[Openid-specs-ab] Issue #1692: [OIDC4VCI] Lack of explanation of nonce mechanim (openid/connect)
Daniel Fett
issues-reply at bitbucket.org
Tue Oct 25 09:56:13 UTC 2022
New issue 1692: [OIDC4VCI] Lack of explanation of nonce mechanim
https://bitbucket.org/openid/connect/issues/1692/oidc4vci-lack-of-explanation-of-nonce
Daniel Fett:
The current text first introduces how nonces are represented in proofs, then that sometimes a nonce is sent from the Issuer in the Credential Response, and then the error is introduced when the proof is missing.
The text needs a clear explanation of the underlying concept before the individual mechanisms are introduced. The current explanation is somewhat backwards and there is no guidance for clients how to deal with nonces. It is also implied, but not explained, that nonces can be replaced by fresh nonces.
More information about the Openid-specs-ab
mailing list