<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:"Yu Gothic";
panose-1:2 11 4 0 0 0 0 0 0 0;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"\@Yu Gothic";
panose-1:2 11 4 0 0 0 0 0 0 0;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
font-size:10.0pt;
font-family:"Courier New";}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle24
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:726026117;
mso-list-template-ids:106097882;}
@list l0:level1
{mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level2
{mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level3
{mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level4
{mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level5
{mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level6
{mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level7
{mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level8
{mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level9
{mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1
{mso-list-id:1856725341;
mso-list-template-ids:-385860878;}
@list l1:level1
{mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level2
{mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level3
{mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level4
{mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level5
{mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level6
{mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level7
{mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level8
{mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level9
{mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Hi David, <o:p></o:p></p>
<p class="MsoNormal">Thank you for the correction. Appreciate it.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Tim,<o:p></o:p></p>
<p class="MsoNormal">Let’s make it a formal agenda in a SIOP call next week (7am PST).<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Cheers,<o:p></o:p></p>
<p class="MsoNormal">Kristina<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Tim Cappalli <Tim.Cappalli@microsoft.com> <br>
<b>Sent:</b> Friday, March 11, 2022 8:38 AM<br>
<b>To:</b> Artifact Binding/Connect Working Group <openid-specs-ab@lists.openid.net>; Kristina Yasuda <Kristina.Yasuda@microsoft.com><br>
<b>Cc:</b> David Chadwick <d.w.chadwick@verifiablecredentials.info><br>
<b>Subject:</b> Re: [Openid-specs-ab] Spec Call/SIOP Call Notes 11-Mar-22<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">We should discuss this more. I would caution assuming that future CTAP features will solve your cross-device PoP use case as there is no guarantee of holder, wallet, or hardware binding.
<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a id="OWAAMA0D700D496ABD14C8435004522AA1414" href="mailto:Kristina.Yasuda@microsoft.com"><span style="font-family:"Calibri",sans-serif;text-decoration:none">@Kristina Yasuda</span></a> will this be a formal agenda item in the future? Happy
to discuss more if I know when the meeting will be (not trying to discuss on this specific thread).<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">tim<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-bottom:12.0pt"><b><span style="font-size:12.0pt;color:black">From:
</span></b><span style="font-size:12.0pt;color:black">Openid-specs-ab <<a href="mailto:openid-specs-ab-bounces@lists.openid.net">openid-specs-ab-bounces@lists.openid.net</a>> on behalf of David Chadwick via Openid-specs-ab <<a href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a>><br>
<b>Date: </b>Friday, March 11, 2022 at 07:18<br>
<b>To: </b><a href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a> <<a href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a>><br>
<b>Cc: </b>David Chadwick <<a href="mailto:d.w.chadwick@verifiablecredentials.info">d.w.chadwick@verifiablecredentials.info</a>><br>
<b>Subject: </b>Re: [Openid-specs-ab] Spec Call/SIOP Call Notes 11-Mar-22<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal">Hi Kristina<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> can I add a correction to the minutes please. Instead of<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">David C. described how in their implementation user sets up a WebAuthn connection with the issuer using the wallet. Ie user uses WebAuthn to log in on device A using device B, so that the Issuer can recognize device B later in the issuance
