From 83153e6368c61786842d2e918bd1b0d240dd3a2e Mon Sep 17 00:00:00 2001
From: Manu Sporny <msporny@digitalbazaar.com>
Date: Sun, 19 Nov 2023 16:09:38 -0500
Subject: [PATCH 1/2] Add mechanism to embed enveloped VCs in VPs.

---
 index.html | 48 ++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 38 insertions(+), 10 deletions(-)

diff --git a/index.html b/index.html
index 35414a9d1..f1022a827 100644
--- a/index.html
+++ b/index.html
@@ -2022,11 +2022,11 @@ <h3>Securing Verifiable Credentials</h3>
         </p>
         <p>
 This specification recognizes two classes of securing mechanisms: those that use
-external proofs and those that use embedded proofs. An
-<dfn class="export">external proof</dfn> is one that wraps an expression of
+enveloping proofs and those that use watermarking proofs. An
+<dfn class="export">enveloping proof</dfn> is one that wraps an expression of
 this data model, such as via a JSON Web Token, which is elaborated on in the
 <em>Securing Verifiable Credentials using JOSE and COSE</em> [[VC-JOSE-COSE]] specification.
-An <dfn class="export">embedded proof</dfn> is a mechanism where the proof is
+An <dfn class="export">watermarking proof</dfn> is a mechanism where the proof is
 included in the data model, such as a Data Integrity Proof, which is elaborated
 on in <em>Verifiable Credential Data Integrity</em> [[VC-DATA-INTEGRITY]].
         </p>
@@ -2045,7 +2045,7 @@ <h3>Securing Verifiable Credentials</h3>
         </p>
         <p>
 Methods of securing <a>verifiable credentials</a> or <a>verifiable
-presentations</a> that use an external proof MAY use the <code>proof</code>
+presentations</a> that use an enveloping proof MAY use the <code>proof</code>
 <a>property</a>.
         </p>
         <dl>
@@ -2056,7 +2056,7 @@ <h3>Securing Verifiable Credentials</h3>
 the authorship of a <a>verifiable credential</a> or a <a>verifiable
 presentation</a>. Each proof is a separate <a>named graph</a>
 (referred to as a <dfn class="export">proof graph</dfn>) containing a single
-proof. The specific method used for an <a>embedded proof</a> MUST be identified
+proof. The specific method used for a <a>watermarking proof</a> MUST be identified
 using the <code>type</code> <a>property</a>.
             </p>
             <p>
@@ -2244,6 +2244,13 @@ <h3>Presentations</h3>
 verifiable credential graphs</a> in a cryptographically <a>verifiable</a> format.
 See Section <a href="#verifiable-credential-graphs"></a> for further details on
 this topic.
+          </dd>
+          <dt><var id="defn-envelopedVerifiableCredential">envelopedVerifiableCredential</var></dt>
+          <dd>
+The <code>envelopedVerifiableCredential</code> <a>property</a> MAY be present.
+The value MUST be an array of one or more <a>URLs</a> using the `data:` URL
+scheme where each value contains a <a>verifiable credential</a> that
+is secured using an <a>enveloping proof</a>.
           </dd>
           <dt><var id="defn-holder">holder</var></dt>
           <dd>
@@ -2278,7 +2285,8 @@ <h3>Presentations</h3>
         </dl>
 
         <p>
-The example below shows a <a>verifiable presentation</a>:
+The example below shows a <a>verifiable presentation</a> that uses
+<a>watermarking proofs</a>:
         </p>
 
         <pre class="example nohighlight" title="Basic structure of a presentation">
@@ -2304,6 +2312,26 @@ <h3>Presentations</h3>
 [[?VC-JOSE-COSE]] specification.
         </p>
 
+        <p>
+The example below shows a <a>verifiable presentation</a> that contains
+<a>verifiable credentials</a> that are protected using <a>enveloping proofs</a>:
+        </p>
+
+        <pre class="example nohighlight" title="A presentation that contains verifiable credentials secured using enveloping proofs">
+{
+  "@context": [
+    "https://www.w3.org/ns/credentials/v2",
+    "https://www.w3.org/ns/credentials/examples/v2"
+  ],
+  "id": "urn:uuid:5ec137ea-871e-11ee-a783-ef96a4397a9a",
+  "type": ["VerifiablePresentation", "ExamplePresentation"],
+  "envelopedVerifiableCredential": [
+    "data:application/jwt;base64,QzVjV...RMjUK==",
+    "data:application/cwt;base64,ZmlOW...pYzMK="
+ ]
+}
+        </pre>
+
         <section>
           <h4>Presentations Using Derived Credentials</h4>
 
@@ -2381,7 +2409,7 @@ <h4>Presentations Including Holder Claims</h4>
 mechanism as the <a>verifiable presentation</a>.
           </p>
 
-          <pre class="example nohighlight" title="A verifiable presentation, secured with an embedded proof, with a self-asserted verifiable credential">
+          <pre class="example nohighlight" title="A verifiable presentation, secured with a watermarking proof, with a self-asserted verifiable credential">
 {
   "@context": [
     "https://www.w3.org/ns/credentials/v2",
@@ -2408,7 +2436,7 @@ <h4>Presentations Including Holder Claims</h4>
 <a>verifiable presentation</a>.
           </p>
 
-          <pre class="example nohighlight" title="A verifiable presentation, secured with an embedded proof, with a self-asserted verifiable credential about the verifiable presentation">
+          <pre class="example nohighlight" title="A verifiable presentation, secured with a watermarking proof, with a self-asserted verifiable credential about the verifiable presentation">
 {
   "@context": [
     "https://www.w3.org/ns/credentials/v2",
@@ -6528,7 +6556,7 @@ <h2>application/vc+ld+json</h2>
         </p>
 
         <p>
-This media type can be used with credentials secured using an <a>external
+This media type can be used with credentials secured using an <a>enveloping
 proof</a>.
         </p>
         <p>
@@ -6590,7 +6618,7 @@ <h2>application/vp+ld+json</h2>
 
         <p>
 This media type can be used with presentations secured using an
-<a>external proof</a>.
+<a>enveloping proof</a>.
         </p>
         <p>
 A [[JSON-LD]] context is expected to be present in the body of the document, and

From 3ef9512dfd4e5c8836f2c988be1ce6d5df4e0448 Mon Sep 17 00:00:00 2001
From: Manu Sporny <msporny@digitalbazaar.com>
Date: Mon, 20 Nov 2023 09:26:04 -0500
Subject: [PATCH 2/2] Fix grammar on watermarking proof definition.

Co-authored-by: Dave Longley <dlongley@digitalbazaar.com>
---
 index.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.html b/index.html
index f1022a827..eab724f80 100644
--- a/index.html
+++ b/index.html
@@ -2026,7 +2026,7 @@ <h3>Securing Verifiable Credentials</h3>
 <dfn class="export">enveloping proof</dfn> is one that wraps an expression of
 this data model, such as via a JSON Web Token, which is elaborated on in the
 <em>Securing Verifiable Credentials using JOSE and COSE</em> [[VC-JOSE-COSE]] specification.
-An <dfn class="export">watermarking proof</dfn> is a mechanism where the proof is
+A <dfn class="export">watermarking proof</dfn> is a mechanism where the proof is
 included in the data model, such as a Data Integrity Proof, which is elaborated
 on in <em>Verifiable Credential Data Integrity</em> [[VC-DATA-INTEGRITY]].
         </p>