[Openid-specs-ab] Contribution of the OpenID Connect Credential Provider Draft

Tobias Looker tobias.looker at mattr.global
Fri May 28 00:27:03 UTC 2021


Hi All,

The editors and I would like to contribute the attached draft "OpenID Connect Credential Provider" (hosted version available at https://mattrglobal.github.io/oidc-client-bound-assertions-spec/) as input into the ongoing work around OpenID Connect Claims Aggregation, SIOP and openid-connect-4-verifiable-presentations. The intent of the draft is the following:

  *   Define a new artifact for communicating End-User claims that is suitable for aggregation and indirect presentation to a relying party, we offer the term credential for this purpose in the draft.
  *   Define support for how different concrete expressions of these "credentials" can be supported, such as JWT or W3C Verifiable Credentials in JSON-LD form.
  *   Define how a party (we define as "Credential Holder") can request the "issuance" of a credential as a part of a normal OpenID Connect flow.
  *   Define how a "Credential Issuer" (defined in the draft) can bind a credential to the "Credential Holder" through cryptographic proof of possession.

Thanks,
Tobias
OpenID Connect Credential Provider<https://mattrglobal.github.io/oidc-client-bound-assertions-spec/>
OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables relying parties to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User. OpenID Providers today within OpenID Connect assume many roles, one of these is providing End-User claims to the ...
mattrglobal.github.io


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210528/2f163c71/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: oidc-credential-provider.md
Type: text/markdown
Size: 29058 bytes
Desc: oidc-credential-provider.md
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210528/2f163c71/attachment.bin>


More information about the Openid-specs-ab mailing list