flow<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">it should read<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">David C. described how in their implementation user sets up a WebAuthn connection with the issuer using the wallet. Ie user uses WebAuthn to establish a key pair in on device A (the wallet), so that the Issuer can recognize device A later
in the issuance flow and in subsequent interactions e.g. to revoke, refresh or delete the credential<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Many thanks<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><br>
David<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">On 11/03/2022 09:55, Kristina Yasuda via Openid-specs-ab wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p style="margin:0in">David Chadwick<o:p></o:p></p>
<p style="margin:0in">John Bradley<o:p></o:p></p>
<p style="margin:0in">Joseph Heenan<o:p></o:p></p>
<p style="margin:0in">Nat Sakimura<o:p></o:p></p>
<p style="margin:0in">Torsten Lodderstedt<o:p></o:p></p>
<p style="margin:0in">Brian Campbell<o:p></o:p></p>
<p style="margin:0in">Filip Skokan<o:p></o:p></p>
<p style="margin:0in">David Waite<o:p></o:p></p>
<p style="margin:0in">Jeremie Miller<o:p></o:p></p>
<p style="margin:0in">Jo Vercammen<o:p></o:p></p>
<p style="margin:0in">Kenichi Nakamura<o:p></o:p></p>
<p style="margin:0in">Kristina Yasuda<o:p></o:p></p>
<p style="margin:0in"> <o:p></o:p></p>
<p style="margin:0in">(Connect call notes followed by subsequent SIOP call notes)<o:p></o:p></p>
<p style="margin:0in"> <o:p></o:p></p>
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l1 level1 lfo1;vertical-align:middle"><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%2F1456%2Fscopes-metadata-parameter-needs-to-be&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C7dd8958ad6fe4eab1f5408da037d8613%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637826134935369702%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=IXWcSarX1GfA0k4a2kM7v2qXEmGdf0wDrKMhcR32j0o%3D&reserved=0">openid
/ connect / issues / #1456 - scopes metadata parameter needs to be defined — Bitbucket</a><o:p></o:p></li></ol>
<ol style="margin-top:0in" start="1" type="1">
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l1 level2 lfo1;vertical-align:middle">Two options to address undefined `scopes` parameter underneath `openid_relying_party`<o:p></o:p></li><li class="MsoNormal" style="mso-list:l1 level2 lfo1;vertical-align:middle">Roland and John agrees to define a new `scopes` parameter<o:p></o:p></li></ol>
</ol>
<p class="MsoNormal" style="margin-left:.75in;text-indent:-.25in;mso-list:l1 level2 lfo1;vertical-align:middle">
<![if !supportLists]><span style="mso-list:Ignore">3.<span style="font:7.0pt "Times New Roman"">
</span></span><![endif]>Nat pointed out that `scope` (existing) and `scopes`(new) might be confusing and better name for scopes should be considered. <o:p></o:p></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:0in;margin-left:.75in">
<o:p></o:p></p>
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l0 level1 lfo2;vertical-align:middle"><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%2F1433%2Foidc4vci-role-of-the-id-token&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C7dd8958ad6fe4eab1f5408da037d8613%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637826134935419711%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=rntff%2Fxh%2Bbwr7tlIBvzwgXKZfeuhHAD5R%2FCO7HrJan8%3D&reserved=0">openid
/ connect / issues / #1433 - [oidc4vci] role of the ID Token — Bitbucket</a><o:p></o:p></li></ol>
<ol style="margin-top:0in" start="1" type="1">
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l0 level2 lfo2;vertical-align:middle">Torsten pointed out that OIDC4VCI is different from JWT assertion spec because in OIDC4VCI Access token is opaque to the client<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo2;vertical-align:middle">David C. made three suggestions how to improve OIDC4VCI specification. Issues have been filed for each item.
