[Openid-specs-digital-credentials-protocols] openid/oid4vc-haip-sd-jwt-vc: Comment created on issue 103
github at oidf.org
github at oidf.org
Fri May 24 15:22:52 UTC 2024
openid/oid4vc-haip-sd-jwt-vc event
Issue Comment created on issue 103
Issue Title: SD-JWT VC requires `iss` value to be a URI
https://github.com/openid/oid4vc-haip-sd-jwt-vc/issues/103
Comment: the point of `https://` in HAIP was that the issuer can use the same `iss` value in sd-jwt vc to support various key resolution mechanisms - web-based key resolution (.well-known/jwt_vc_issuer with or without openid federation) or x509. so I am supportive of keeping `iss` a URI in sd-jwt vc, but change the scheme to `https:` as opposed to `dns:` I think see how some issuer devs might forget doing `https://` but at least in HAIP, the idea was for the issuer to support both key resolution mechanisms, so the chance of devs forgetting doing https:// is low, and the verifier supporting x509, would have to extract dns name from https:// as part of validations steps, so I see your points, but still think the the benefits of the same iss with different key resolution mechanisms is strong.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20240524/f003d4ec/attachment.html>
More information about the Openid-specs-digital-credentials-protocols
mailing list