[Openid-specs-digital-credentials-protocols] openid/oid4vc-haip-sd-jwt-vc: Comment created on issue 99
github at oidf.org
github at oidf.org
Fri Jun 14 14:01:25 UTC 2024
openid/oid4vc-haip-sd-jwt-vc event
Issue Comment created on issue 99
Issue Title: Will HAIP mandate the use of the `jwk` for `cryptographic_binding_methods_supported`?
https://github.com/openid/oid4vc-haip-sd-jwt-vc/issues/99
Comment: I was assuming that the fact that a JWK is used as the proof of possession on the KB-JWT, does necessarily imply that a JWK needs to be used on the proof-token. For instance, the proof-token could use a `kid`, which the credential issuer would then resolve to a JWK and add it to the `cnf` claims of the KB-JWT. Perhaps we could add the following on https://openid.github.io/oid4vc-haip-sd-jwt-vc/openid4vc-high-assurance-interoperability-profile-sd-jwt-vc-wg-draft.html#section-4.4 - "The JWT proof must include the `jwk` parameter in the JOSE header"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20240614/98268067/attachment-0001.html>
More information about the Openid-specs-digital-credentials-protocols
mailing list