[Openid-specs-digital-credentials-protocols] [agenda] DCP WG + SIOP call (PST midday)

Jan Vereecken jan.vereecken at meeco.me
Tue Sep 17 20:07:45 UTC 2024 

Hello All,

Please find the meeting notes below

**Participants**

                - Gail Hodges
                - Joseph Heenan
                - Christian Bormann
                - Hicham Lozi
                - Kristina Yasuda
                - Brian Campbell
                - Daniel Fett
                - David Waite
                - Edmund Jay
                - Gareth Oliver
                - Jin Wen
                - John Bradley
                - Lee Campbell
                - Michael Jones
                - Namanja Patrnogic
                - Oliver Terbu
                - Paul Bastian
                - Rajvardhan Deshmukh
                - Sebastian Bahloul
                - Steve Venema
                - Tim Cappalli
                - Tobias Looker
                - Jan Vereecken

**Agenda**

                - IPR reminder/ Note-taking
                - Introductions/re-introductions
                - Agenda bashing/adoption
                - Events/External orgs
                                - OSW
                - Consensus around proposed plan for moving VP/VCI to 1.0 final: [https://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/Week-of-Mon-20240909/000443.html](https://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/Week-of-Mon-20240909/000443.html)
                                - A) Does the WG agree to publish 1.0 Final with what has been tested/implemented in openid4vp/vci so far and then keep working on backward compatible v1.1, v1.2, with a goal of Implementing Acts referencing 1.1 or 1.2?
                - Permit the use of the new query language instead of presentation exchange. VP PR/258
                - Add extensibility to Credential Response. VCI PR/391
                - Remove c_nonce from the token endpoint response. VCI PR/381.
                                - do we want to remove an option to return c_nonce from the Credential Endpoint, now that Nonce Endpoint is mandatory?
                - client_id_scheme security ( [https://github.com/openid/OpenID4VP/issues/124](https://github.com/openid/OpenID4VP/issues/124) )
                - add an option to use credential_configuration_id in credential request. VCI PR/392.
                - Define claims display description and claims path query - [https://github.com/openid/OpenID4VCI/pull/276](https://github.com/openid/OpenID4VCI/pull/276)
                - [heads-up/no action as far as I am aware] Update Appendix 1 to be consistent with the latest snapshot of the Digital Credentials API. VP issue #264
                - Key attestation first draft PR - please review:  [https://github.com/openid/OpenID4VCI/pull/389](https://github.com/openid/OpenID4VCI/pull/389)
                - Other Open PRs/Issues

**Notes**

                - OAuth Security Workshop in Iceland
                                - https://oauth.secworkshop.events/osw2025
                - California DMV Hackaton update by Gail
                - Suggestion to remove OpenID4VP/New Query Language from 1.0 timeline and instead add it to 1.1
                                - Priority to giving EU Commission assurance that 1.0 will be finalised
                                - Joseph calls out that there is a need of implementor feedback for the proposal
                                                - Lee Campbell commits to adding an implementation to https://github.com/openwallet-foundation-labs/identity-credential
                - Add language to 1.0 to open the door for "other" query languages (without specifying them) https://github.com/openid/OpenID4VP/pull/258
                                - Call for people to review the PR and specifically Kristina's comment
                - Add extensibility to credential response (https://github.com/openid/OpenID4VCI/pull/391)                               - Discussion on allowing an array of notifications. Main intention would be to support batch credential. Christian is going to rework the PR.
                - Remove c_nonce from the token endpoint response. VCI PR/381.
                                - Brian is going to consolidate 7.3.2 and move it to nonce endpoint so that it is defined there and only there.
                                - Brian is going to add explanation that c_nonce can be invalidated by the issuer at any time
                                - Tobias is opening issue on removing c_nonce_expires_in
                - OpenID4VP PR/263: change client_id_scheme to
                                - Option 2 to fixing client_id_scheme security (Option 1 is defined in PR/237)
                                - Adds a prefix to `client_id`
                                - Call for review

Thanks for attending.

Regards,
Jan

From: Openid-specs-digital-credentials-protocols <openid-specs-digital-credentials-protocols-bounces at lists.openid.net> on behalf of Kristina Yasuda via Openid-specs-digital-credentials-protocols <openid-specs-digital-credentials-protocols at lists.openid.net>
Date: Tuesday, 17 September 2024 at 19:08
To: Digital Credentials Protocols List <openid-specs-digital-credentials-protocols at lists.openid.net>
Cc: Kristina Yasuda <yasudakristina at gmail.com>
Subject: [Openid-specs-digital-credentials-protocols] [agenda] DCP WG + SIOP call (PST midday)
Hi All,

Below is the suggested agenda for today's DCP WG + SIOP call at 12:00 midday PT: https://zoom.us/j/94085567252?pwd=cHNFMExFalhlM2MrOFhoN3J6eDRuZz09

Will timebox so that we cover at least until item 10. items 11~ are bonus.

  1.  IPR reminder/ Note-taking
  2.  Introductions/re-introductions
  3.  Agenda bashing/adoption
  4.  Events/External orgs

     *   OSW

  1.  Consensus around proposed plan for moving VP/VCI to 1.0 final: https://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/Week-of-Mon-20240909/000443.html

     *   A) Does the WG agree to publish 1.0 Final with what has been tested/implemented in openid4vp/vci so far and then keep working on backward compatible v1.1, v1.2, with a goal of Implementing Acts referencing 1.1 or 1.2?

  1.  Permit the use of the new query language instead of presentation exchange. VP PR #258
  2.  Add extensibility to Credential Response. VCI PR #391
  3.  Remove c_nonce from the token endpoint response. VCI PR #381.

     *   do we want to remove an option to return c_nonce from the Credential Endpoint, now that Nonce Endpoint is mandatory?

  1.  client_id_scheme security ( https://github.com/openid/OpenID4VP/issues/124 )
  2.  add an option to use credential_configuration_id in credential request. VCI PR #392.
  3.  Define claims display description and claims path query - https://github.com/openid/OpenID4VCI/pull/276
  4.  [heads-up/no action as far as I am aware] Update Appendix 1 to be consistent with the latest snapshot of the Digital Credentials API. VP issue #264
  5.  Key attestation first draft PR - please review:  https://github.com/openid/OpenID4VCI/pull/389
  6.  Other Open PRs/Issues

Thank you,
Kristina
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20240917/29501928/attachment-0001.html>

More information about the Openid-specs-digital-credentials-protocols mailing list