[Openid-specs-ab] Issue #1517: Using ordinary global scopes instead of namespace'd scopes specific to OIDC4VC (openid/connect)
Tobias Looker
issues-reply at bitbucket.org
Thu Jun 2 22:46:23 UTC 2022
New issue 1517: Using ordinary global scopes instead of namespace'd scopes specific to OIDC4VC
https://bitbucket.org/openid/connect/issues/1517/using-ordinary-global-scopes-instead-of
Tobias Looker:
Currently the OpenID credential issuance spec offers a variation of the request that uses only scopes. However these scopes are structured in a way that has a pseudo-namespace style convention e.g `openid_credential:<credential-type>` which requires implementers to match and parse the scope value to extract the underlying credential type which then allows the provider to understand what credential type the client is requesting.
A simplified direction for this syntax would be to just support the credential type as the scope value instead of having the `openid_credential:` prefix. The only possible downside I see here is potential scope collision?
More information about the Openid-specs-ab
mailing list