[Openid-specs-digital-credentials-protocols] A simple presentation endpoint

[Tom Jones]

If human beings are using the wallet I find this statement of Orie to be a
pure evil dark pattern that can be used to extract data from a user under
the false statement and purpose of any existing request that has been
consented by the user.  Requests directed to user wallets cannot be
expected to work this way.


If the RP wants to demand extra state commitments from the wallet, that's
fine, but if the wallet just wants a nonce to make a presentation, the
wallet should be able to just get a nonce.


thx ..Tom (mobile)

On Thu, Feb 15, 2024, 2:03 PM Orie Steele via
Openid-specs-digital-credentials-protocols <
openid-specs-digital-credentials-protocols at lists.openid.net> wrote:

>
> ( I signed the contributor agreement in docusign ).
>
> My ideal flow:
>
> GET relying-party.example/nonce
> POST relying-party.example/presentations
>
> If the RP wants to demand extra state commitments from the wallet, that's
> fine, but if the wallet just wants a nonce to make a presentation, the
> wallet should be able to just get a nonce.
>
> Once the wallet has used the nonce, the wallet wants to send the
> presentation to the RP.
>
> If the RP wants to demand extra state commitments from the wallet, that's
> fine, but if the wallet just wants to send a presentation, the wallet
> should be able to just send a presentation.
>
> In other words, all the parameters that are "not a nonce" and "not a
> presentation" are getting in the way of a simple spec.
>
> We have a proposal for a simple endpoint for getting nonces:
>
> https://datatracker.ietf.org/doc/draft-demarco-oauth-nonce-endpoint/
>
> I want a simple endpoint for sending presentations.
>
> Assume an api gateway will filter out anything it does not recognize as
> being encrypted to an internal verifier, or as a well formed signed
> presentation.
> Assume the nonce is negotiated out of band.
> Assume credential types are negotiated out of band.
> Assume credential claims are negotiated out of band.
> Assume the presentation endpoint is negotiated out of band.
>
> How does a wallet submit a presentation?
>
> Regards,
>
> OS
>
> --
>
>
> ORIE STEELE
> Chief Technology Officer
> www.transmute.industries
>
> <https://transmute.industries>
> --
> Openid-specs-digital-credentials-protocols mailing list
> Openid-specs-digital-credentials-protocols at lists.openid.net
>
> https://lists.openid.net/mailman/listinfo/openid-specs-digital-credentials-protocols
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20240215/8aa23198/attachment-0001.html>