[Openid-specs-ab] Relationship with Claims Aggregation Draft (was Re: Issue #1229: Adoption of the "OpenID Connect for W3C Verifiable Credential Objects" (openid/connect))

nadalin at prodigy.net nadalin at prodigy.net
Wed May 12 02:21:07 UTC 2021


I think at the top level there is a 100% overlap on transporting the claims, as this is what a presentation does 

-----Original Message-----
From: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> On Behalf Of Torsten Lodderstedt via Openid-specs-ab
Sent: Tuesday, May 11, 2021 8:22 AM
To: Nat Sakimura <nat at nat.consulting>
Cc: Torsten Lodderstedt <torsten at lodderstedt.net>; Nat <issues-reply at bitbucket.org>; Artifact Binding/Connect Working Group <openid-specs-ab at lists.openid.net>
Subject: Re: [Openid-specs-ab] Relationship with Claims Aggregation Draft (was Re: Issue #1229: Adoption of the "OpenID Connect for W3C Verifiable Credential Objects" (openid/connect))



> Am 11.05.2021 um 16:11 schrieb Nat Sakimura via Openid-specs-ab <openid-specs-ab at lists.openid.net>:
> 
> I am writing this to record what I and some WG members explained during the Monday call.
> 
> With regards to the Relationship with Claims Aggregation draft, what is stated below is not correct. The Claims Aggregation Draft actually talks about Authentication Requests and Responses in addition to the registration of the intermediate OP to the claims provider. 
> 
> If I understand correctly, Tobias has been looking into how to expand what is being written currently so that it can also express the VC and ZKP. 
> 
> I would like to ask the proposers to clarify this as a lot of this draft could potentially be merged into the Claims Aggregation draft as suggested by Tony etc. 

What do you think in the current proposal for Verifiable Credential Presentation overlaps with Claims Aggregation? 

I guess Tobias referred to the merging of the Credential Issuer Draft (different draft by Tobias and Adam https://mattrglobal.github.io/oidc-client-bound-assertions-spec/) with Claims Aggregation. 

