[Openid-specs-ab] Contribution of the OpenID Connect Credential Provider Draft

Torsten Lodderstedt torsten at lodderstedt.net
Wed Jun 30 10:05:44 UTC 2021


Hi Nat, 

may I ask you to add the question of how we proceed with credential issuance to the agenda of upcoming the OpenID AB/V Atlantic call?

best regards,
Torsten. 

> Am 30.06.2021 um 08:17 schrieb Torsten Lodderstedt <torsten at lodderstedt.net>:
> 
> Hi all, 
> 
> I support adoption of this draft by the WG. What is the next step?
> 
> best regards,
> Torsten. 
> 
>> Am 28.05.2021 um 02:27 schrieb Tobias Looker via Openid-specs-ab <openid-specs-ab at lists.openid.net <mailto:openid-specs-ab at lists.openid.net>>:
>> 
>> Hi All,
>> 
>> The editors and I would like to contribute the attached draft "OpenID Connect Credential Provider" (hosted version available at https://mattrglobal.github.io/oidc-client-bound-assertions-spec/ <https://www.google.com/url?q=https://mattrglobal.github.io/oidc-client-bound-assertions-spec/&source=gmail-imap&ust=1622766681000000&usg=AOvVaw3k8DEsQX7PQYsMOIguysJ4>) as input into the ongoing work around OpenID Connect Claims Aggregation, SIOP and openid-connect-4-verifiable-presentations. The intent of the draft is the following:
>> Define a new artifact for communicating End-User claims that is suitable for aggregation and indirect presentation to a relying party, we offer the term credential for this purpose in the draft.
>> Define support for how different concrete expressions of these "credentials" can be supported, such as JWT or W3C Verifiable Credentials in JSON-LD form.
>> Define how a party (we define as "Credential Holder") can request the "issuance" of a credential as a part of a normal OpenID Connect flow.
>> Define how a "Credential Issuer" (defined in the draft) can bind a credential to the "Credential Holder" through cryptographic proof of possession.
>> Thanks,
>> Tobias
>> OpenID Connect Credential Provider <https://www.google.com/url?q=https://mattrglobal.github.io/oidc-client-bound-assertions-spec/&source=gmail-imap&ust=1622766681000000&usg=AOvVaw3k8DEsQX7PQYsMOIguysJ4>
>> OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables relying parties to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User. OpenID Providers today within OpenID Connect assume many roles, one of these is providing End-User claims to the ...
>> mattrglobal.github.io <http://mattrglobal.github.io/>
>>>> 
>> <oidc-credential-provider.md>_______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net <mailto:Openid-specs-ab at lists.openid.net>
>> https://www.google.com/url?q=http://lists.openid.net/mailman/listinfo/openid-specs-ab&source=gmail-imap&ust=1622766681000000&usg=AOvVaw3yBCGxlLEEj_9ZqavFKtel <https://www.google.com/url?q=http://lists.openid.net/mailman/listinfo/openid-specs-ab&source=gmail-imap&ust=1622766681000000&usg=AOvVaw3yBCGxlLEEj_9ZqavFKtel>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210630/f9c1cf40/attachment-0001.html>


More information about the Openid-specs-ab mailing list