
<html>


<head>


<meta http-equiv="Content-Type" content="text/html; charset=utf-8">


<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>


</head>


<body dir="ltr">


<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">


<span style="color:black; font-family:Calibri,sans-serif">Justin Richer</span></div>


<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">


<span style="color:black; font-family:Calibri,sans-serif">Oliver Terbu</span></div>


<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">


<span style="color:black; font-family:Calibri,sans-serif">Dmitri Zagidulin</span></div>


<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">


<span style="color:black; font-family:Calibri,sans-serif">Adam Lemmon</span></div>


<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">


<span style="color:black; font-family:Calibri,sans-serif">Anthony Nadalin</span></div>


<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">


<span style="color:black; font-family:Calibri,sans-serif">David Waite</span></div>


<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">


<span style="color:black; font-family:Calibri,sans-serif">Stephane Durand</span></div>


<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">


<span style="color:black; font-family:Calibri,sans-serif">John Bradley</span></div>


<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">


<span style="color:black; font-family:Calibri,sans-serif">Alex Nennker</span></div>


<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">


<span style="color:black; font-family:Calibri,sans-serif">Bjorn Hjelm</span></div>


<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">


<span style="color:black; font-family:Calibri,sans-serif">Pamela Dingle</span></div>


<div style="font-size:12pt; color:rgb(0,0,0)"><font face="Calibri, sans-serif">Kristina Yasuda</font></div>


<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">


<span style="color:black; font-family:Calibri,sans-serif"> </span><br>


</div>


<div dir="ltr">


<div dir="ltr">


<div dir="ltr">


<div dir="ltr">


<div lang="JA" style="word-wrap:break-word">


<p class="x_x_x_x_x_MsoNormal" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; font-size:12pt; font-family:SimSun; background:white">


<span lang="EN-US" style="font-family:"Calibri",sans-serif; color:black">- IPR reminder </span></p>


<p class="x_x_x_x_x_MsoNormal" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; font-size:12pt; font-family:SimSun; background:white">


<span lang="EN-US" style="font-family:"Calibri",sans-serif; color:black">- Introductions/re-introductions</span></p>


<p class="x_x_x_x_x_MsoNormal" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; font-size:12pt; font-family:SimSun; background:white">


<span lang="EN-US" style="font-family:"Calibri",sans-serif; color:black">- <span class="x_x_x_x_x_marka6v39w0tx">Agenda</span> bashing/adoption</span></p>


<p class="x_x_x_x_x_MsoNormal" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; font-size:12pt; font-family:SimSun; background:white">


<span lang="EN-US" style="font-family:"Calibri",sans-serif; color:black">- Events/External orgs</span></p>


<p class="x_x_x_x_x_MsoNormal" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; font-size:12pt; font-family:SimSun; background:white">


<span lang="EN-US" style="font-family:"Calibri",sans-serif; color:black">     - DIF Presentation Exchange/OIDF WG update: <a href="https://github.com/decentralized-identity/presentation-exchange/issues" id="LPlnk">https://github.com/decentralized-identity/presentation-exchange/issues</a></span></p>


<p style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; font-size:12pt; font-family:SimSun; background:white">


   <span style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">- Main issues discussed are making presentation_defintion.id and presentation_submission optional; and how to communicate input_descriptor.id in the OIDC4VP response</span></p>


<p class="x_x_x_x_x_MsoNormal" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; font-size:12pt; font-family:SimSun; background:white">


<br>


</p>


<div class="x_x_x__Entity x_x_x__EType_OWALinkPreview x_x_x__EId_OWALinkPreview x_x_x__EReadonly_1">


</div>


<div><span style="color:black; font-family:Calibri,sans-serif">- PRs</span><br>


</div>


<ul type="disc" style="margin-bottom:0mm; margin-top:0mm">


<li style="margin:0mm 0mm 0mm 24pt; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<font face="Calibri, Arial, Helvetica, sans-serif" style="color:inherit; font-size:inherit; font-style:inherit; font-variant-ligatures:inherit; font-variant-caps:inherit; font-weight:inherit">SIOP V2 introduction and use-cases: </font><a href="https://bitbucket.org/openid/connect/pull-requests/41" id="LPlnk696300">https://bitbucket.org/openid/connect/pull-requests/41</a><br>


