[Openid-specs-digital-credentials-protocols] A simple presentation endpoint

[Orie Steele]

( I signed the contributor agreement in docusign ).

My ideal flow:

GET relying-party.example/nonce
POST relying-party.example/presentations

If the RP wants to demand extra state commitments from the wallet, that's
fine, but if the wallet just wants a nonce to make a presentation, the
wallet should be able to just get a nonce.

Once the wallet has used the nonce, the wallet wants to send the
presentation to the RP.

If the RP wants to demand extra state commitments from the wallet, that's
fine, but if the wallet just wants to send a presentation, the wallet
should be able to just send a presentation.

In other words, all the parameters that are "not a nonce" and "not a
presentation" are getting in the way of a simple spec.

We have a proposal for a simple endpoint for getting nonces:

https://datatracker.ietf.org/doc/draft-demarco-oauth-nonce-endpoint/

I want a simple endpoint for sending presentations.

Assume an api gateway will filter out anything it does not recognize as
being encrypted to an internal verifier, or as a well formed signed
presentation.
Assume the nonce is negotiated out of band.
Assume credential types are negotiated out of band.
Assume credential claims are negotiated out of band.
Assume the presentation endpoint is negotiated out of band.

How does a wallet submit a presentation?

Regards,

OS

-- 


ORIE STEELE
Chief Technology Officer
www.transmute.industries

<https://transmute.industries>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20240215/02b83ee4/attachment.html>