[Openid-specs-digital-credentials-protocols] Updates on the new query language

Mon Oct 21 14:21:08 UTC 2024

Hi all,

after quite a bit of back and forth, I made changes to PR #266 
<https://github.com/openid/OpenID4VP/pull/266> that hopefully find a 
good compromise between all proposed solutions. Based on Tobias' latest 
proposals, this is what's in the latest PR:

# kept the claim_sets

We discussed the claim_sets syntax on the working group call last 
Thursday and there was a rough consensus in the room to remove it, but 
with the open task to find another solution for the real ID use case 
(previously, the '?!' syntax). I looked into various options, including 
pushing the feature to the credential_sets level (what we discussed on 
the call) and adding a property to the claim descriptors. Both are not 
great. It turns out that the simplest solution is to just keep 
claim_sets. With the rule that was introduced to oblige wallets to send 
the first available combination of claims in claim_sets, the claims can 
just be listed in the right order: `"claim_sets": [ ['a', 'real_id'], 
['a']]` — problem solved.

This syntax is not specific to the real ID use case, but happens to 
generally solve cases where I don't know ahead of time what claims are 
available in a credential.

I'm somewhat convinced that this syntax will come in handy again in the 
future once we talk more about value matching and/or ZKP features.

# removed the '?' and '?!' syntax

We don't need the `?!` anymore as the real ID use case can be solved as 
shown above. We also don't need `?` anymore as we don't have "really" 
optional claims in the claim_sets any longer. This should make 
implementations much simpler.

# introduced `purpose`

As discussed, without prescribing a specific format or content. We can 
figure that out later.

# Examples/Description

I also changed the examples to reflect the new syntax and made some 
changes to the normative language around the new QL.

-Daniel

-- 
Please use my new email address:mail at danielfett.de
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20241021/117ecb05/attachment.htm>