Supported Standards
Meeco is actively following and where possible contributing in standardisation efforts of the leading groups in the identity, personal data space. This page lists the currently supported standards within the platform.
Standard Bodies
Standards
| Component | Open Specifications / Standards | Standard Body |
|---|---|---|
Credential Data Model | W3C | |
Credential Data Format | JSON Web Token VC (JWT-VC) - signed as JWS (RFC7515) | W3C, IETF |
Credential Presentation | DIF | |
Credential Presentation Transfer Protocol | OIDF | |
Credential JSON Schema | W3C | |
DID Authentication | OIDF | |
Identifier Data Model | W3C | |
Entity Identifier (NP) | W3C | |
Entity Identifier (NP) | - | |
Entity Identifier (NP,LE) | EBSI | |
Entity Identifier (NP,LE) | HBAR | |
Entity Identifier (LE) | W3C | |
Revocation | DIF | |
M2M/User Authentication | The OAuth 2.0 Authorization Framework - Code flow, client credentials flow | IETF |
User Authentication | IETF |
Supported Algorithms
JWS Signature
Following key types are supported for JWS verification. The subset of supported "JWS Algorithms" are part of IANA - JSON Web Signature Algorithms registry.
| JWS Algorithm | Key Type |
|---|---|
ES256 | ECDSA using P-256 and SHA-256 |
ES256K | ECDSA using secp256k1 and SHA-256 |
EdDSA | EdDSA using Ed25519 and SHA-256 |
Master Encryption Key Algorithms
Following algorithms are supported when generating derived keys. Used as defined in NIST - Master Key.
| Key Type |
|---|
PBKDF2HMAC |
Key Encryption Algorithms
Following algorithms are supported when encrypting other keys at rest and in transit. Used as defined in NIST - Key-Encryption-Key.
| Key Type |
|---|
AES-256-GCM |
Keypairs
Following keypair algorithms are supported for exchanging keys between parties. Used as defined in NIST - Key pair.
| Key Type |
|---|
RSA-4096 |
Data Encryption Algorithms
Following algorithms are supported when encrypting data at rest and in transit. Used as defined in NIST - Data Encryption Key.
| Key Type |
|---|
AES-256-GCM |
Supported OAuth Authentication Flows
Following flows are supported by the platform.
OAuth Code Flow & PKCE
The Enterprise Portal uses a code flow in conjunction with Proof Key for Code Exchange (PKCE) for secure authentication of (admin)users logging into the portal.
Client Credentials Flow
Organisations building services on top of the SVX API can use the Enterprise Portal to create an application to enable machine to machine communication. The application allows access to a Client ID and Secret to perform the client credentials flow. The access token enables organisations to access the resources linked to that organisation.
Last updated