[Openid-specs-digital-credentials-protocols] [agenda] DCP WG + SIOP call

Thu Nov 21 11:26:44 UTC 2024

Hi All,

Below is the suggested agenda for today's DCP WG + SIOP call:
https://zoom.us/j/94085567252?pwd=cHNFMExFalhlM2MrOFhoN3J6eDRuZz09

We have three focus topics for today, as highlighted below. It's a packed
agenda, so we will start on time, will not wait 3-5min as usual.

   1. OIDF Antitrust Policy at www.openid.net/antitrust applies
   2. IPR reminder/ Note-taking
   3. Introductions/re-introductions
   4. Agenda bashing/adoption
   5. Events/External orgs
      1. Update from meeting with CEN
   6. *[Focus 1] Where to define mdoc profile over browser API (options
   summarized below) (10 min)*
   7. VCI (heads-up):
      1. change credential type identifier vc+sd-jwt to dc+sd-jwt
      https://github.com/openid/OpenID4VCI/pull/415
      2. Define claims display description and claims path query
      https://github.com/openid/OpenID4VCI/pull/276
   8. VP
   1. a lot of new PRs, important for ISO and ID process:
      https://github.com/openid/OpenID4VP/pulls
      2. *[Focus 2] Issues Important to resolve before ISO mtg Dec 3-5th
      (today is the last call with full participation before the ISO mtg since
      next week is Thanksgiving) (35-40min)*
         1. intent_to_retain: https://github.com/openid/OpenID4VP/issues/321;
         has PR - https://github.com/openid/OpenID4VP/pull/338
         2. mandatory processing in claims set
https://github.com/openid/OpenID4VP/issues/290

         3. value matching: https://github.com/openid/OpenID4VP/issues/322
         and https://github.com/openid/OpenID4VP/issues/307
         4. x509_san_dns: https://github.com/openid/OpenID4VP/issues/320
      9. *[Focus 3] mdoc profile for OID4VP over Browser API (10min)*
      1. PR is in: https://github.com/openid/oid4vc-haip-sd-jwt-vc/pull/122
      2. Issues: https://github.com/openid/OpenID4VP/issues/219; h
      ttps://github.com/openid/OpenID4VP/issues/327

Options on where to define mdoc profile over browser API:

   1. put mdoc profile in OID4VP. if we do this, we cannot mandate anything
   (response encryption, session transcript structure, etc.), so probably not
   a good idea
   2. put mdoc profile to HAIP. If we do this, HAIP needs to be refactored,
   so it becomes collection of 4 profiles that can be used independently:
      1. Issuance of IETF SD-JWT VC using OpenID4VCI;
      2. Presentation of IETF SD-JWT VC using OpenID4VP;
      3. Presentation of IETF SD-JWT VC using OpenID4VP over W3C Digital
      Credentials API
      4. Presentation of ISO mdocs using OpenID4VP over W3C Digital
      Credentials API
   3. put mdoc profile into a separate document, and keep HAIP as-is. If we
   do this, we would need to go through the process of adopting a new
   document, and work on 4 documents with tight deadlines. If we do this, one
   question is where to put Browser API profile that is common to both mdoc
   and sd-jwt vc.

Thank you!
Kristina
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20241121/d2560c66/attachment.htm>