[Openid-specs-digital-credentials-protocols] Notes for DCP WG Call on 6th Feb

Rajvardhan Deshmukh (rajvdesh) rajvdesh at cisco.com
Thu Feb 6 19:39:10 UTC 2025 

Hi Folks,

Below is the list of attendees:

Rajvardhan Deshmukh
Kristina Yasuda
Aaron Parecki
Andy Lim
Joseph Heenan
Christian Bormann
Oliver Terbu
Daniel Fett
Brian Campbell
Jan Vereecken
Martijn
Pedro Felix
Hicham Lozi
Steve Venema

# Here are the meeting notes:


  *   LSP (European Union) POTENTIAL OpenID4VP interop testing event was successful!
     *   PID in mdoc and sdjwt openid for vp new version showcased, success higher than 70%
     *   Dcql implementations showcased this week.
     *   Things that caused Interpo issues insignificant:
        *   Alg as512 non compliance
        *   Gcm for encryption non compliance
        *   Draft 21 didn’t use jwk
        *   Only DCQL can’t talk with only PE
        *   Some implemented Client_id x509_san_dns and some implemented verifier attestation
        *   Only ½ implementations did X509 base key resolution
        *   Niskeys implementation where they have state parameter outside encrypted param. They will fix this.
        *   CBOR errors, lib version, mandatory vs optional
     *   (Paul) Would like Well-known paths recommendations


  *   PRs that need review, will be merged once 3-4 approvals are in, without another WG discussion, unless something unexpected comes up
     *   breaking change: https://github.com/openid/OpenID4VCI/pull/453
     *   noteworthy addition:
https://github.com/openid/OpenID4VP/pull/398
https://github.com/openid/OpenID4VP/pull/393
smaller PRs:
https://github.com/openid/OpenID4VCI/pull/452
https://github.com/openid/OpenID4VCI/pull/449
https://github.com/openid/OpenID4VCI/pull/439
https://github.com/openid/OpenID4VCI/pull/441
https://github.com/openid/oid4vc-haip/pull/85/
https://github.com/openid/OpenID4VP/pull/381


  *   Please continue the discussion in the comments for
"Clarify the wallet behavior if the signature can't be verfied"  https://github.com/openid/OpenID4VP/issues/395
multi RP request: discuss "If the RP sends a request with multiple client identifiers for one or more mdocs,
how is it supposed to figure out which client identifier to use for checking the session transcript in the respective device response?"
: https://github.com/openid/OpenID4VP/pull/308


  *   Same credential fulfilling multiple credential queries: https://github.com/openid/OpenID4VP/issues/397
3 options: https://github.com/openid/OpenID4VP/issues/397#issuecomment-2620040565
Paul: Don’t think this situation would arise (edge case) as RP would make 1 query request, so option A is simple.
Martijn: 1 cred for multiple queries might not be an edge cases. Easy if we fix now.
Listed few limitation: Using multiple keys, multiple presentations, offline systems, etc. He will list limitations in the PR.
Christian: In future, Composite proof (derived credentials) might require this.
please vote on your preferred option https://github.com/openid/OpenID4VP/issues/397#issuecomment-2640361230


  *   https://github.com/openid/OpenID4VP/issues/320: need more clarification on the requirement/properties of the subject for this PR.
Can this be covered by x509_san_uri ?



  *   https://github.com/openid/OpenID4VP/issues/304:
This addresses IOS’s concern about disclosing more than necessary/requested
good summary by Kristina https://github.com/openid/OpenID4VP/issues/304#issuecomment-2640485088



  *   https://github.com/openid/OpenID4VP/pull/401: need more discussion as the implications could lead to
diverging from base Oauth or breaking changes to earlier decision https://github.com/openid/OpenID4VP/pull/263



Thanks,
Raj
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20250206/22805da0/attachment-0001.htm>

More information about the Openid-specs-digital-credentials-protocols mailing list