[Openid-specs-ab] Contribution of the OpenID Connect Credential Provider Draft

Torsten Lodderstedt torsten at lodderstedt.net
Wed Jun 30 06:17:10 UTC 2021


Hi all, 

I support adoption of this draft by the WG. What is the next step?

best regards,
Torsten. 

> Am 28.05.2021 um 02:27 schrieb Tobias Looker via Openid-specs-ab <openid-specs-ab at lists.openid.net>:
> 
> Hi All,
> 
> The editors and I would like to contribute the attached draft "OpenID Connect Credential Provider" (hosted version available at https://mattrglobal.github.io/oidc-client-bound-assertions-spec/ <https://www.google.com/url?q=https://mattrglobal.github.io/oidc-client-bound-assertions-spec/&source=gmail-imap&ust=1622766681000000&usg=AOvVaw3k8DEsQX7PQYsMOIguysJ4>) as input into the ongoing work around OpenID Connect Claims Aggregation, SIOP and openid-connect-4-verifiable-presentations. The intent of the draft is the following:
> Define a new artifact for communicating End-User claims that is suitable for aggregation and indirect presentation to a relying party, we offer the term credential for this purpose in the draft.
> Define support for how different concrete expressions of these "credentials" can be supported, such as JWT or W3C Verifiable Credentials in JSON-LD form.
> Define how a party (we define as "Credential Holder") can request the "issuance" of a credential as a part of a normal OpenID Connect flow.
> Define how a "Credential Issuer" (defined in the draft) can bind a credential to the "Credential Holder" through cryptographic proof of possession.
> Thanks,
> Tobias
> OpenID Connect Credential Provider <https://www.google.com/url?q=https://mattrglobal.github.io/oidc-client-bound-assertions-spec/&source=gmail-imap&ust=1622766681000000&usg=AOvVaw3k8DEsQX7PQYsMOIguysJ4>
> OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables relying parties to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User. OpenID Providers today within OpenID Connect assume many roles, one of these is providing End-User claims to the ...
> mattrglobal.github.io <http://mattrglobal.github.io/>
>> 
> <oidc-credential-provider.md>_______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net <mailto:Openid-specs-ab at lists.openid.net>
> https://www.google.com/url?q=http://lists.openid.net/mailman/listinfo/openid-specs-ab&source=gmail-imap&ust=1622766681000000&usg=AOvVaw3yBCGxlLEEj_9ZqavFKtel <https://www.google.com/url?q=http://lists.openid.net/mailman/listinfo/openid-specs-ab&source=gmail-imap&ust=1622766681000000&usg=AOvVaw3yBCGxlLEEj_9ZqavFKtel>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210630/e67ec630/attachment.html>


More information about the Openid-specs-ab mailing list