</li><ul>


<li style="margin:0mm 0mm 0mm 24pt; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<span style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">Agreed in spirit, editorial comments made</span></li></ul>


<li style="margin:0mm 0mm 0mm 24pt; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<span style="margin:0px; font-size:12pt; font-family:Calibri,Arial,Helvetica,sans-serif">Cross-device SIOP: </span><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F33&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C0e97c31cf7894a31be4508d950d34339%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637629690780989592%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Udb7XR5xVu18teMuq16%2FoLupOlijO5NlWL%2Fe%2Fd8HAnc%3D&reserved=0" shash="vCqgLcwKHIG6giZUEucI3FjfyJsUADlpo8p+mdnLQJov8Q7MulKymo+9VuigvrArJToyrfMUd9uiF5Pny4xDXoXb+T8RyDEUhY7Ayt7kanrZr9Tebr/haBTGjurRNbWKlUY5jFV5PYRr/mGD+gdq3NnYczLTbSuPF8EWgw/WAQ8=" style="margin:0px"><span style="margin:0px; font-size:12pt; font-family:Calibri,Arial,Helvetica,sans-serif">https://bitbucket.org/openid/connect/pull-requests/33</span></a></li><ul>


<li style="margin:0mm 0mm 0mm 24pt; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<span style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">Agreed to merge as a starting point, need to confirm with Mike</span></li></ul>


</ul>


</div>


<div lang="JA" style="word-wrap:break-word">


<p style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<span style="color:rgb(0,0,0); font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt"><br>


</span></p>


<p style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<span style="color:rgb(0,0,0); font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt">- Issues</span><br>


</p>


<ul type="disc" style="margin-bottom:0mm">


<li style="margin:0mm; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<span style=""><span lang="EN-US" style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">SIOP</span></span><span lang="EN-US" style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)"> V</span><span lang="EN-US" style="color:black; font-family:Calibri,sans-serif; font-size:12pt; background-color:white">2</span></li><ul>


<li style="margin:0mm; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<span style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">Client_id in SIOP V2 </span><a href="https://bitbucket.org/openid/connect/issues/1272/client-identifier-in-siop-when-the-dids" id="LPlnk" style="font-family:Calibri,sans-serif">https://bitbucket.org/openid/connect/issues/1272/client-identifier-in-siop-when-the-dids</a></li><ul>


<li style="margin:0mm; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">Dmitri, Oliver agreed with the proposal in the PR comment to re-use client_id to allow SIOP to verify the signed request</span></li><li style="margin: 0mm;"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">Justin advised WG to define error conditions that everybody is expected to test for, if WG were to rely on the resolvable URI. Cases


 such as valid URI but cannot fetch it, URI not resolvable, not a URI but can be resolved. This would help avoid creating holes in security expectations and increase interoperability. Should also have a way to differentiate SIOP-based log-in.</span></li><li style="margin: 0mm;"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">John pointed out that in SIOP V1, client_id had to match redirect_uri (was left unspecified)</span></li><li style="margin:0mm; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">DW pointed out that some of th</span><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">is sho</span><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">uld


 be defined by OpenID Federation as part of its aut</span><span style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">omatic</span><span style="font-size: 12pt; font-family: Calibri, Helvetica, sans-serif;"> registration: </span><a title="" href="https://openid.net/specs/openid-connect-federation-1_0.html#rfc.section.9.1" id="LPlnk"><span style="font-size: 12pt; font-family: Calibri, Helvetica, sans-serif;">https://openid.net/specs/openid-connect-federation-1_0.html#rfc.section.9.1</span></a></li><li style="display:block">


<div class="_Entity _EType_OWALinkPreview _EId_OWALinkPreview _EReadonly_1"></div>


