[Openid-specs-ab] UserInfo Verifiable Credentials
Richard Barnes (richbarn)
richbarn at cisco.com
Mon Dec 12 23:01:09 UTC 2022
Hi everyone,
I’m Richard Barnes from Cisco. I’m new to OpenID, but might be familiar to some folks from the IETF, where I’ve worked on crypto things like TLS, MLS, and ACME (and JOSE back in the day).
I wanted to bring to the group some proposed new work on “UserInfo Verifiable Credentials” that I’ve been working on with Kristina Yasuda, Pieter Kasselman, and Morteza Ansari.
MD: https://github.com/bifurcation/userinfo-vc/blob/main/userinfo-vc.md
HTML: https://bifurcation.github.io/userinfo-vc
The high-level idea here is to take the OpenID for Verifiable Credential Issuance spec and give it the same level of easy interoperability as OpenID Connect. The generality of the VCI mechanism is powerful, but means the wallet and issuer need to agree on a bunch of details, each of which is a chance for interop failure.
Concretely, the proposal is to define a profile of VC and VCI that is tailored to OpenID Connect. A “UserInfo VC” carries the same claims that are provided by the UserInfo endpoint, wrapped as a VC. The issuance process is just VCI with certain knobs pre-set (e.g., proof of possession is always via a JWT).
We would love to see this work adopted by this WG. In any case, feedback welcome!
Thanks,
--Richard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20221212/ae40a022/attachment-0001.html>
More information about the Openid-specs-ab
mailing list