Consider whether to return status list credential from `checkStatus()`

[dlongley]

Right now we only return verified. We might want to return the status list credential as well as meta data.

[kezike]

Hi @dlongley! Along these lines, is checkStatus supposed to report useful information about the credential status? I had assumed that this method would report whether the credential has been revoked (similar to the getStatus method on StatusList)? However, we only get back a response with a boolean-valued verified property, which doesn't seem to change after a credential has been revoked. Is this the intended behavior? Is it possible we could get more rich data that a client of vc-js could use to determine if the credential status has changed since issuance?

(Tagging @dmitrizagidulin, who may find this discussion relevant for our work with DCC)

[dlongley]

@kezike,

However, we only get back a response with a boolean-valued verified property, which doesn't seem to change after a credential has been revoked. Is this the intended behavior?

No, it sounds like a problem somewhere. The code here looks like it's meant to return verified: false if the status bit is set:

vc-status-list/lib/index.js

Line 255 in cd0f268

const verified = !list.getStatus(index);

Along these lines, is checkStatus supposed to report useful information about the credential status?

Well, that's an open question! :) ... and related to what this issue is about. It's not clear how much information can / should be returned. The more information there is, the more helpful it might be to validation services, but also the harder it may be to implement and get interop.

Is it possible we could get more rich data that a client of vc-js could use to determine if the credential status has changed since issuance?

It would be good to have use cases like this. I'm not sure if we'd have enough information to be able to handle the above use case specifically... as it seems like you'd need to have stored state over time so you could look for changes (if I understand the use case properly).

[kezike]

Hey @dlongley! Thanks for the explanation.

No, it sounds like a problem somewhere. The code here looks like it's meant to return verified: false if the status bit is set:

Strangely, after stepping away for a bit and changing nothing, I see that the verified property of the checkStatus result for a revoked credential is now false (as expected). I wonder if the status list is getting cached by the document loader 🤔 In any event, this issue is probably out of scope for vc-status-list.

Well, that's an open question! :) ... and related to what this issue is about. It's not clear how much information can / should be returned. The more information there is, the more helpful it might be to validation services, but also the harder it may be to implement and get interop.

I was confused when I asked this question. I was wondering if checkStatus was only be returning the same verification boolean result as the core vc-js library does (which didn't make sense to me). I now understand that this is not the case!

It would be good to have use cases like this. I'm not sure if we'd have enough information to be able to handle the above use case specifically... as it seems like you'd need to have stored state over time so you could look for changes (if I understand the use case properly).

When I asked this question, I simply wanted to know if checkStatus could report whether a status bit has been set. I now see that it is already doing this via the verified property.

Thanks again for your patient support @dlongley!