[Openid-dcp] DCP WG US call agenda
Paul Bastian
paul.bastian at posteo.de
Tue Jun 3 20:06:39 UTC 2025
Hi all,
here are today's meeting notes:
participants:
- Paul Bastian
- Joseph Heenan
- Kristina Yasuda
- Andres Olave
- Bjorn Hjelm
- Brian Campbell
- Christian Bormann
- Daniel Fett
- David Zeuthen
- Gareth Oliver
- Hicham Lozi
- Robert Gallaher
- Michael Jones
- Oliver Terbu
- Oriol Canades Diez
- Peter Sorotokin
- Rejvardhan Deshmukh
- Tobias Looker
updates:
- next Thursday call is extended to two hours, 5-7pm CEST to tackle more
issues before getting specs to final
OpenId4VP:
- vote starts in less than 2 weeks, 16th of June
- Issue #613
- naming conflict between verifier_attestation (client_id prefix) and
verifier_attestations (additional assertions about the Verifier metadata)
- unsure if there are people using verifier_attestation
- verifier_attestations is quite new, so likely also few implementations
proposal to rename verifier_attestations -> verifier_info
- PR#614 -> no contribution agreement
- PR#597
- proposal by Kristina
- define apu/apv for ECDH-ES JWE in 1.0
- when JOSE-HPKE is available define in 1.1
- Mike: authors are trying to push for WGLC for JOSE-HPKE, define
apu/apv in profiles
- Christian: profiles is complicated because you need to communicate
the profile, better in OpenID4VP
- Joseph agrees with Christian, define apu/apv in VP is making
ecosystem easier
- Oliver agrees with VP option, less optionality, better interoperability
- Paul agrees as well
- Brian has concerns, especially about canonicalization, likely
source of failures
- Gareth points out we have implementation experience with
SessionTranscript in mdoc
- Paul points out this was in CBOR, Joseph agrees
- Oliver proposes reusing SessionTranscript
- Brian, Kristina and Joseph not feeling comfortable to mandate CBOR
- Tobias: errors in decoding appear immediately because decryption fails
- Christian: do not use delimiters
- latest proposal see:
https://github.com/openid/OpenID4VP/pull/597#issuecomment-2936923410
- Gareth to make a proposal PR
- PR#509 on privacy considerations has some open discussion
- discussion passive outsider unobservality -> agreement to drop it
- discussion on accuracy/quality -> agreement to drop first bullet
point, too vague
- dropping requirement to wallet keep verifier's privacy notice
- keeping considerations about Wallet/Verifier having
responsibilities for PII data received through OpenID4VP
- please review!
- OpenID4VCI
- no outstanding issues that needs to be discussed
- but 20 open PRs
- label "reviews-needed" -> please review!
- label "priority" -> bigger normative change
On 6/3/25 01:18, Kristina Yasuda via
Openid-specs-digital-credentials-protocols wrote:
> Hi All,
>
> Below is proposed agenda for tomorrow's US friendly call (9pm Germany
> time) on the usual zoom,
> https://zoom.us/j/94085567252?pwd=cHNFMExFalhlM2MrOFhoN3J6eDRuZz09
>
> 1. OIDF Antitrust Policy at www.openid.net/antitrust
> <http://www.openid.net/antitrust> applies / IPR reminder
> 2. Note-taking
> 3. Updates
> 4. OpenID4VP
> 1. *Issue to discuss*
> 1. https://github.com/openid/OpenID4VP/issues/613
> 2. PR to discuss
> 1. https://github.com/openid/OpenID4VP/pull/597
> 3. please review the rest of PRs!
> 1. https://github.com/openid/OpenID4VP/pulls
> 5. OpenID4VCI
> 1. please review PRs: https://github.com/openid/OpenID4VCI/pulls.
> we added labels to them to help you with prioritizing the reviews
>
>
> about HAIP... there are few PRs that need to be reviewed too:
> https://github.com/openid/oid4vc-haip/pulls
> <https://github.com/openid/oid4vc-haip/pulls>
>
> If anyone has any specific topics they’d like to cover please reply to
> this email or ask at the start of the call.
>
> Thank you!
> Kristina
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20250603/e1a2057a/attachment.htm>
More information about the Openid-specs-digital-credentials-protocols
mailing list