[Openid-specs-ab] SIOP call notes (2022-Mar-3) - Atlantic call @ 7AM PST

Kristina Yasuda Kristina.Yasuda at microsoft.com
Fri Mar 4 06:50:59 UTC 2022 

Rolson Quadras
Kenichi Nakamura
Torsten Lodderstedt
David Chadwick
Daniel Fett
Jeremie Miller
Jo Vercammen
Kristina Yasuda
Bjorn Hjelm
Juan Caballero
David Waite


- IPR reminder/recorded

- Introductions/re-introductions

- Agenda adopted
- PRs https://bitbucket.org/openid/connect/pull-requests/<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7Cbfadb5d4bdea4326234c08d9f72ecb1f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637812603666072417%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=l2Xi5XZbh1NZnRgvYi%2F8ZPn6V5II6CPbYpO07aQ6Tjo%3D&reserved=0>

  *   PR  #128 using scopes to request credentials [oidc4vci]

     *   Related issue #1441 - will be closed when the PR is merged

     *   agreed that as a starting point we should merge this PR given the following changes are made:

        *   no need to include openid_credential scope when the claims parameter is used. (we can add it later)
        *   There was consensus on the usage of openid_credential:<credential-type>

o   Comments made during the call are documented in the in-line comments in the PR diff.

  *   PR #134 - removing an option to submit a VP in Authorization Request [oidc4vci]

     *   Issue #1443: waiting for the Jer's review wrt whether Presentation during issuance is completely out of scope or not. It is currently not, because "wallet_identifier" parameter is defined in OIDC4VCI as a parameter to be passes in in-line presentation.
     *   Daniel F described that p_nonce is different from DPoP because there, server-provided nonce is bound to an existing session since client sends an authorization request, receives an error with a server-provided nonce so that a client can resend a request with the nonce.
     *   Kristina said that p_nonce might have evolved into a similar mechanism to DPoP, where the initial authorization request will throw an error.

  *   PR #133 - adding `jwt` as a proof type for holder binding [oidc4vci]

     *   We clarified that there are 5 options for a client to provide binding material for a requested credential:

        *   provide `sub_jwk`
        *   provide `did`
        *   provide `proof`

        *   provide `proof` along with `sub_jwk` or `did`

  *   Agreed to merge, once PR is updated to reflect those options.

  *   PR #107 - support for federation using termsofUse property

     *   Merged since JSON Schema validation passed, and Torsten updated federation-related text with the input from Roland.

     *   Issue #1341 - resolved
- Issues https://bitbucket.org/openid/connect/issues?status=new&status=open&component=SIOP&component=Verifiable%20Presentation&component=Credential%20Issuance<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%3Fstatus%3Dnew%26status%3Dopen%26component%3DSIOP%26component%3DVerifiable%2520Presentation%26component%3DCredential%2520Issuance&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7Cbfadb5d4bdea4326234c08d9f72ecb1f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637812603666072417%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=IfJtU3KeZWt9M2G4kvO4DdXqXB1vSxq6zDgFBOenqSI%3D&reserved=0>

  *   #1450

     *   Jeremie said that in-line presentation is out of scope of the issuance draft
     *   Kristina said that it is a very important use-case and splitting it our will hurt interoperability
     *   We did not reach consensus, people are encouraged to continue conversation in the issue.



Best,

Kristina




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220304/0fc41605/attachment.html>

More information about the Openid-specs-ab mailing list