</li><li style="display:block"><br>


</li></ul>


<li style="margin:0mm; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<span style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)"><span style="font-family:Calibri,sans-serif; background-color:rgb(255,255,255); display:inline!important">Security Considerations: <a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%2F1269%2Fadd-security-considerations-for-cross&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C0e97c31cf7894a31be4508d950d34339%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637629690781019460%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=okTAjch1DqHOvE3Su34gY%2FeU1sUryxrvS7FcBXlw%2FOA%3D&reserved=0" originalsrc="https://bitbucket.org/openid/connect/issues/1269/add-security-considerations-for-cross" shash="S1Jd6g5h/qYvvebL/jkrYk8vHmLiSajJhTY7l9yaqPV6DNqs+5rhWDa9VbhE2xGicJkDSi9iMAQXlXcSUOrb0HjQRfwc3N3CB8a6/AA5rlv9ExQ/vB4HTTqXHHiO8dcw06ShSVQ/1TQdaaH8Vd/r4kZyqqSRNyLJRavfrHsataM=" id="LPlnk">https://bitbucket.org/openid/connect/issues/1269/add-security-considerations-for-cross</a></span></span></li><ul>


<li style="margin:0mm; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<span style="color: rgb(0, 0, 0); font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt;">Stephane said that cross-device SIOP security considerations are out the reach of OIDC because they would involve external protocols, for example Kiosk use-case


 assumes physical presence of a user.</span><br>


</li><li style="margin:0mm; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<font face="Calibri, Arial, Helvetica, sans-serif">John agreed, but said that we need to be clear that there are secure and insecure ways of using those external protocols with SIOP, not to degrade people's confidence in SIOP. </font></li><ul>


<li style="margin:0mm; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<font face="Calibri, Arial, Helvetica, sans-serif">rather than distinguishing the use-cases bas</font><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">ed on where the RP is - kiosk or a browser - it could


 be separated based on the trust level: </span><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">1/ trust the RP completely (i</span><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">mplicit


 authentication); 2/ actual authentication where you have an account with an online service.</span></li></ul>


<li style="margin: 0mm;"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">Stephane pointed out that the trust framework can only vouch for a class of SIOP, not specific instance.</span></li><li style="margin: 0mm;"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">John questioned whether SIOP itself "authenticates" to the kiosk - authentication happen between SIOP on the device and the backend


 service, how the user gets a transitive property of the kiosk letting the user do something (ie establish an account) is outside SIOP.</span></li><li style="margin: 0mm;"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">We agreed that there are two systems - 1/between SIOP and backend; and 2/user and the kiosk, and that we don't really have ways


 to authenticate the latter securely. So it is not guaranteed that the user in front of the kiosk is the owner of the credential presented.</span></li><li style="margin: 0mm;"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">John suggested that to ensure that some transitive authentication is needed. With FIDO, it will look like: make a resident credential


 with the backend in the browser on your phone, use CABLE over BLE or local NW to do FIDO authentication from your phone through the terminal to authenticate you in that other session.<br>


</span></li><ul>


<li style="margin: 0mm;"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">Or in the presented credential contains</span><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">


 biometric data, kiosk can use local biometrics to scan your face or biometrics to match with the data in the credential</span></li></ul>


<li style="margin: 0mm;"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">We agreed to include these warnings related to the Kiosk use-case in SIOP security considerations.</span></li></ul>


</ul>


</ul>


<ul type="disc" style="margin-bottom:0mm">


<ul>


<li style="margin: 0mm;"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">successful client registration response: </span><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%2F1267%2Fsuccessful-client-registration-response&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C0e97c31cf7894a31be4508d950d34339%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637629690781009503%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=ZkaYOno%2Bf4Rj8H5TKJ0sdi21DJ63%2BHLCwjqcAjdYbWs%3D&reserved=0" shash="OM6nuqB2UW0ebhTd7qAYXy86m19FiARlrM8WQZdURk7LYfYMunaxLptfAW259LidxbBchHHdL0cbhhBuoobkIDbHbpWLn+1ubCUC9rOFoERnoxKDTwWCJ1UA3CgAZDSo6sPzpkv8hck+YgoHqAXO38dWptzQYmq0LFNxfarAoZs=" style="margin:0px"><span style="margin: 0px; font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">https://bitbucket.org/openid/connect/issues/1267/successful-client-registration-response</span></a><br>


</li><ul>


<li style="margin:0mm; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">John will take</span><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> a look</span></li></ul>


</ul>


<li style="margin: 0mm;"><span lang="EN-US" style="margin: 0px; font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">OIDC4VP</span></li><ul>


