[Openid-specs-digital-credentials-protocols] [agenda] DCP WG call

Wed Mar 19 09:18:14 UTC 2025

Hi All,

This is the text that I mentioned during the discussion on "verifier's
public key in sessionTranscript
https://github.com/openid/OpenID4VP/issues/400" that already outlines
common requirements on audience binding and session binding (nonce) fo all
credential formats:

"This cryptographic proof of possession MUST be bound by the Wallet to the
intended audience (the Client Identifier of the Verifier) and the
respective transaction (identified by the nonce parameter in the
Authorization Request). The Verifier MUST verify this binding."

and

"Note: Different formats for Verifiable Presentations and signature/proof
schemes use different ways to represent the intended audience and the
session binding. Some use claims to directly represent those values, others
include the values into the calculation of cryptographic proofs. There are
also different naming conventions across the different formats."

from:
https://openid.github.io/OpenID4VP/openid-4-verifiable-presentations-wg-draft.html#section-14.1-3

and each credential format section in annex B has a section like the
following

"The following requirements apply to the nonce and aud claims in the Key
Binding JWT:
- the nonce claim MUST be the value of nonce from the Authorization Request;
- the aud claim MUST be the value of the Client Identifier;"

from:
https://openid.github.io/OpenID4VP/openid-4-verifiable-presentations-wg-draft.html#appendix-B.4.5

Hope this clarifies.

Best,
Kristina

On Tue, Mar 18, 2025 at 6:49 PM Kristina Yasuda <yasudakristina at gmail.com>
wrote:

> Hi All,
>
> Just to confirm that we have a call in about 1.5hmin - for those outside
> the US, this would mean 1h earlier than usual. Unfortunately, we will have
> this shift for few weeks until daylight savings starts in Europe too.
>
> To also communicate in writing, the plan is to focus on getting OpenID4VP
> ready for 1.0 Final (we are on track for June) first and then move to
> OpenID4VCI and then HAIP.
>
> Below is the suggested agenda for the DCP WG call:
>
>    1. OIDF Antitrust Policy at www.openid.net/antitrust applies / IPR
>    reminder
>    2. Note-taking
>    3. Events/External orgs
>       - please register for pre-IIW and post-IIW Hybrid DCP WG meetings
>    4. *Vote for Proposed Implementer’s Draft of OpenID4VC High Assurance
>    Interoperability Profile is being conducted at*
>    https://openid.net/foundation/members/polls/355
>    5. mark ready for PR? verifier's public key in sessionTranscript
>    https://github.com/openid/OpenID4VP/issues/400
>    6. potential breaking change? VCs without VPs:
>    https://github.com/openid/OpenID4VP/issues/6
>    7. EUDIW requirement. RP registration certificates and other
>    attestations/certificates to match issuer policies: https://github.com/openid/OpenID4VP/issues/396
>
>    8. please review! as this one unblocks some other important PRs:
>    https://github.com/openid/OpenID4VP/pull/448
>       1. other PRs labelled Final 1.0 for OpenID4VP:
>       https://github.com/openid/OpenID4VP/pulls?q=is%3Aopen+is%3Apr+milestone%3A%22Final+1.0%22
>    9. agree on the direction for "same credential fulfilling multiple
>    credential queries" https://github.com/openid/OpenID4VP/issues/397
>    10. parked until the input from European Commission: wallet
>    attestation during presentation PR:
>    https://github.com/openid/OpenID4VP/pull/318
>
> *about VCI....* Here is the list of issues that would require longer
> discussion in OpenID4VCI. we will get to them in 1-2 weeks once we tackle
> all opendi4vp issues. please start looking at them:
>
>    - https://github.com/openid/OpenID4VCI/issues/71
>    - https://github.com/openid/OpenID4VCI/issues/205
>    - https://github.com/openid/OpenID4VCI/issues/305
>    - https://github.com/openid/OpenID4VCI/issues/1
>    - https://github.com/openid/OpenID4VCI/issues/99
>
> *about HAIP... *there are few PRs that need to be reviewed too:
> https://github.com/openid/oid4vc-haip/pulls
>
> Best,
> Kristina
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20250319/1acd1689/attachment-0001.htm>