Cryptographic algorithms
Regarding support for cryptographic algorithms, we are currently discussing what standards to use as references when deciding on specifications.
Reference: Consideration of specifying and recommending keys and algorithms in preparation for compromise.
Signature Algorithm
The signing algorithm used when verifying a signature MUST meet the following requirements:
The allowed list (validating side) is:
ES256(RECOMMENDED)ES384ES512PS256PS384PS512
You MUST support one of the signature algorithms included in these allowed lists.
Verifiers MUST refuse to verify with any signature algorithm not included in this allowed list.
We recommend ES256 as a good balance between performance and security, but do not prohibit the use of other signature algorithms.
Implementers are RECOMMENDED to periodically review algorithms and discontinue use of compromised algorithms.
For the time being, applications developed by the Originator Profile Collaborative Innovation Partnership (OP-CIP) will only support the ES256 signature algorithm.
Hash algorithm
Applications that comply with the OP's specifications MUST meet the following requirements for the hash algorithms used when generating and verifying the integrity property value of the CA's Content Integrity Descriptor and when generating and verifying the digestSRI property value of each VC.
Verifiers MUST support verification using SHA-256 hash values, and MAY support verification using SHA-384 and SHA-512 hash values.
Implementers should periodically review hash algorithms and avoid using compromised hash algorithms.
For the time being, applications developed by OP-CIP will only support the SHA-256 hash algorithm.