:00",
"name": "Certificate of Origin",
"expiryDate": "2021-02-22T00:00:00+00:00"
}
}and we want our wrapped document to contain a verifier fragment that allows the verifier to find and compare the expiryDate to current date to determine validity. How do we do that in a flexible way that does not impose limitations on the structure of raw documents?
perhaps the document expiry verifier fragment could contain a date format and json path expression to the payload element that represents the document's expiry date?
e.g. the fragment could look something like:
{
"expiry":
{
"path": "$certificateOfOrigin.expiryDate",
"format":"YYYY-MM-DDThh:mm:ss.TZD"
}
}
the verifier could then look at the path and format values, extract from the payload and compare to, what?
which brings me to...
How do verifiers determine the current datetime?
there might be multiple acceptable options. maybe the fragment could contain a method which could allow the verifier to determine the current date however it sees fit, or it may specify some mechanism like:
- look at the timestamp of the most recently mined ethereum block? (assuming we don't need to be very accurate for things like document expiry...)
- verifier uses own system time
- http://worldtimeapi.org/ or similar?
- some service stipulated by the document issuer in a similar manner to how renderers are referenced?
🤷♂️
This is a feature proposal
Context
I'm raising this proposal under the assumption that, document expiry is general enough to qualify as something that might better be implemented at the OA layer, and that here (rather than as a document specific extension of this library) is a sensible place to do this.
Proposal
Implement a 'document_expired' verifier which returns a verifier status of INVALID for documents containing a payload with an expiry date in the past
Problems
How do we allow for the creation of a wrapped open attestation document containing a document expiry verifier fragment with an expiry date that does not diverge from an expiry date given by the raw payload?
let's say we have a document something like this:
{ "certificateOfOrigin": { "id": "1234567", "issueDateTime": "2021-02-22T07:42:01.149943+00:00", "name": "Certificate of Origin", "expiryDate": "2021-02-22T00:00:00+00:00" } }and we want our wrapped document to contain a verifier fragment that allows the verifier to find and compare the
expiryDateto current date to determine validity. How do we do that in a flexible way that does not impose limitations on the structure of raw documents?perhaps the document expiry verifier fragment could contain a date format and json path expression to the payload element that represents the document's expiry date?
e.g. the fragment could look something like:
{ "expiry": { "path": "$certificateOfOrigin.expiryDate", "format":"YYYY-MM-DDThh:mm:ss.TZD" } }the verifier could then look at the path and format values, extract from the payload and compare to, what?
which brings me to...
How do verifiers determine the current datetime?
there might be multiple acceptable options. maybe the fragment could contain a method which could allow the verifier to determine the current date however it sees fit, or it may specify some mechanism like:
🤷♂️