Standards
The Vidos validator service provides comprehensive support for validating credentials and presentations across multiple standards organizations and specifications. This reference document catalogs the supported standards, their key features, and associated validation policies.
Each standard entry includes:
- Policies: Links to applicable validation policies
- Reference: Official specification link
- Summary: Brief description of the standard’s purpose and benefits
- Details: Technical specifications and implementation notes where applicable
The validator implements the following industry standards:
DIF Standards
Section titled “DIF Standards”Decentralized Credential Query Language (DCQL)
Section titled “Decentralized Credential Query Language (DCQL)”Policies: credentialQuery
Reference: DIF Decentralized Credential Query Language
Summary: A flexible query language for requesting specific credential data with support for selective disclosure, allowing verifiers to request only the information they need while preserving holder privacy.
DCQL supports multiple credential formats:
- W3C Verifiable Credentials (JSON-LD and JWT)
- SD-JWT Verifiable Credentials
- ISO 18013-5 mDL (mso_mdoc)
The validator evaluates DCQL queries by:
- Parsing and validating the DCQL query syntax
- Creating credential presentations from submitted credentials
- Evaluating whether the presentation can satisfy the query requirements
- Supporting selective disclosure for privacy-preserving verification
Presentation Exchange v2.0
Section titled “Presentation Exchange v2.0”Policies: credentialQuery
Reference: DIF Presentation Exchange v2.0
Summary: A protocol for defining and requesting credential presentations through presentation definitions and submission formats, enabling standardized credential exchange flows.
The validator implements full Presentation Exchange validation:
- Presentation Definition validation - Ensures definitions are well-formed
- Presentation Submission validation - Validates submission structure and format
- Presentation evaluation - Uses the PEX library to verify presentations satisfy definitions
- Warning handling - Processes evaluation warnings based on configuration
Supports multiple credential formats within presentation definitions:
- W3C Verifiable Credentials
- JWT-based credentials
- SD-JWT credentials
- ISO 18013-5 mDL
IETF Standards
Section titled “IETF Standards”SD-JWT Verifiable Credentials
Section titled “SD-JWT Verifiable Credentials”Policies: credentialFormat, credentialQuery, trustedIssuer
Reference: IETF SD-JWT-based Verifiable Credentials
Summary: Selective Disclosure JWT-based verifiable credentials that enable privacy-preserving credential presentations by allowing holders to disclose only specific claims while maintaining cryptographic integrity.
The validator provides comprehensive SD-JWT VC support:
- Format validation - Validates SD-JWT structure and disclosure format
- Query satisfaction - Supports SD-JWT VCs in DCQL and DIF PE queries
- Trusted issuer validation - Validates issuer certificates through x5c header parameter
- Selective disclosure - Processes disclosed and undisclosed claims appropriately
ISO Standards
Section titled “ISO Standards”ISO 18013-5:2021 Mobile Driving License (mDL)
Section titled “ISO 18013-5:2021 Mobile Driving License (mDL)”Policies: credentialFormat, credentialQuery, trustedIssuer
Reference: ISO 18013-5:2021
Summary: International standard for mobile driving licenses stored on mobile devices, providing secure and privacy-preserving verification of driving privileges with support for selective data disclosure.
The validator implements comprehensive mDL support:
- Format validation - Validates mDL document structure and CBOR encoding
- Device request validation - Validates device requests against mDL content
- Certificate chain validation - Verifies issuer authentication using Auth0 mDL verifier
- Data element validation - Ensures requested data elements are present in mDL
- Version compatibility - Validates mDL version matches device request requirements
ISO 18013-5 Device Request
Section titled “ISO 18013-5 Device Request”Policies: credentialQuery
Reference: ISO 18013-5:2021 Device Request
Summary: Standardized format for requesting specific data elements from mobile driving licenses, enabling privacy-preserving verification by requesting only necessary information.
The validator processes device requests by:
- CBOR decoding - Decodes base64url-encoded device request
- Version validation - Ensures mDL version compatibility
- Data element validation - Verifies all requested data elements are present
- Multiple document support - Handles requests for multiple document types
- Namespace validation - Validates data elements within appropriate namespaces
W3C Standards
Section titled “W3C Standards”Verifiable Credentials Data Model v1.1
Section titled “Verifiable Credentials Data Model v1.1”Policies: credentialFormat, credentialQuery
Reference: W3C Verifiable Credentials Data Model v1.1
Summary: Core data model defining how credentials can be made cryptographically verifiable, machine-readable, and privacy-respecting, providing the foundation for interoperable credential systems.
