<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">Perhaps a demo of a working system
(with one wallet holding all the VCs) might be helpful for people
to visualise choosing between VCs. I put a video on youtube last
February which you can view here<br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"><a class="moz-txt-link-freetext" href="https://www.youtube.com/watch?v=w0FJayxCYwk">https://www.youtube.com/watch?v=w0FJayxCYwk</a></div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">This works with no changes needed to
the browser.<br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Kind regards</div>
<div class="moz-cite-prefix">David<br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">On 10/10/2021 04:39, Tom Jones wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAK2Cwb6Rq7ehY3Yrq8A8vy328VyE2d3tf_tMx_BKLfOXbRjdYA@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">I take the view that we create the chooser w/o any
new browser support and then work with one of the vendors to
create a proposal for changing the browser to make it work that
way. It is much easier to make a case if we know exactly what
it is that we want. I suspect it will be some combo of the p/w
manager and the protocol picker.
<div><br>
</div>
<div>I am not at all certain that anyone really understands what
a useful semantic will be. After all, we have had this
capability for over 20 years in xml and never make it truly
useful.</div>
<div><br>
</div>
<div><br clear="all">
<div>
<div dir="ltr" class="gmail_signature"
data-smartmail="gmail_signature">
<div dir="ltr">
<div><span style="background-color:rgb(242,242,242);color:rgba(0,0,0,0.9);font-family:-apple-system,system-ui,system-ui,"Segoe UI",Roboto,"Helvetica Neue","Fira Sans",Ubuntu,Oxygen,"Oxygen Sans",Cantarell,"Droid Sans","Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Lucida Grande",Helvetica,Arial,sans-serif;font-size:14px;white-space:pre-wrap">Be the change you want to see in the world </span>..tom</div>
</div>
</div>
</div>
<br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Sat, Oct 9, 2021 at 7:50 PM
David Waite <<a href="mailto:david@alkaline-solutions.com"
moz-do-not-send="true">david@alkaline-solutions.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="auto">The pr proposal i made would be that there can
be openid metadata defining capabilities, such as presenting
smart health cards or mdl, supporting different DID schemes,
etc.
<div><br>
</div>
<div>A wallet would choose which ones it supports. Some
issuers, like self-issued/v2, are self certifying while
others may be under a more controlled process.
Self-issued/v2 isn’t great for more complex queries like
presentation exchange, since you are now asking for
capabilities that weren’t required/specified in the base
metadata. </div>
<div><br>
</div>
<div>You say your app supports operation as a particular
issuer by catching the authorization_endpoint.</div>
<div><br>
</div>
<div>This still leaves the possibility that the underlying
platform or browser won’t present a multiple choice option
to the user (which we still need to work toward fixing
imho) but makes it far more likely that the request will
go to some piece of software designed to handle that type
of request or that vertical. </div>
<div><br>
<div dir="ltr">Sent from my iPhone</div>
<div dir="ltr"><br>
<blockquote type="cite">On Oct 9, 2021, at 10:34 AM, Tom
Jones via Openid-specs-ab <<a
href="mailto:openid-specs-ab@lists.openid.net"
target="_blank" moz-do-not-send="true">openid-specs-ab@lists.openid.net</a>>
wrote:<br>
<br>
</blockquote>
</div>
<blockquote type="cite">
<div dir="ltr">
<div dir="ltr">I understood and agreed with that up to
the part about Chooser selecting multiple wallets.
<div><br>
</div>
<div>Here is what I cannot get my head around. When
the client makes a request (JAR, whatever) that
involves creds in different wallets. How or who
decides the split - or does every wallet get the
entire request? But even then, where/how does the
response (the ID token) get created. Sending
separate ID tokens does not seem like a useful
solution to me. Altho perhaps a collection of ID
tokens might work if they all went in one packet.</div>
<div><br clear="all">
<div>
<div dir="ltr">
<div dir="ltr">
<div><span style="background-color:rgb(242,242,242);color:rgba(0,0,0,0.9);font-family:-apple-system,system-ui,system-ui,"Segoe UI",Roboto,"Helvetica Neue","Fira Sans",Ubuntu,Oxygen,"Oxygen Sans",Cantarell,"Droid Sans","Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Lucida Grande",Helvetica,Arial,sans-serif;font-size:14px;white-space:pre-wrap">Be the change you want to see in the world </span>..tom</div>
</div>
</div>
</div>
<br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Sat, Oct 9,
2021 at 3:05 AM David Chadwick <<a
href="mailto:d.w.chadwick@verifiablecredentials.info"
target="_blank" moz-do-not-send="true">d.w.chadwick@verifiablecredentials.info</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px
0px 0px 0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div>
<div><br>
</div>
<div>On 08/10/2021 21:44, Tom Jones wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">As Mike has noted earlier, the
wallet you describe needs to be the only
wallet that the user has on their device.
