[Openid-specs-digital-credentials-protocols] [notes] DCP WG + SIOP call (PST midday)

torsten at lodderstedt.net torsten at lodderstedt.net
Wed Dec 4 08:47:45 UTC 2024 

Hi,

here are the minutes from yesterday’s call.

@Jin: thanks for taking notes!

Attendees:

• Torsten Lodderstedt (Host)
• Andres Olave
• Nemanja Patrnogic
• Tim Cappalli
• Kaliya Young (Identity Woman)
• Tom Jones
• Edmond Jay
• Lukasz Jaromin
• Mike Jones
• Tobias Looker
• Paul Bastian
• Lee Campbell
• Christian Bormann
• Oliver Terbu
• Brian Campbell
• Steve Venema
• Jin Wen

Agenda:

1. Administrative Announcements
2. Discussion on External Events and Organizations
3. Review of Pull Requests and Issues
4. Discussion on Credential Endpoint Display Data
5. Dpop Nonce Endpoint Proposal

1. Administrative Announcements

• Note Taking: Jin volunteered to take notes for the meeting.
• Antitrust Policy: Attendees were reminded to review the antitrust policy.
• IPR Agreement: All attendees have signed the IPR agreement.
• Agenda: The agenda was distributed prior to the meeting.

2. Discussion on External Events and Organizations

• Security Workshop: The next deadline is in about a month, and participants are encouraged to submit proposals.
• IETF Registration: Registration for the IETF event in Bangkok is now open.

3. Review of Pull Requests and Issues
Pull Request Discussions:

• VCI and HAPI Focus: The meeting focused on pull requests related to VCI and HAPI, with specific attention to issues raised by Mike and others.
    • Pull Request #276: Paul B. suggested change to the naming of elements in mdoc part, would be a breaking change (for a new part of the spec) and the call attendees leaned towards implementing it now in VP and VCI. Needs more discussion.
    • Issue #421: Lee C.'s issue regarding adding display metadata to the CredentialResponse was discussed. There was  interest in this topic, people are encouraged to comment on the issue.
    • Issue #412: Add DPoP-Nonce to the nonce endpoint - interested in the comments, people in the call are supporting this suggestion, asked Paul to file a PR so we can continue the discussion with a concrete proposal.

Specific Pull Request Reviews:

• Pull Request #419: Tobias's pull request regarding the removal of the nonce expiration already had 8 approvals. No one objected agains merging it, merged after the call.

4. Discussion on Credential Endpoint Display Data (VCI #421)

• Proposal by Lee: Suggested returning display data with credentials for personalized card art and metadata.
    • Feedback: There was general support for a credential format agnostic approach, but further discussion is needed.

5.Add DPoP-Nonce to the nonce endpoint (VCI #412)

• Proposal by Paul: Suggested using the nonce endpoint for Dpop nonces to improve efficiency.
    • Feedback: The proposal received positive feedback, with no objections raised.

Additional Discussions on HAIP:
HAIP Refactoring:

• A proposal was made to refactor HAIP and add details for the mdoc profile of OID4VP over the Digital Credentials API (#122). The ISO WG is waiting for this.
• Tim mentioned that the term Browser API should be changed to Digital Credential API.  "Digital Credentials API" covers the web platform DC API as well as app platform equivalents.

Repository Name Change:

• A suggestion was made to rename the repository to oid4vc-haip (#127). This change is considered straightforward and necessary.

SD-JWT VCDM Compatibility:

• Discussion on the first attempt of sd-jwt vcdm (#134) included input from Oliver T., Mike J., Brian C., and Paul B., who discussed compatibility with VCDM 1.1 or 2.0.

Next Steps:

1. Review Pull Requests: Attendees are encouraged to review outstanding pull requests and issues before the next meeting, especially the following PRs:
    a. https://github.com/openid/OpenID4VCI/pull/408
    b. https://github.com/openid/OpenID4VCI/pull/276
    c. https://github.com/openid/oid4vc-haip-sd-jwt-vc/pull/122
    d. https://github.com/openid/OpenID4VP/pull/308
2. Comment on Issues: Participants should comment on issues related to
    a. Encryption strategies (https://github.com/openid/oid4vc-haip-sd-jwt-vc/issues/131).
    b. Add display metadata to the CredentialResponse (https://github.com/openid/OpenID4VCI/issues/421)
    c. The Value of Having JWKS in the Credential Issuer Matadata VCI https://github.com/openid/OpenID4VCI/issues/385)


best regards,
Torsten.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20241204/8dc3910e/attachment.htm>

More information about the Openid-specs-digital-credentials-protocols mailing list