Image placement based on Type
24 views
Skip to first unread message
Excel
May 5, 2016, 7:19:47 AM5/5/16
to Open Badges Dev Group
Hello,
I am new to this topic and I am finding difficult to understand difference between Hosted and Signed assertions. I need to understand this concept with reference to backpack where the Digital Badge is stored. In my understanding,
Hosted badges will just have image residing on the backpack and it points to Assertion data stored in some host URL. The assertion will link to the badge class details and in turn points to issuer object.
In the case of signed badges, the Image along with the assertion object(baked into PNG) will be sitting in the backpack. The assertion object will once again points to the badge class object and which in turn points to issuer.
So,baking of badges is something associated with only signed assertion and is not done for hosted assertion. Please correct me If I am wrong.
Regarding the verification, who does this. Is this done when a digital badge is stored in Backpack by OBI or is it done by the consumer of the badge when he/she finds the badge interesting and wants to verify the information. Please clarify.
Regards,
Excel
I am new to this topic and I am finding difficult to understand difference between Hosted and Signed assertions. I need to understand this concept with reference to backpack where the Digital Badge is stored. In my understanding,
Hosted badges will just have image residing on the backpack and it points to Assertion data stored in some host URL. The assertion will link to the badge class details and in turn points to issuer object.
In the case of signed badges, the Image along with the assertion object(baked into PNG) will be sitting in the backpack. The assertion object will once again points to the badge class object and which in turn points to issuer.
So,baking of badges is something associated with only signed assertion and is not done for hosted assertion. Please correct me If I am wrong.
Regarding the verification, who does this. Is this done when a digital badge is stored in Backpack by OBI or is it done by the consumer of the badge when he/she finds the badge interesting and wants to verify the information. Please clarify.
Regards,
Excel
Oren Robinson
May 5, 2016, 6:43:13 PM5/5/16
to Excel, Open Badges Dev Group
Re: Baking and verification method
It's my understanding that neither of the two verification methods (hosted and signed) require an image or place special restrictions over image usage. In other worsd, an assertion can be embedded (baked) into an image regardless of it's verification method.
Re: Verification
Again, sorry I can't speak to Mozilla Backpack specifically, but in general, verification is a feature of all valid badge assertions, and can/should be done any time any stakeholder (i.e. earner, issuer, consumer) wants to use the badge.
--
You received this message because you are subscribed to the Google Groups "Open Badges Dev Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openbadges-de...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Excel
May 6, 2016, 6:55:30 AM5/6/16
to Open Badges Dev Group
Hello,
Backpack is mentioned only for reference and not exactly Mozilla Backpack. It just means badge hosting service.In that context how can it the two badges be viewed?
Regards,
Excel
Backpack is mentioned only for reference and not exactly Mozilla Backpack. It just means badge hosting service.In that context how can it the two badges be viewed?
Regards,
Excel
Oren Robinson
May 6, 2016, 11:51:58 AM5/6/16
to Excel, Open Badges Dev Group
Aside from technical differences in the creation of signed badges, the major difference between the two verification methods is that signed badges can provide more trust, if done correctly.
With "hosted" verification, a badge assertion JSON object is verified when the URL stored in plain text inside the assertion.verify.url property hosts a document identical to the assertion itself. There is no private/public key involved.
With "signed" verification, the assertion is a JSON web signature, verified when the public key stored in assertion.verify.url can unpack the JWS payload, signed by the issuers private key, and when the issuer hasn't revoked the badge.
More on creating signed badge assertions: https://github.com/mozilla/openbadges-backpack/wiki/Creating-Signed-Assertions
--
Excel
May 11, 2016, 9:01:27 AM5/11/16
to Open Badges Dev Group
Hello,
Thanks for the reply, I have few more queries, Please clarify...
1. Assertion is all JSON together ; Badge Assertion + Badge Class + Issuers + Extension, Please correct me if I am wrong.
2. In the Hosted Assertion, all the above JSON objects are hosted at a stable URL, If this is the case, are these three JSON's hosted at the issuer's place or in the Backpack? If it is in the backpack how does the issuer packs the JSON objects to be sent to issuer. Is it with the image?
3. In the above case and with your previous clarification, is it that the badge is baked with Badge assertion JSON as iTXt chunk. The text field in iTXt for hosted assertion as per the spec says that it should have Badge assertion. Hosted assertion as per above are all hosted in a stable URL, In this case does that mean that text field has one more copy of the same badge assertion and then points to its copy on the stable URL?
4. In the case of Signed assertion, the JWS payload has the Badge assertion in encrypted form which should be decrypted and then followed to badge class on the stable URL. Please correct me if I am wrong.
5. Is Badge Baking always essential for issuing Digital Badge?
Thanks for the reply, I have few more queries, Please clarify...
1. Assertion is all JSON together ; Badge Assertion + Badge Class + Issuers + Extension, Please correct me if I am wrong.
2. In the Hosted Assertion, all the above JSON objects are hosted at a stable URL, If this is the case, are these three JSON's hosted at the issuer's place or in the Backpack? If it is in the backpack how does the issuer packs the JSON objects to be sent to issuer. Is it with the image?
3. In the above case and with your previous clarification, is it that the badge is baked with Badge assertion JSON as iTXt chunk. The text field in iTXt for hosted assertion as per the spec says that it should have Badge assertion. Hosted assertion as per above are all hosted in a stable URL, In this case does that mean that text field has one more copy of the same badge assertion and then points to its copy on the stable URL?
4. In the case of Signed assertion, the JWS payload has the Badge assertion in encrypted form which should be decrypted and then followed to badge class on the stable URL. Please correct me if I am wrong.
5. Is Badge Baking always essential for issuing Digital Badge?
Regards,
Excel
On Thursday, May 5, 2016 at 4:49:47 PM UTC+5:30, Excel wrote:
Reply all
Reply to author
Forward
0 new messages