[Openid-specs-digital-credentials-protocols] conformance tests plan for OpenID4VC specifications

[Kristina Yasuda]

Dear all,

As promised, here is the short write up on the plans for the conformance
tests for OpenID4VC specifications.

*Priorities:*
1. VP verifier: Add mdoc/mdl support
2. VP wallet/verifier: Add ID3 versions of tests
3. VP wallet/verifier: add DCQL support
4. VCI: Initial ID2 tests for wallets, following requirements in HAIP
5. VCI: Initial ID2 tests for the issuers, following requirements in HAIP

You can find currently supported configurations at
https://openid.net/certification/conformance-testing-for-openid-for-verifiable-presentations/,
or you can try configure your test plan here
<https://demo.certification.openid.net/schedule-test.html?test_plan=vp-id2-verifier-test-plan&credential_format=sd_jwt_vc&client_id_scheme=x509_san_dns&request_method=request_uri_signed&response_mode=direct_post&configJson=%7B%22alias%22%3A%22FIXME-CHANGETHIS%22%2C%22description%22%3A%22FIXME%20CHANGE%20THIS%20my%20first%20verifier%20test%22%2C%22client%22%3A%7B%22client_id%22%3A%22FIXME%20fill%20in%20your%20client%20id%22%7D%2C%22credential%22%3A%7B%22signing_jwk%22%3A%7B%22kty%22%3A%22EC%22%2C%22d%22%3A%22y2NSNIvlRAEBMFk2bjQcSKbjS1y_NBJQ6jRzIfuIxS0%22%2C%22use%22%3A%22sig%22%2C%22x5c%22%3A%5B%22MIICHjCCAcOgAwIBAgIUZX9BS5CDOJRW2t1FK1UDMt%2FQwMEwCgYIKoZIzj0EAwIwITELMAkGA1UEBhMCR0IxEjAQBgNVBAMMCU9JREYgVGVzdDAeFw0yNDExMjUwODM2MDRaFw0zNDExMjMwODM2MDRaMCExCzAJBgNVBAYTAkdCMRIwEAYDVQQDDAlPSURGIFRlc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATT%2FdLsd51LLBrGV6R23o6vymRxHXeFBoI8yq31y5kFV2VV0gi9x5ZzEFiq8DMiAHucLACFndxLtZorCha9zznQo4HYMIHVMB0GA1UdDgQWBBS5cbdgAeMBi5wxpbpwISGhShAWETAfBgNVHSMEGDAWgBS5cbdgAeMBi5wxpbpwISGhShAWETAPBgNVHRMBAf8EBTADAQH%2FMIGBBgNVHREEejB4ghB3d3cuaGVlbmFuLm1lLnVrgh1kZW1vLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldIIJbG9jYWxob3N0ghZsb2NhbGhvc3QuZW1vYml4LmNvLnVrgiJkZW1vLnBpZC1pc3N1ZXIuYnVuZGVzZHJ1Y2tlcmVpLmRlMAoGCCqGSM49BAMCA0kAMEYCIQCPbnLxCI%2BWR1vhOW%2BA8KznAWv1MJo%2BYEb1MI45NKW%2FVQIhALzsqox8VuBRwN2dl5LkpnxP4oH9p6H0AOZmKP%2BY7nXS%22%5D%2C%22crv%22%3A%22P-256%22%2C%22kid%22%3A%225H1WLeSx55tMW6JNlvqMfg3O_E0eQPqB8jDSoUn6oiI%22%2C%22x%22%3A%220_3S7HedSywaxlekdt6Or8pkcR13hQaCPMqt9cuZBVc%22%2C%22y%22%3A%22ZVXSCL3HlnMQWKrwMyIAe5wsAIWd3Eu1misKFr3POdA%22%2C%22alg%22%3A%22ES256%22%7D%7D%7D&_gl=1*1jdsxft*_ga*NTcwMTk4NjI4LjE3MTIwODAzNTE.*_ga_NF8HNLNJJE*MTczNDY5MjAwNS43My4wLjE3MzQ2OTIwMDUuMC4wLjA.&_ga=2.116638278.1367150083.1734601215-570198628.1712080351&continue>
.

*Action items:*
On priority item 1, *please let us know what mdoc doctype/namespace people
are interested in testing*. The plan is to provide these tests before the
ISO test event, so that they can be used with 18013-7 Annex B conformance
testing.

For priority items 4 and 5, what that means in terms of requirements is the
following:
- custom url scheme: haip://
- PKCE
- scope
- PAR
- wallet attestation
- DPoP
- key attestation (using attestation proof)
- auth code flow
- both IETF sd-jwt vc and ISO mdoc
*Please let us know if this deviates from ISO 23220-3 work.*

Best,
Kristina
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20241220/6797a6e5/attachment.htm>