[Openid-specs-ab] Issue #1264: Include input_descriptor `id` in OIDC4VP response and request (openid/connect)

nadalin at prodigy.net nadalin at prodigy.net
Fri Jul 9 02:35:15 UTC 2021


I really don't think we should be dealing with DIDs as this is a data model with no implementation facts behind the specification other that the data model has been implemented, we should do the exact same, allow for the data model and stop there, we should not worry about the keys or algorithms.

-----Original Message-----
From: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> On Behalf Of Kristina Yasuda via Openid-specs-ab
Sent: Thursday, July 8, 2021 1:53 PM
To: openid-specs-ab at lists.openid.net
Cc: Kristina Yasuda <issues-reply at bitbucket.org>
Subject: [Openid-specs-ab] Issue #1264: Include input_descriptor `id` in OIDC4VP response and request (openid/connect)

New issue 1264: Include input_descriptor `id` in OIDC4VP response and request https://bitbucket.org/openid/connect/issues/1264/include-input_descriptor-id-in-oidc4vp

Kristina Yasuda:

In DIF PE / OIDC4VP call, it was pointed out that with module-approach, it is acceptable not to use `presentation_submission` , but not including input\_descriptor.id in the response will prevent RP from knowing which VP is sent back in response to which input\_descriptor.

In[ example 9.1.2 in OIDC4VP](https://openid.net/specs/openid-connect-4-verifiable-presentations-1_0.html#name-authentication-response), this would mean adding verifiable\_presentation.id

```
{
  "kid": "did:ion:EiC6Y9_aDaCsITlY06HId4seJjJ...b1df31ec42d0",
  "typ": "JWT",
  "alg": "ES256K"
}.{
   "iss":"https://self-issued.me",
   "aud":"https://book.itsourweb.org:3000/client_api/authresp/uhn",
   "iat":1615910538,
   "exp":1615911138,
   "sub":"did:ion:EiC6Y9_aDaCsITlY06HId4seJjJ-9...mS3NBIn19",
   "auth_time":1615910535,
   "nonce":"960848874",
   "verifiable_presentations":[
      {
         "format":"vp_jwt",
         "id": "id_document_1"
         "presentation":"ewogICAgImlzcyI6Imh0dHBzOi8vYm9vay5pdHNvdXJ3ZWIub...IH0="
      }
   ],
   "sub_jwk":{
      "crv":"P-384",
      "kty":"EC",
      "kid": "c7298a61a6904426a580b1df31ec42d0",
      "x":"jf3a6dquclZ4PJ0JMU8RuucG9T1O3hpU_S_79sHQi7VZBD9e2VKXPts9lUjaytBm",
      "y":"38VlVE3kNiMEjklFe4Wo4DqdTKkFbK6QrmZf77lCMN2x9bENZoGF2EYFiBsOsnq0"
   }
}
```

Because the current request syntax in OIDC4VP does not use input\_descriptors \(I think it was paused before we agreed with the PE editors which direction PE spec editing will take place\), above change would mean below modification to the request syntax.

```
{
   "id_token":{
      "acr":null,
      "verifiable_presentations":{
         "input_descriptors": [
          {
            "id":"id_document_1",
            "credential_types":[
              {
               "type":"https://did.itsourweb.org:3000/smartcredential/Ontario-Driving-License"
              }
            ]
         },
         {
            "id":"utility_bil_1",
            "credential_types":[
              {
               "type":"https://did.itsourweb.org:3000/smartcredential/Electricity-Bill"
              }
            ]
          }            
        ]
      }
   }
}
```

Building up on Issue #1256 

‌

_______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs-ab



More information about the Openid-specs-ab mailing list