<li style="margin:0mm"><span style="margin: 0px;"><span style="margin: 0px; display: inline !important; font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">input_descriptor.id: </span><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%2F1264%2Finclude-input_descriptor-id-in-oidc4vp&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C0e97c31cf7894a31be4508d950d34339%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637629690780999546%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=MSBJBBQ8kf%2FiODK9S5D5ApbP01PrZmx7TY3ACzEFNdI%3D&reserved=0" shash="Z7cejNafVQJyL/P67tApejokIVYGaLPiwY4aM0jB0faZjEPo0aeCAHyiTO9nbenan4OefVVbLUqJ4sUYkNimy8L3jDjHq743NvOHTmr155Ah8RxnwSS1sdXCrTRSM9dglZsrD0d3LW++dkDALDWD6LBK0yHLWaISlSK4JO1D768=" style="margin:0px"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">https://bitbucket.org/openid/connect/issues/1264/include-input_descriptor-id-in-oidc4vp</span></a></span></li><ul>


<li style="margin:0mm"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">No one on the call was opposed to using input_descriptor.id as a way to differentiate VCs included in the response - the syntax how


 to pass these IDs in OIDC4VP without presentation_submission needs to be worked out</span></li></ul>


<li style="margin:0mm"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">Binding btw VC and VP: </span><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%2F1253%2Fthreat-analysis-for-binding-between-vc-and&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C0e97c31cf7894a31be4508d950d34339%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637629690781009503%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=NvQXwWhruS6FXXXqiB%2FEt2Fxdu93XxHdt13zaZIb7hQ%3D&reserved=0" shash="tIyBFm9ty7xEQGIDN9EZqPS38F/Xhg1SFzM9sVYsRER6iULiFo/YiNk+aU6v3vPnkcFWeK5Rvoik7Vpk11vpKW03QsmghQMyD+ae83FzM1P6qKB0dqv4Rb/ub1ItGVvGieuAYi1uRcU1cwG7U6qAc76l85EP+8gdKIPV/M+Qi+4=" style="margin:0px"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">https://bitbucket.org/openid/connect/issues/1253/threat-analysis-for-binding-between-vc-and</span></a></li><ul>


<li style="margin:0mm"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">vc-data-model specification does not require VC-VP binding to the same subject/SIOP holder</span></li><li style="margin:0mm"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">we discussed if there are use-cases that 1/ absolutely require VC-VP binding, or 2/ would be blocked if such binding will be mandatory</span></li><li style="margin:0mm"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">Dmitri suggested that sounds like current use-cases can be covered without mandating such binding</span><br>


</li><li style="margin:0mm"><span style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">user do not manage their own keys</span></li></ul>


</ul>


</ul>


<div><span style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)"></span></div>


<div>


<div class="x_x_x_x__Entity x_x_x_x__EType_OWALinkPreview x_x_x_x__EId_OWALinkPreview_1 x_x_x_x__EReadonly_1">


</div>


</div>


<p style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; background-image:initial; background-position:initial; background-size:initial; background-repeat:initial; background-attachment:initial; background-origin:initial; background-clip:initial">


<br>


</p>


<p class="x_x_x_x_x_MsoNormal" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; font-size:12pt; font-family:SimSun; background:white">


<span lang="EN-US" style="font-family:"Calibri",sans-serif; color:black">Best,</span></p>


<p class="x_x_x_x_x_MsoNormal" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; font-size:12pt; font-family:SimSun">


<span lang="EN-US" style="font-family:"Calibri",sans-serif; color:black">Kristina</span><span lang="EN-US" style="font-size:11.0pt; font-family:"Noto Sans CJK JP Medium",sans-serif; color:#4472C4"></span></p>


<p class="x_x_x_x_x_MsoNormal" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; font-size:12pt; font-family:SimSun">


<span lang="EN-US" style="font-size:11.0pt; font-family:"Noto Sans CJK JP Medium",sans-serif; color:#4472C4"> </span></p>


<p class="x_x_x_x_x_MsoNormal" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin:0mm; font-size:12pt; font-family:SimSun">


<span lang="EN-US" style="font-size:11.0pt; font-family:"Noto Sans CJK JP Medium",sans-serif; color:#4472C4"> <br>


<br>


</span></p>


</div>


</div>


</div>


</div>


</div>


</body>


</html>