[Openid-specs-digital-credentials-protocols] [agenda] APAC-friendly DCP WG + SIOP call (PST midday)

Tue Oct 22 20:01:27 UTC 2024

Joseph Heenan
Kristina Yasuda
Paul Bastian
Brian Campbell
Lee Campbell
Christian Bormann
Daniel Fett
Edmund Jay
George Fletcher
Jan Vereecken
Martijn Haring
Nemanja Patrnogic
Oliver Terbu
Pedro Felix
Rajvardhan Deshmukh
Ryan Galluzzo
Tim Cappalli
Tobias Looker
Adam Bradley
Hicham Lozi
Bjorn Hjelm
Mike Jones
Tom Jones

*1. Schedule for the next two weeks*
Will cancel next week's call because there is a hybrid 3h call before IIW.
Will not cancel calls the week after that, during IETF

*2. pre-IIW hybrid DCP WG meeting agenda*
If any requests for pre-IIW hybrid DCP WG meeting agenda, please reach out
to the chairs or post on the ML

*3. Transaction data PR in OID4VP (#197) was merged!*
No objections.

*4. Reviewed the PR in OID4VP that adds contributors (#283)*
Looking good to be merged.

*5. Fixing digital credentials API examples in OID4VP (#254)*
Kristina has requested for changes. During the call, WG accepted the
changes Kristina suggested and Kristina agreed to address her other
comments in another PR.

*6. New query language PR in OID4VP (#266)*
Last Thursday, WG reached agreements to move this PR forward.
The agreement was to remove claim_set, but that was re-added as there was a
discussion that reached a conclusion that re-adding it is the most
effective way realize two use-cases: 1) do not return this credential
without a certain claim, if it has a certain claim (US's REAL ID use-case);
2) there might be multiple claims to satisfy the same requirements (like
age_over_18 or birth_date, or birth_year, etc.). It was re-added without
`?!` or `?` options.

More details are in this email:
https://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/Week-of-Mon-20241021/000479.html

Discussed the new query language's name to be "Digital Credential Query
Language (DCQL)" aka THE query language in OID4VP.

Martijn voiced his concerns about MUST vs SHOULD in the order in the
claims_set array. He agreed to merge this PR, while opening an issue on
this topic and continuing the discussion there.

Rough consensus to merge this PR, while opening follow-up issues and
continue to discuss them on the ongoing calls.

*7. WGLC of OID4VP*
Agreed to start WGLC for an Implementers Draft of OID4VP.
WGLC email will be sent out to both Connect and DCP WG mailing lists.

*8. Key attestation PR in OID4VCI (#389)*
why is it a should in "Issuer SHOULD return a credential for each of the
provided keys".
Agreed to keep a SHOULD. It is the issuer who decided how many credentials
to issue and can issue less than the number of keys the wallet sends.
There is max_batch_size in the issuer metadata, but that is merely an
indicator of the maximum value from the issuer to the wallet and not a
requirement for a batch size to always be the size in that parameter.
comment resolved.

`exp` claim in key attestations - should it be mandatory or not? comments
in the PR requested.

restructure attested_keys to JWKS? Brian mentioned it is not necessary to
register new claims in JWKS in IANA. no decision about the structure of the
attested_claims. Oliver worried about the name clashing if there was no
registry. Mike discouraged from using a parameter names key_type as that
might be easily misunderstood.

*9. Other PRs in OID4VCI that need review to be merged*
- #401 IANA registration

*10. Other PRs in OID4VCI that need more review*
- #392 on credential_configuration_id
- #404 on removing an option to return c_nonce from a credential endpoint
- #405 on removing claims from mdoc and sd-jwt in credential request

Best,
Kristina

On Tue, Oct 22, 2024 at 3:01 PM Joseph Heenan via
Openid-specs-digital-credentials-protocols <
openid-specs-digital-credentials-protocols at lists.openid.net> wrote:

> Hi All,
>
> Below is the suggested agenda for today's DCP WG + SIOP call at 12:00
> midday PT,
> https://zoom.us/j/94085567252?pwd=cHNFMExFalhlM2MrOFhoN3J6eDRuZz09
>
>
>    1. OIDF Antitrust Policy at www.openid.net/antitrust applies
>    2. IPR reminder/ Note-taking
>    3. Introductions/re-introductions
>    4. Agenda bashing/adoption
>    5. Events/External orgs
>       1. Cancel normal WG calls during IIW? And IETF?
>       2. Any requests for IIW hybrid meeting agenda?
>       3. Any IIW sessions people want to call?
>       https://docs.google.com/document/d/1yTWnl-vHnKN5Q9rEPpPwFq6Ur-sfJL9qExCH2lhgnxA/edit?tab=t.0
>    6. Priority VP PR updates:
>       1. VP: Transaction data:
>       https://github.com/openid/OpenID4VP/pull/197 - merged!
>       2. VP: Add missing acknowledgements:
>       https://github.com/openid/OpenID4VP/pull/283
>       3. VP: Rework W3C DC API examples
>       https://github.com/openid/OpenID4VP/pull/254
>       4. VP: New Query language -
>       https://github.com/openid/OpenID4VP/pull/266 Final discussions,
>       hope to merge this today and open issues for anywhere further work is
>       required
>    7. Ready to start WGLC for OID4VP next implementer’s draft?
>    8. VCI priority PRs requiring reviews:
>       1. VCI: Key attestations
>       https://github.com/openid/OpenID4VCI/pull/389
>       2. VCI: add option to use credential_configuration_id in credential
>       request:  https://github.com/openid/OpenID4VCI/pull/392
>       3. VCI: remove c_nonce/c_nonce expires from credential endpoint
>       response: https://github.com/openid/OpenID4VCI/pull/404
>       4. VCI: IANA considerations:
>       https://github.com/openid/OpenID4VCI/pull/401
>
>
> Thanks
>
> Joseph
>
> --
> Openid-specs-digital-credentials-protocols mailing list
> Openid-specs-digital-credentials-protocols at lists.openid.net
>
> https://lists.openid.net/mailman/listinfo/openid-specs-digital-credentials-protocols
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20241022/7fd45e9a/attachment.htm>