[Openid-specs-ab] OID4VCI - credential request and credentialSubject request field
Pedro Felix
pedro.felix at curity.io
Mon Feb 6 16:04:52 UTC 2023
Hi,
For the *jwt_vc_json*, *jwt_vc_json-ld*, and* ldp_vc* types, the credential
request payload may contain a *credentialSubject* field.
Q1: This *credentialSubject* is in different locations on* jwt_vc_json* and
on *jwt_vc_json-ld*/*ldp_vc*, however I presume its meaning/semantics is
the same, right?
Q2: How should the credential issuer interpret that request field, if
present?
- Option A - it restricts the claims that should be in the issued
*VC.credentialSubject*, i.e., the issued VC can only have those claims (and
the *id* claim)?
- Option B - it defines the minimum set of claims that should be in the
issued *VC.credentialSubject*, i.e., the issued VC must have at least those
claims?
- Option C - it is used only to convey additional information about the
claims, however it doesn't define a minimum or a maximum set of claims?
This option doesn't work well with the spec examples, where no extra
information is provided (*"given_name": {}*)
In other words, given the example in the spec
{
"format": "jwt_vc_json",
"types": [
"VerifiableCredential",
"UniversityDegreeCredential"
],
* "credentialSubject": { "given_name": {}, "last_name": {},
"degree": {} },*
"proof": {
"proof_type": "jwt",
"jwt":"e...zM"
}
}
How should the credential issuer interpret the above credentialSubject?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20230206/5637c9c7/attachment-0001.html>
More information about the Openid-specs-ab
mailing list