<o:p></o:p></li></ol>
</ol>
<ol style="margin-top:0in" start="1" type="1">
<ol style="margin-top:0in" start="2" type="1">
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l0 level3 lfo3;vertical-align:middle">Clarify how user interacts with the wallet in the swimlane<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level3 lfo3;vertical-align:middle">Add text on the trust model<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level3 lfo3;vertical-align:middle">Clarify how authorization works<o:p></o:p></li></ol>
</ol>
</ol>
<ol style="margin-top:0in" start="1" type="1">
<ol style="margin-top:0in" start="3" type="1">
<li class="MsoNormal" style="mso-list:l0 level2 lfo3;vertical-align:middle">No objections to moving oIDC4VCI to an Oauth based flow. PR would be useful<o:p></o:p></li></ol>
</ol>
<p class="MsoNormal" style="margin-left:1.0in;vertical-align:middle"> <o:p></o:p></p>
<ol style="margin-top:0in" start="2" type="1">
<li class="MsoNormal" style="mso-list:l0 level1 lfo3;vertical-align:middle">Transferring PoP across devices (discussion continued from Pacific Connect Call on Monday)<o:p></o:p></li></ol>
<ol style="margin-top:0in" start="2" type="1">
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">Use-case being user logged into an app on device A (laptop), but wants to receive credential into an app on device B (smartphone)<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">John said caBLE is becoming increasingly promising – being deployed across major browser OS and mobile OS
<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">David C. described how in their implementation user sets up a WebAuthn connection with the issuer using the wallet. Ie user uses WebAuthn to log in on device A using device B, so that
the Issuer can recognize device B later in the issuance flow<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">John pointed out that that usage of WebAuthn can be looked at in both ways at a higher level:<o:p></o:p></li></ol>
</ol>
<ol style="margin-top:0in" start="2" type="1">
<ol style="margin-top:0in" start="4" type="1">
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l0 level3 lfo4;vertical-align:middle">Using FIDO as a proof for VP or other tokens (issue to someone who controls private keys to this public key)<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level3 lfo4;vertical-align:middle">Purely having a stronger authentication using FIDO
<o:p></o:p></li></ol>
</ol>
</ol>
<ol style="margin-top:0in" start="2" type="1">
<ol style="margin-top:0in" start="5" type="1">
<li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">It was pointed out this is close to how we use sender-constraint tokens<o:p></o:p></li></ol>
</ol>
<p class="MsoNormal" style="vertical-align:middle"> <o:p></o:p></p>
<p class="MsoNormal" style="vertical-align:middle"><<transition to the SIOP call>><o:p></o:p></p>
<p class="MsoNormal" style="vertical-align:middle"> <o:p></o:p></p>
<ol style="margin-top:0in" start="3" type="1">
<li class="MsoNormal" style="mso-list:l0 level1 lfo4;vertical-align:middle"><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F128&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C7dd8958ad6fe4eab1f5408da037d8613%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637826134935419711%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=CWo7H1P5kPR7Ky2Xemahuhk5XuxMiEa0ROGRXoqXnFQ%3D&reserved=0">openid
/ connect / Pull Request #128: Adds an option to make a credential request via scopes — Bitbucket</a><o:p></o:p></li></ol>
<ol style="margin-top:0in" start="3" type="1">
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">Merged<o:p></o:p></li></ol>
</ol>
<ol style="margin-top:0in" start="4" type="1">
<li class="MsoNormal" style="mso-list:l0 level1 lfo4;vertical-align:middle"><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F134&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C7dd8958ad6fe4eab1f5408da037d8613%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637826134935419711%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=ey7vqFjzUiJIS4YfS%2FTMPkJTYeBnFz7mnO2e%2Bgd9K0g%3D&reserved=0">openid
/ connect / Pull Request #134: Removing an option to submit a VC in the Authorization Request (#1443) — Bitbucket</a><o:p></o:p></li></ol>
<ol style="margin-top:0in" start="4" type="1">
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">Waiting for Mike to come back from vacation, since he has requested changes<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">There might be concerns around clarifying why nonce endpoint is not effective in preventing replay<o:p></o:p></li></ol>
</ol>
<ol style="margin-top:0in" start="5" type="1">
<li class="MsoNormal" style="mso-list:l0 level1 lfo4;vertical-align:middle"><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F101&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C7dd8958ad6fe4eab1f5408da037d8613%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637826134935419711%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qN1bNvFhnfqO%2FtI9KOuX4UuAB9zup4KYLes6qSK5hQo%3D&reserved=0">openid
/ connect / Pull Request #101: Fetching presentation definitions from a remote repository — Bitbucket</a><o:p></o:p></li></ol>
<ol style="margin-top:0in" start="5" type="1">
