[Openid-specs-digital-credentials-protocols] Contribution: query syntax proposal

[Tom Jones]

I disagree with most of what you said. You guys have built something that
might work on an Internet interchange, but frankly I doubt even that. It
certainly fails for a smart phone interchange with another smartphone.

You guys really don't seem to care about users at all. Nor about existing
privacy regulations.

thx ..Tom (mobile)

On Tue, Mar 5, 2024, 10:58 AM Joseph Heenan <joseph at authlete.com> wrote:

> Hi Tom
>
>
> On 5 Mar 2024, at 17:39, Tom Jones via
> Openid-specs-digital-credentials-protocols <
> openid-specs-digital-credentials-protocols at lists.openid.net> wrote:
>
> I really don't know how we got to the point of using OAuth syntax to
> create a message that must be displayed and accepted by users.
>
>
> We are not doing that. My expectation is that wallets will be asking the
> user to consent to the data that is to be shared. There is no need to share
> with users what was requested, the user only needs to know what will be
> released to the verifier as far as I can see. This is consistent with how I
> have seen OpenID Connect work; the user consents to the information that
> will be sent to the relying party. So for example, an OpenID provider does
> not tell the user that the relying party requested their address if the
> OpenID provider does not have the user’s address to share.
>
> Equally there is no need for a wallet to tell a user that the verifier
> requested the user’s name from passport or a mobile driving license or a EU
> identity card or a Japanese residence card if the wallet only has a
> passport to share. It is far user friendlier to ask the user if they want
> to share the name from their passport.
>
> The proposed UI from the browser/OS vendors (which is being discussed in
> https://github.com/WICG/digital-identities?tab=readme-ov-file ) is that
> the OS will present to the user a choice of credentials that could satisfy
> the request (possibly with an indication of which wallet the credential is
> in), and the wallet will then be given control to collect any necessary
> consent to the data sharing.
> https://github.com/WICG/digital-identities?tab=readme-ov-file is really
> the only sensible place to discuss the OS provided credential selector as
> that is where the OS & Browser providers are participating. If that group
> has made a mistake in what they are developing the best approach seems to
> me to be to engage with that group, and only explore alternatives if that
> engagement fails - but I think first it is important to understand what
> that group has developed. They even have instructions on how to access the
> experimental API on Android, which they would love implementers to try and
> give feedback on.
>
> Thanks
>
> Joseph
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20240305/7692baab/attachment.html>