[Openid-specs-digital-credentials-protocols] openid/oid4vc-haip-sd-jwt-vc: Comment created on issue 99
github at oidf.org
github at oidf.org
Fri Jun 14 13:26:59 UTC 2024
openid/oid4vc-haip-sd-jwt-vc event
Issue Comment created on issue 99
Issue Title: Will HAIP mandate the use of the `jwk` for `cryptographic_binding_methods_supported`?
https://github.com/openid/oid4vc-haip-sd-jwt-vc/issues/99
Comment: HAIP already says in this section https://openid.github.io/oid4vc-haip-sd-jwt-vc/openid4vc-high-assurance-interoperability-profile-sd-jwt-vc-wg-draft.html#section-7-5.5, which should be clear enough. > The cnf claim [[RFC7800](https://openid.github.io/oid4vc-haip-sd-jwt-vc/openid4vc-high-assurance-interoperability-profile-sd-jwt-vc-wg-draft.html#RFC7800)] MUST conform to the definition given in [[I-D.ietf-oauth-sd-jwt-vc](https://openid.github.io/oid4vc-haip-sd-jwt-vc/openid4vc-high-assurance-interoperability-profile-sd-jwt-vc-wg-draft.html#I-D.ietf-oauth-sd-jwt-vc)]. Implementations conforming to this profile MUST include the JSON Web Key [[RFC7517](https://openid.github.io/oid4vc-haip-sd-jwt-vc/openid4vc-high-assurance-interoperability-profile-sd-jwt-vc-wg-draft.html#RFC7517)] in the jwk sub claim. I think your question might lead to a fact that `cryptographic_binding_methods_supported` parameter in VCI needs to be better defined/clarified. would suggest opening an issue in VCI.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20240614/9dd6dbcf/attachment-0001.html>
More information about the Openid-specs-digital-credentials-protocols
mailing list