[Openid-specs-digital-credentials-protocols] openid/oid4vc-haip-sd-jwt-vc: Comment created on issue 101
github at oidf.org
github at oidf.org
Fri Jun 14 13:18:54 UTC 2024
openid/oid4vc-haip-sd-jwt-vc event
Issue Comment created on issue 101
Issue Title: How does a credential issuer trust the wallet attestation issuer's public key?
https://github.com/openid/oid4vc-haip-sd-jwt-vc/issues/101
Comment: yes, `a trust model and a trust mechanism needs to be built on top HAIP`. the HAIP intends to be silent on this exact question: "How does a credential issuer trust the wallet attestation issuer's public key?" maybe you have a PKI, or maybe you have obtained a root CA out of band, etc. HAIP currently only allows x.509 or web-based key resolution. whether openid federation needs to be allowed is a separate issue. Are there any specific suggestions how to make this clearer in the text? modify out of scope section? otherwise, would close as resolved.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20240614/ec02b9a0/attachment-0001.html>
More information about the Openid-specs-digital-credentials-protocols
mailing list