The validator supports W3C VC v1.1 through:
- Format validation - Validates credential structure and required fields
- JSON-LD processing - Handles JSON-LD contexts and linked data
- Query compatibility - Supports W3C VCs in DCQL and DIF PE queries
- Presentation validation - Validates verifiable presentations containing W3C VCs
Verifiable Credentials Data Model v2.0
Section titled “Verifiable Credentials Data Model v2.0”Policies: credentialFormat, credentialQuery
Reference: W3C Verifiable Credentials Data Model v2.0
Summary: Updated core data model with enhanced proof mechanisms, improved privacy features, and broader compatibility with different cryptographic suites and verification methods.
Enhanced features in v2.0 support:
- Updated JSON-LD contexts - Improved context structure and processing
- Enhanced proof mechanisms - Better support for data integrity proofs
- Improved status methods - Enhanced credential status verification
- Query compatibility - Full support in DCQL and DIF PE validation
JSON-LD 1.1
Section titled “JSON-LD 1.1”Policies: credentialFormat
Reference: W3C JSON-LD 1.1
Summary: JSON-based linked data format enabling semantic interoperability and machine-readable credential data with standardized context processing.
The validator processes JSON-LD through:
- Context resolution - Resolves and validates @context values
- Semantic validation - Ensures proper linked data structure
- Compatibility - Supports JSON-LD in W3C VCs and presentations
- Processing - Handles JSON-LD expansion and compaction as needed
AAMVA Standards
Section titled “AAMVA Standards”VICAL (Verifiable Issuer CA List)
Section titled “VICAL (Verifiable Issuer CA List)”Policies: trustedIssuer
Reference: AAMVA VICAL Specification
Summary: A COSE-signed certificate list format for distributing trusted certificate authorities in a verifiable manner, enabling dynamic trust anchor distribution for mobile driving licenses.
The validator implements VICAL support through:
- COSE signature verification - Validates VICAL integrity using COSE signatures
- Certificate extraction - Extracts CA certificates from VICAL payload
- Trust validation - Validates VICAL against configured trusted certificates
- URL-based resolution - Fetches VICAL from URLs with intelligent caching
- Caching optimization - Caches VICAL data based on nextUpdate field
VICAL features:
- Dynamic trust anchors - Allows dynamic updating of trusted certificate authorities
- Signature verification - Ensures VICAL authenticity and integrity
- Metadata support - Includes version, provider, and update information
- Performance optimization - Efficient caching reduces network requests
JWT Standards
Section titled “JWT Standards”JSON Web Token (JWT)
Section titled “JSON Web Token (JWT)”Policies: credentialFormat, credentialQuery
Reference: IETF RFC 7519 - JSON Web Token
Summary: Compact, URL-safe token format for representing claims between parties, commonly used as a container format for verifiable credentials.
The validator supports JWT-based credentials:
- Structure validation - Validates JWT header, payload, and signature format
- Nested credential extraction - Extracts verifiable credentials from JWT VPs
- Query compatibility - Supports JWT credentials in DCQL and DIF PE
- Format detection - Automatically detects JWT-based credential formats
Standards Support Matrix
Section titled “Standards Support Matrix”The validator’s policy support across standards:
| Standard | Credential Format | Credential Query | Trusted Issuer | Notes |
|---|---|---|---|---|
| W3C VC Data Model v1.1 | ✅ | ✅ | ❌ | Full support for JSON-LD and JWT formats |
| W3C VC Data Model v2.0 | ✅ | ✅ | ❌ | Enhanced features and proof mechanisms |
| IETF SD-JWT VC | ✅ | ✅ | ✅ | Selective disclosure with x5c validation |
| ISO 18013-5 mDL | ✅ | ✅ | ✅ | Mobile driving license with full validation |
| DIF Presentation Exchange | ✅ | ✅ | ❌ | Presentation definition validation |
| DCQL | ✅ | ✅ | ❌ | Flexible credential query language |
| JWT | ✅ | ✅ | ❌ | Token-based credential container |
| AAMVA VICAL | ❌ | ❌ | ✅ | Certificate authority list management |