[Openid-specs-digital-credentials-protocols] [minutes] SCP WG + SIOP call (EU)

Jan Vereecken jan.vereecken at meeco.me
Thu May 2 18:30:30 UTC 2024 

Hello All,

Please find below the minutes of the meeting today.

  *   Participants
     *   Kristina Yasuda
     *   Joseph Heenan
     *   Brain Campbell
     *   John Bradley
     *   Andreea Prian
     *   Bjorn Helm
     *   Christinan Bormann
     *   Daniel Fett
     *   David Waite
     *   Elizabeth
     *   George Fletcher
     *   Jin Wen
     *   Juda Saadi
     *   Michael Jones
     *   Oliver Terbu
     *   Orie Steele
     *   Pedro Felix
     *   Ryan Galluzzo
  *   Agenda
     *   Recap APAC call
     *   PE requirements issues
     *   Credential response encryption issue
  *   Recap APAC call
     *   POTENTIAL Interop event
        *   Batch issuance of mdocs
     *   Transaction data proposal wrt payment authorization
     *   Query language requirements in PE
        *   Separate issues are created to discuss individual elements
  *   https://github.com/openid/OpenID4VCI/issues/286
     *   It exists for credential endpoint, i.e. credential_response_encryption already exists, but it isn't specified for batch and deferred endpoint
     *   Brain and John discussing the usefulness of encryption at this level
     *   Oliver points out that it is a ISO WG4 requirement
  *   OpenID4VCI issues and pull requests
     *   OpenID4VCI pull/299
        *   Agreed to merge and issue to be opened to add more clarification if necessary
  *   OpenID4VP issues and pull requests
     *   OpenID4VP pull/163
     *   PE requirements issues
        *   OpenID4VP issue/159
           *   Doesn't seem support for this issue
           *   Discussion on responsibilities of verifier and wallet with regards to verification of credentials.
           *   These kind of features can improve usability for the user (e.g. not sending a credential)
           *   Kristina mentions there is another issue that talks about checks the verifier is going to do
        *   OpenID4VP issue/160
           *   Sentiment seems to be that free form text is generally a bad idea.
           *   Joseph says that in OAuth WG these kind of elements have always been rejected
           *   Mike suggests to look for a public reference where this might be a requirement
              *   Maybe EU DIW?
           *   Kristina mentions that tos_uri in transaction_data could be used for that
        *   OpenID4VP issue/161
           *   Daniel: there are different ways
              *   Explicit: this claim needs to have value x in both credentials
              *   Implicit: these claims of both credentials needs to be the same
           *   John mentions that it is probably to early to optimise for this use case and there is not enough experience with these kind of issues.
        *   OpenID4VP issue/158
           *   Joseph suggests to clarify that only the claims that are in the payload can be queried, but not things that are in the header.
        *   OpenID4VP issue/64
           *   Joseph brings up crit header in JWT
Cheers,
Jan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20240502/9a61c526/attachment.html>

More information about the Openid-specs-digital-credentials-protocols mailing list