[Openid-specs-ab] Issue #1473: RP as synonym for wallet might be misleading (openid/connect)
Vittorio Bertocci
issues-reply at bitbucket.org
Wed Apr 6 22:22:52 UTC 2022
New issue 1473: RP as synonym for wallet might be misleading
https://bitbucket.org/openid/connect/issues/1473/rp-as-synonym-for-wallet-might-be
Vittorio Bertocci:
“RP” as a role predates both OIDC and OAuth, indicating an entity that consumes a token to identify a caller/grant access.
OAuth clients aren’t RPs, as they get tokens to gain access to other resources rather than consuming them themselves.
In OIDC client==RP, though- because the defining characteristic of OIDC, the idtoken, is indeed meant for consumption by the client itself, and often used as a factor in granting access, RP session creation etc.
In VC issuance, it would appear that the wallet behaves more closely to an OAuth client- offering the ability to ask, obtain \(and present\) credentials that are meant to be consumed by other entities \(verifiers\) rather than the client\(wallet\) itself.
As such, I feel that the \(client==RP\) notion in OIDC doesn't apply here, and calling the wallet RP is misleading for the reader familiar with existing literature.
More information about the Openid-specs-ab
mailing list