[Openid-specs-ab] Issue #1334: Clarify in OIDC4VP that purpose of sending back id_token and VP is different (openid/connect)

Kristina Yasuda issues-reply at bitbucket.org
Wed Sep 8 21:48:10 UTC 2021


New issue 1334: Clarify in OIDC4VP that purpose of sending back id_token and VP is different
https://bitbucket.org/openid/connect/issues/1334/clarify-in-oidc4vp-that-purpose-of-sending

Kristina Yasuda:

There have been questions “why return ID Token when it is signed by the same user-controlled key as a Verifiable Presentation \(VP\) and the two seems duplicative”.

Suggest adding a text to OIDC4VP that clarifies that there are two functions in OpenID Connect, 1/ authentication of the user and 2/ return of the claims about the user. ID Token server the first purpose as an authentication receipt and VP serves the second purpose as a proof of possession of a third party attested claims.



More information about the Openid-specs-ab mailing list