Very few of us believe that is possible,
unless some gigantic social media company
takes control. </div>
</blockquote>
<p>It is possible that Apple and Google wallets
will eventually become the only wallets that
people have on their smartphones. It is
likely, with mDL and their existing credit
card support, that this will leap frog them
into pole position. OTOH it is also possible
that federations will specify the wallets,
policies and VCs that they will accept within
their federation.<br>
</p>
<p>Until we have global dominance, it likely
that users will hold many different wallets as
you say. The SIOP (chooser) component will
need to pass the policy onto the different
wallets for them to satisfy components of
this. Having the same semantic policy encoded
in different syntaxes will enable different
proprietary wallets to interwork with the SIOP
chooser.</p>
<p>Kind regards</p>
<p>David<br>
</p>
<blockquote type="cite">
<div dir="ltr">The sorts of wallets that are
contemplated today cannot hope to handle
arbitrary credentials of the sorts that
users will need in their day-to-day life. My
own university tells me which wallet I can
use to hold my VC diploma. My state tells
me which wallets are trusted to hold my mDL.
<div><span style="background-color:rgb(242,242,242);color:rgba(0,0,0,0.9);font-family:-apple-system,system-ui,system-ui,"Segoe UI",Roboto,"Helvetica Neue","Fira Sans",Ubuntu,Oxygen,"Oxygen Sans",Cantarell,"Droid Sans","Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Lucida Grande",Helvetica,Arial,sans-serif;font-size:14px;white-space:pre-wrap">
</span></div>
<div><span style="background-color:rgb(242,242,242);color:rgba(0,0,0,0.9);font-family:-apple-system,system-ui,system-ui,"Segoe UI",Roboto,"Helvetica Neue","Fira Sans",Ubuntu,Oxygen,"Oxygen Sans",Cantarell,"Droid Sans","Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Lucida Grande",Helvetica,Arial,sans-serif;font-size:14px;white-space:pre-wrap"> </span>..tom<br>
<br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Fri,
Oct 8, 2021 at 12:07 PM David Chadwick via
Openid-specs-ab <<a
href="mailto:openid-specs-ab@lists.openid.net"
target="_blank" moz-do-not-send="true">openid-specs-ab@lists.openid.net</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div>
<div>I would like to discuss the
layering of OIDC with VCs, so that the
application layer would simply pass a
policy reference to the SIOP wallet
and the wallet would respond with a
(set of) VP(s), using the OIDC
protocol. Then the management layer on
top of this could define whatever
policies it wanted to for requesting
combinations of VCs, with or without
selective disclosure, so that
different federations with their own
wallets can implement their own
policies suitable for their
requirements.<br>
<br>
This will decouple OIDC from
presentation exchange (which in my
opinion is too complex for the
majority of use cases).</div>
<div><br>
</div>
<div>Comments?</div>
<div>Kind regards</div>
<div>David</div>
<div><br>
</div>
<div><br>
</div>
<div>On 08/10/2021 19:36, Mike Jones via
Openid-specs-ab wrote:<br>
</div>
<blockquote type="cite">
<div>
<p class="MsoNormal">I took the
action item to bring people’s
concerns about the paucity of
relevant IIW sessions to Phil
Windley’s attention. Both he and
Heidi essentially responded that
“It’s open space – make what you
want to have happen happen.”
Which is fair.</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">They suggested
that we use the IIW wiki pages <a
href="https://iiw.idcommons.net/IIW_33_Proposed_Topics" target="_blank"
moz-do-not-send="true">
https://iiw.idcommons.net/IIW_33_Proposed_Topics</a>
and <a
href="https://iiw.idcommons.net/IIW_33_Time_Zone_Session_Planning"
target="_blank"
moz-do-not-send="true">
https://iiw.idcommons.net/IIW_33_Time_Zone_Session_Planning</a>
to coordinate and schedule
clusters of sessions that we want
to see. They were supportive of
people trying to organize in
advance to get the most out of
IIW.</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">
-- Mike</p>
<p class="MsoNormal"> </p>
</div>
<br>
<fieldset></fieldset>
<pre>_______________________________________________
Openid-specs-ab mailing list
<a href="mailto:Openid-specs-ab@lists.openid.net" target="_blank" moz-do-not-send="true">Openid-specs-ab@lists.openid.net</a>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank" moz-do-not-send="true">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a>
</pre>
</blockquote>
<p>
<blockquote type="cite"><a class="moz-txt-link-freetext" href="https://www.youtube.com/watch?v=w0FJayxCYwk">https://www.youtube.com/watch?v=w0FJayxCYwk</a></blockquote>
<br>
</p>
</div>
_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a
href="mailto:Openid-specs-ab@lists.openid.net"
target="_blank" moz-do-not-send="true">Openid-specs-ab@lists.openid.net</a><br>
<a
href="http://lists.openid.net/mailman/listinfo/openid-specs-ab"
rel="noreferrer" target="_blank"
moz-do-not-send="true">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><br>
</blockquote>
</div>
</blockquote>
<p><br>
</p>
</div>
</blockquote>
</div>
<span>_______________________________________________</span><br>
<span>Openid-specs-ab mailing list</span><br>
<span><a
href="mailto:Openid-specs-ab@lists.openid.net"
target="_blank" moz-do-not-send="true">Openid-specs-ab@lists.openid.net</a></span><br>
<span><a
href="http://lists.openid.net/mailman/listinfo/openid-specs-ab"
target="_blank" moz-do-not-send="true">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a></span><br>
</div>
</blockquote>
</div>
</div>
</blockquote>
</div>
</blockquote>
<p><br>
</p>
</body>
</html>