Supported Standards

Meeco is actively following and where possible contributing in standardisation efforts of the leading groups in the identity, personal data space. This page lists the currently supported standards within the platform.

Standard Bodies

Standards

ComponentOpen Specifications / StandardsStandard Body

Credential Data Model

W3C

Credential Data Format

W3C, IETF

Credential Presentation

DIF

Credential Presentation Transfer Protocol

OIDF

Credential JSON Schema

W3C

DID Authentication

OIDF

Identifier Data Model

W3C

Entity Identifier (NP)

W3C

Entity Identifier (NP)

-

Entity Identifier (NP,LE)

EBSI

Entity Identifier (NP,LE)

HBAR

Entity Identifier (LE)

W3C

Revocation

DIF

M2M/User Authentication

The OAuth 2.0 Authorization Framework - Code flow, client credentials flow

IETF

User Authentication

IETF

Supported Algorithms

JWS Signature

Following key types are supported for JWS verification. The subset of supported "JWS Algorithms" are part of IANA - JSON Web Signature Algorithms registry.

JWS AlgorithmKey Type

ES256

ECDSA using P-256 and SHA-256

ES256K

ECDSA using secp256k1 and SHA-256

EdDSA

EdDSA using Ed25519 and SHA-256

Master Encryption Key Algorithms

Following algorithms are supported when generating derived keys. Used as defined in NIST - Master Key.

Key Type

PBKDF2HMAC

Key Encryption Algorithms

Following algorithms are supported when encrypting other keys at rest and in transit. Used as defined in NIST - Key-Encryption-Key.

Key Type

AES-256-GCM

Keypairs

Following keypair algorithms are supported for exchanging keys between parties. Used as defined in NIST - Key pair.

Key Type

RSA-4096

Data Encryption Algorithms

Following algorithms are supported when encrypting data at rest and in transit. Used as defined in NIST - Data Encryption Key.

Key Type

AES-256-GCM

Supported OAuth Authentication Flows

Following flows are supported by the platform.

OAuth Code Flow & PKCE

The Enterprise Portal uses a code flow in conjunction with Proof Key for Code Exchange (PKCE) for secure authentication of (admin)users logging into the portal.

Client Credentials Flow

Organisations building services on top of the SVX API can use the Enterprise Portal to create an application to enable machine to machine communication. The application allows access to a Client ID and Secret to perform the client credentials flow. The access token enables organisations to access the resources linked to that organisation.

Last updated