> 
> Best,
> 
> Nat Sakimura
> 
> On Mon, May 10, 2021 at 9:39 PM Kristina Yasuda via Openid-specs-ab <openid-specs-ab at lists.openid.net> wrote:
> Thank you, Nat.
> 
> As promised, I wanted to outline the relationship between "OpenID 
> Connect for W3C Verifiable Credential Objects" (OIDC4VCO) draft and other existing drafts. (point 2 in this issue) ※ Note that there was a proposal to rename the draft  "OpenID Connect for W3C Verifiable Presentations", but I will use OIDC4VCO abbreviation for now.
> 
> 	• Relationship with OpenID Connect Core: OIDC4VCO uses mechanisms already defined in OIDC Core, and does not introduce any breaking changes.
> 	• Relationship with SIOP V2 draft: SIOP V2 draft will refer to the OIDC4VCO draft wrt how W3C verifiable presentations (VPs) can be transported using SIOP model, since OIDC4VCO draft defines a generic way how W3C VPs can be used with various OIDC flows including SIOP V2.
> 	• Relationship with Claims Aggregation draft (and Credential Provider draft once contributed): these drafts will be used by the OP to receive credentials from the Claims Provider, so that the OP will be able to present received credentials to the RP using OIDC4VCO draft. These drafts should be aligned as much as possible.
> 	• Relationship with DIF Presentation Exchange (PE) draft: DIF PE draft could be used as part of the request syntax in OIDC4VCO draf, which can be discussed once OIDC4VCO draft is adopted. DIF PE is a query language that is protocol agnostic, and it does not replace OIDC4VCO draft.
> This is an initial summary and additional input from the editors/working group is very welcome.
> 
> A work item to enable transporting W3C VPs using OpenID Connect, will most likely not be successful outside OpenID Foundation AB/C Working Group, because that is where the collective OpenID Connect expertise resides. 
> 
> Best,
> Kristina
> 
> 
> 差出人: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> が Nat 
> via Openid-specs-ab <openid-specs-ab at lists.openid.net> の代理で送信
> 送信日時: 2021年5月7日 0:55
> 宛先: openid-specs-ab at lists.openid.net 
> <openid-specs-ab at lists.openid.net>
> CC: Nat <issues-reply at bitbucket.org>
> 件名: [Openid-specs-ab] Issue #1229: Adoption of the "OpenID Connect for 
> W3C Verifiable Credential Objects" (openid/connect)
>  
> New issue 1229: Adoption of the "OpenID Connect for W3C Verifiable Credential Objects"
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitb
> ucket.org%2Fopenid%2Fconnect%2Fissues%2F1229%2Fadoption-of-the-openid-
> connect-for-w3c&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C5
> 46f6f574aa946624ea408d910a766d3%7C72f988bf86f141af91ab2d7cd011db47%7C1
> %7C0%7C637559134036105710%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAi
> LCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=v8JUcU
> VcU4A%2FlkpyB43J2%2B9DB9axNOyOGjmQAe5GU58%3D&reserved=0
> 
> Nat Sakimura:
> 
> SIOP SC recommended the adoption of “[OpenID Connect for W3C Verifiable Credential Objects](https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists.openid.net%2Fpipermail%2Fopenid-specs-ab%2Fattachments%2F20210505%2Fa198527a%2Fattachment-0001.pdf&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C546f6f574aa946624ea408d910a766d3%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637559134036105710%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=LdCCcQ1tptJ290hqLdPsJdDWACLjeswgOwEKvhBi%2FyM%3D&reserved=0)” \[1\] as a working group item. 
> 
> \[1\] 
> [https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Flist
> s.openid.net%2Fpipermail%2Fopenid-specs-ab%2Fattachments%2F20210505%2F
> a198527a%2Fattachment-0001.pdf&data=04%7C01%7CKristina.Yasuda%40mi
> crosoft.com%7C546f6f574aa946624ea408d910a766d3%7C72f988bf86f141af91ab2
> d7cd011db47%7C1%7C0%7C637559134036115666%7CUnknown%7CTWFpbGZsb3d8eyJWI
> joiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&a
> mp;sdata=38hwxalY%2FRk1ypItq%2Bnxnhd26OE4uUJ79XUm1T8DVNw%3D&reserv
> ed=0](https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2
> Flists.openid.net%2Fpipermail%2Fopenid-specs-ab%2Fattachments%2F202105
> 05%2Fa198527a%2Fattachment-0001.pdf&data=04%7C01%7CKristina.Yasuda
> %40microsoft.com%7C546f6f574aa946624ea408d910a766d3%7C72f988bf86f141af
> 91ab2d7cd011db47%7C1%7C0%7C637559134036115666%7CUnknown%7CTWFpbGZsb3d8
> eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1
> 000&sdata=38hwxalY%2FRk1ypItq%2Bnxnhd26OE4uUJ79XUm1T8DVNw%3D&r
> eserved=0)
> 
> Some concerns were expressed by a few WG members. 
> 
> This ticket is to give an opportunity for those members to express their concerns and proposers to reply to them. 
> 
> There are a few criteria for non-adoption of documents: namely
> 
> 1. If the draft does not fall into the scope of the WG. 
> 2. If the draft is overlapping with existing drafts, the technical content should be raised as an issue and eventually result in PR rather than starting a new draft. 
> 
>     1. NOTE: A non-overlapping portion can be made as an independent document so proposers should consider creating such. 
>     
> 3. If there is a legal or reputational risk for the OIDF in adopting 
> the document. \(The board may intervene on this ground.\)
> 
> If the issues are only on the technical nature of the proposed draft that does not fall into the above criteria, then, it should be dealt with during and after the adoption of the document. 
> 
>> 
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists
> .openid.net%2Fmailman%2Flistinfo%2Fopenid-specs-ab&data=04%7C01%7C
> Kristina.Yasuda%40microsoft.com%7C546f6f574aa946624ea408d910a766d3%7C7
> 2f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637559134036115666%7CUnknown
> %7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJ
> XVCI6Mn0%3D%7C1000&sdata=zj60E0N480Cv0Pqtne%2FbRk%2FOu8%2BJ8toFtZ6
> kNncNnHY%3D&reserved=0 
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
> 
> 
> --
> Nat Sakimura
> NAT.Consulting LLC
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://www.google.com/url?q=http://lists.openid.net/mailman/listinfo/
> openid-specs-ab&source=gmail-imap&ust=1621347127000000&usg=AOvVaw3Bh-F
> RqnYOtpjBVhuUTQkW

_______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs-ab




More information about the Openid-specs-ab mailing list