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle"><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%2F1440%2Fchoosing-how-to-transfer-presentation&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C7dd8958ad6fe4eab1f5408da037d8613%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637826134935419711%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=K1r7LCbYBJmN4MLOdSE2JXGGCvF7dO7puw7r8tmMpmQ%3D&reserved=0">https://bitbucket.org/openid/connect/issues/1440/choosing-how-to-transfer-presentation</a><o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">We agreed that passing presentation_definition by value should be mandatory to implement, while passing it by reference can be turned on via a new Registration/Discovery metadata<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">We agreed that passing it by reference has a lot of value. Right now, most implementation pass by value and with request object already being passed by reference in many implementations,
size of a presentation_definition is not a problem. We might revisit this set up if majority of implementations switch to passing by reference.<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">Will merge once David C. updates a PR<o:p></o:p></li></ol>
</ol>
<ol style="margin-top:0in" start="6" type="1">
<li class="MsoNormal" style="mso-list:l0 level1 lfo4;vertical-align:middle"><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%2F1451%2Foidc4vci-mandatory-vs-optional-credential&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C7dd8958ad6fe4eab1f5408da037d8613%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637826134935419711%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=RLguipNqBlYWWfQG%2F8LZgA39yPwxnhXNZK%2FhiEYGrkA%3D&reserved=0">https://bitbucket.org/openid/connect/issues/1451/oidc4vci-mandatory-vs-optional-credential</a><o:p></o:p></li></ol>
<ol style="margin-top:0in" start="6" type="1">
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">We agreed that it is Issuer’s responsibility to ensure that all mandatory claims are included in a VC<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">Kenichi pointed out that in mDL, user would not have much choice over optional claims, probably only over organ donation claim<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">Selective release of optional claims might still be useful in other credential types<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">David C. made a distinction between user providing consent in the wallet, and user providing consent directly to the Issuer<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">John asked what if the Issuer issues more or less credentials then
<o:p></o:p></li></ol>
</ol>
<ol style="margin-top:0in" start="7" type="1">
<li class="MsoNormal" style="mso-list:l0 level1 lfo4;vertical-align:middle"><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%2F1453%2Foidc4vci-holder-binding-material-without&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C7dd8958ad6fe4eab1f5408da037d8613%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637826134935469708%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=v3XhhJCY7tgWN5bAoHLB8CQJkVPNWYU85mUApS%2BoFK4%3D&reserved=0">https://bitbucket.org/openid/connect/issues/1453/oidc4vci-holder-binding-material-without</a><o:p></o:p></li></ol>
<ol style="margin-top:0in" start="7" type="1">
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">Kristina described how there is a use-case for this in SMART Health Cards<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">David C. described another use-case where credentials for multiple users are stored in one wallet (airplane ticket for example)<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">WG agreed to document such use cases and extend specification to support them
<o:p></o:p></li></ol>
</ol>
<ol style="margin-top:0in" start="8" type="1">
<li class="MsoNormal" style="mso-list:l0 level1 lfo4;vertical-align:middle"><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%2F1454%2Foidc4vci-defining-a-credential-type&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C7dd8958ad6fe4eab1f5408da037d8613%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637826134935469708%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=3Cc0DbvabYSsqn1rfaNYY86B5l9i%2Fj5nfBhPUwmq8NI%3D&reserved=0">https://bitbucket.org/openid/connect/issues/1454/oidc4vci-defining-a-credential-type</a><o:p></o:p></li></ol>
<ol style="margin-top:0in" start="8" type="1">
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">David C. pointed out that type in vc-data-model is defined as URI, so URIs need to be supported<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level2 lfo4;vertical-align:middle">We ran out of time while discussing this issue, will resume with this issue at the next call<o:p></o:p></li></ol>
</ol>
<p class="MsoNormal" style="vertical-align:middle"> <o:p></o:p></p>
<p class="MsoNormal" style="vertical-align:middle">Thank you!<o:p></o:p></p>
<p class="MsoNormal" style="vertical-align:middle">Kristina<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><o:p> </o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>Openid-specs-ab mailing list<o:p></o:p></pre>
<pre><a href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a><o:p></o:p></pre>
<pre><a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.openid.net%2Fmailman%2Flistinfo%2Fopenid-specs-ab&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C7dd8958ad6fe4eab1f5408da037d8613%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637826134935469708%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=mG3yp7okbF0Q4ZoPEYzx0iJbTF4fx7ojihihdC91Gd4%3D&reserved=0">https://lists.openid.net/mailman/listinfo/openid-specs-ab</a><o:p></o:p></pre>
</blockquote>
<p><o:p> </o:p></p>
</div>
</body>
</html>