[Openid-specs-digital-credentials-protocols] DCP WG call minutes

Andreea Prian andreea.prian at idakto.com
Thu Dec 5 17:27:34 UTC 2024 

Hi All,

Below are the notes of the DCP call on Thursday December 5th.
Regards,
Andreea
-----
Participants

  *
Torsten Lodderstedt
  *
Martijn Haring
  *
Paul Bastien
  *
Nemanja Patrongic
  *
Pedro Felix
  *
Michael Jones
  *
Akash Shah
  *
Steve Venema
  *
Brian Campbell
  *
Lee Campbell
  *
Daniel Fett
  *
Jan Vereecken
  *
Bjorn Hjelm
  *
Oliver Terbu
  *
David Chadwick
  *
Andreea Prian


Events/External Orgs
Torsten: ISO would like to have a virtual meeting end of January to review the mdoc profile over Digital Credentials API
 Steve: ISO possibly doing and Interop event in February

HAIP
mdoc profile over Digital Credential API
h<https://h/>ttps://github.com/openid/oid4vc-haip-sd-jwt-vc/pull/122<https://github.com/openid/oid4vc-haip-sd-jwt-vc/pull/122>
Encryption topic moved to another issue - Torsten asks people to review
Paul to create a PR about removing SIOP for now
Discussion on transaction_data

  *   Mandating for the RP does not make sense
  *   Should support be mandated for the wallet?
  *   Should it be in the main spec; if so we could give more details on how it should be used
  *   People should to give their opinion on these in the PR


Paul: mandate putting an mdoc per DeviceResponse when returning multiple mdocs
In SessionTranscript why is there a string that was added?

  *   Martijn: this mitigates some issues when same SessionTranscript might be reused for diff usages
  *   Suggested to have a note to explain this

There was a question on what will happen with comments made on this PR that became an issue – Torsten answered that they will not block merging this PR and will be treated afterwards.

OID4VP
Multi RP Credentials/Authentication capability
Torsten presented the PR https://github.com/openid/OpenID4VP/pull/308
Consensus seem to be on restructuring so that we have both options in the main spec and then each profile can have a specific approach.

OID4VCI
https://github.com/openid/OpenID4VCI/pull/276
Daniel issuer metadata describes claims, the structure used has a couple of problems this PR solves by reusing the path introduced in sd-jwt type metadata
Also change as well how we define claims in mdoc?
Lee: Now it would be a good moment since this is a breaking change

Wallet attestation
Paul presented PR h<https://h/>ttps://github.com/openid/OpenID4VCI/pull/408<https://github.com/openid/OpenID4VCI/pull/408>

  *   Some contradictions raised in the comments
  *   Should we say in VCI that a wallet attestation is meant to communicate properties about the wallet or only authentication – it was suggested to try to avoid the perception that the attestation will claim other functionalities
  *   Pedro - this attestation does not belong with the Issuer but the Authorization server - the attestation based client authentication in the IETF draft should be used; will make a suggestion on how to restructure it


Other topics
Torsten : Have a look on the issue https://github.com/openid/OpenID4VCI/issues/421 and share opinion
Michael: repository renaming should be approved by the WG


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20241205/d8525dfb/attachment-0001.htm>

More information about the Openid-specs-digital-credentials-protocols mailing list