Status Verification Policy Reference
This reference documents the credential status verification policy for the verifier service. The status policy checks if a credential has been revoked or suspended by the issuer after issuance.
Policy Overview
The status verification policy validates whether a credential is still valid according to the issuer by checking its status against a status list or other status verification mechanism. This ensures that credentials that have been revoked or suspended after issuance are properly identified during verification.
Supported Standards
The status verification policy supports credential status verification across multiple standards:
| Standard | Organization | Specification | Status Method | Validation Aspect |
|---|---|---|---|---|
| Bitstring Status List | W3C | Bitstring Status List v1.0 | Bitstring-based status list | Validates revocation and suspension status using compact binary encoding |
| ISO 18013-5 mDL | ISO | ISO 18013-5:2021 | mDL status verification | Verifies mobile driving license status per ISO standard |
| Status List 2021 | W3C | Status List 2021 | Encoded status list | Checks credential validity against a privacy-preserving status list |
| Verifiable Credentials Data Model v1.1 | W3C | VC Data Model §4.9 | credentialStatus property | Verifies credential has not been revoked or suspended by the issuer |
| Verifiable Credentials Data Model v2.0 | W3C | VC Data Model §4.10 | Updated status mechanism | Supports enhanced credential status verification methods |
Status Verification Process
When the verifier encounters a credential with a status entry, it performs the following steps:
- Identifies the status type from the credential's
credentialStatusproperty - Determines if the status type is supported
- Retrieves the status list credential from the specified URL
- Validates the status list credential's integrity
- Checks the credential's status at the specified index
- Returns appropriate result based on the status check and policy configuration
Configuration
The status verification policy offers various configuration options that control its behavior, including:
- Enabling or disabling status verification
- Handling credentials with missing status information
- Configuring behavior for unsupported status types
- Setting actions for each of the credential status types
For detailed configuration options, parameters, and default values, see the Verifier Configuration Reference.