[Openid-specs-ab] Issue #1334: Clarify in OIDC4VP that purpose of sending back id_token and VP is different (openid/connect)
Kristina Yasuda
issues-reply at bitbucket.org
Wed Sep 8 21:48:10 UTC 2021
New issue 1334: Clarify in OIDC4VP that purpose of sending back id_token and VP is different
https://bitbucket.org/openid/connect/issues/1334/clarify-in-oidc4vp-that-purpose-of-sending
Kristina Yasuda:
There have been questions “why return ID Token when it is signed by the same user-controlled key as a Verifiable Presentation \(VP\) and the two seems duplicative”.
Suggest adding a text to OIDC4VP that clarifies that there are two functions in OpenID Connect, 1/ authentication of the user and 2/ return of the claims about the user. ID Token server the first purpose as an authentication receipt and VP serves the second purpose as a proof of possession of a third party attested claims.
More information about the Openid-specs-ab
mailing list