[Openid-specs-digital-credentials-protocols] [agenda] DCP WG + SIOP call (PST 8am)

Jan Vereecken jan.vereecken at meeco.me
Thu Sep 26 16:02:36 UTC 2024 

Hi All,

Please find the meeting notes in attachment. Would be good if someone can specifically check if I captured the RAR extensibility conversation correctly. Thanks.

Kind regards,
Jan

---

# DCP WG 2024/09/26

## Participants

- Joseph Heenan
- Bjorn Hjelm
- Brian Campbell
- Christian Bormann
- Kristina Yasuda
- Daniel Fett
- David Chadwich
- Hicham Lozi
- Javier Ruiz
- Jin Wen
- Juba Saadi
- Judith Kahrer
- Michael Jones
- Nemanja Patrnogic
- Paul Bastian
- Pedro Felix
- Rajvardhan Deshmukh
- Jan Vereecken
- Paul Bastian

## Agenda

- OIDF Antitrust Policy at www.openid.net/antitrust applies
- IPR reminder/ Note-taking
- Introductions/re-introductions
- Agenda bashing/adoption
- Events/External orgs
  - TPAC
- Members please vote on ekyc specs: https://openid.net/vote-final-identity-assurance-specifications/
- 1.0 PRs
      - VP: client_id_scheme change to prefix ( https://github.com/openid/OpenID4VP/issues/124 ) - planning to merge next week
      - VP: Allow alternative query languages: https://github.com/openid/OpenID4VP/pull/258 - discuss latest comments
      - VP: Remove normative dependency on Browser API: https://github.com/openid/OpenID4VP/pull/254
      - VCI: add an option to use credential_configuration_id in credential request https://github.com/openid/OpenID4VCI/pull/392 - replacing the format version, planning to merge next week
      - VCI: Credential response extensibility: https://github.com/openid/OpenID4VCI/pull/391 t
      - VCI: Key attestations https://github.com/openid/OpenID4VP/pull/258
      - VCI: c_nonce PR:  https://github.com/openid/OpenID4VCI/pull/381#pullrequestreview-2292605172 - Torsten’s request changes
      - VCI: RAR extensibility:  https://github.com/openid/OpenID4VCI/pull/382 -  latest language on RAR
- Other PRs
      - VP: client_metadata https://github.com/openid/OpenID4VP/pull/233 - Oliver’s suggestion
      - VP: Add additional request examples: https://github.com/openid/OpenID4VP/pull/218 - needs reviews
      - VCI: Clarify credential offer endpoint https://github.com/openid/OpenID4VCI/pull/380 - needs reviews
- Timelines for OID4VP 1.1
- Query language - proceed with attempt 3 PR? https://github.com/openid/OpenID4VP/pull/266
- How can verifiers that support multiple trust models/ecosystems know how to authenticate to the wallet? https://github.com/openid/OpenID4VP/issues/248

## Notes

### Voting on eKYC.

Request for everyone to vote. Voting “abstain” still counts towards quorum (which has not been reached)

### VP: client_id_scheme change to prefix

Daniel to update text based on Brain’s comments to accommodate Browser API concerns. Intention to merge next week Tuesday

### VP: Allow alternative query languages

Kristina brings up that language around vp_token in response is not clear atm.

Brian asks if vp_token structure will change or if there will be a separate parameter.

Joseph points out in new query language proposal (#178) that vp_token remains, but structure will likely change.

WG agrees on the direction outlined in the issue.

### VP: Remove normative dependency on Browser API

Spec can’t have normative dependency on a non-published spec.

Joseph brings up that he’s still keen on keeping examples, but limiting it to OpenID4VP parameters and not include Browser API params

Kristina agrees with Joseph and suggest language to change it

David brings up who decides the names of the OpenID4VP parameters and where that is defined.

Brian thinks OpenID4VP parameters should be defined by the DCP WG.

### VCI: add an option to use credential_configuration_id in credential request

Kristina proposes to close this PR to keep it simpler for ecosystems. Will add comments to the PR.

### VCI: Credential response extensibility

Request to Oliver to review so it can be merged.

### VCI: Key attestations

Paul has updated this PR

### VCI: RAR extensibility

Kristina mentions that Torsten is still reviewing.
Kristina and Mike have a discussion on if this breaks RAR.
Brian adds that by defining type, RAR is not broken in his opinion.

The goal is to allow an extensibility point that allows both breaking and non-breaking changes. Breaking change would be achieved by defining a different `type`. Non-breaking changes could be added to the existing type and and ignored by wallets.

### VCI: c_nonce PR

Brian comments that POST request for nonce is not a good idea.
________________________________
From: Openid-specs-digital-credentials-protocols <openid-specs-digital-credentials-protocols-bounces at lists.openid.net> on behalf of Joseph Heenan via Openid-specs-digital-credentials-protocols <openid-specs-digital-credentials-protocols at lists.openid.net>
Sent: Thursday, 26 September 2024 16:16
To: Digital Credentials Protocols List <openid-specs-digital-credentials-protocols at lists.openid.net>
Cc: Joseph Heenan <joseph at authlete.com>
Subject: [Openid-specs-digital-credentials-protocols] [agenda] DCP WG + SIOP call (PST 8am)

Hi All,

Below is the suggested agenda for today's DCP WG + SIOP call at 08:00AM PT: https://zoom.us/j/94085567252?pwd=cHNFMExFalhlM2MrOFhoN3J6eDRuZz09

  1.  OIDF Antitrust Policy at www.openid.net/antitrust<http://www.openid.net/antitrust> applies
  2.  IPR reminder/ Note-taking
  3.  Introductions/re-introductions
  4.  Agenda bashing/adoption
  5.  Events/External orgs
     *   TPAC
  6.  Members please vote on ekyc specs: https://openid.net/vote-final-identity-assurance-specifications/
  7.  1.0 PRs
     *   VP: client_id_scheme change to prefix ( https://github.com/openid/OpenID4VP/issues/124 ) - planning to merge next week
     *   VP: Allow alternative query languages: https://github.com/openid/OpenID4VP/pull/258 - discuss latest comments
     *   VP: Remove normative dependency on Browser API: https://github.com/openid/OpenID4VP/pull/254
     *   VCI: add an option to use credential_configuration_id in credential request https://github.com/openid/OpenID4VCI/pull/392 - replacing the format version, planning to merge next week
     *   VCI: Credential response extensibility: https://github.com/openid/OpenID4VCI/pull/391 t
     *   VCI: Key attestations https://github.com/openid/OpenID4VP/pull/258
     *   VCI: c_nonce PR:  https://github.com/openid/OpenID4VCI/pull/381#pullrequestreview-2292605172 - Torsten’s request changes
     *   VCI: RAR extensibility:  https://github.com/openid/OpenID4VCI/pull/382 -  latest language on RAR
  8.  Other PRs
     *   VP: client_metadata https://github.com/openid/OpenID4VP/pull/233 - Oliver’s suggestion
     *   VP: Add additional request examples: https://github.com/openid/OpenID4VP/pull/218 - needs reviews
     *   VCI: Clarify credential offer endpoint https://github.com/openid/OpenID4VCI/pull/380 - needs reviews
  9.  Timelines for OID4VP 1.1
  10. Query language - proceed with attempt 3 PR? https://github.com/openid/OpenID4VP/pull/266
  11. How can verifiers that support multiple trust models/ecosystems know how to authenticate to the wallet? https://github.com/openid/OpenID4VP/issues/248

Thanks

Joseph

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20240926/2bc982b7/attachment-0001.html>

More information about the Openid-specs-digital-credentials-protocols mailing list