[Openid-dcp] OID4VP draft 29 published

[Joseph Heenan]

Hi all

Draft 29 of OID4VP has been published:

https://openid.net/specs/openid-4-verifiable-presentations-1_0-29.html

The reason for publishing this is that this is the version we will push into public review (as per agreement on today’s WG call) and expect to get working group consensus to take to the foundation wide vote for final.


Change log is (only the first two are really normative):

define mdoc session transcript for redirect-based oid4vp flow
rename verifier_attestations parameter name to verifier_info
make the meta parameter mandatory in DCQL query
explicitly state that various arrays need to be non-empty
clarify text about how encryption keys are obtained
clarify how hashing works in transaction_data_hashes
rework & expand privacy considerations section
capitalise use of defined terms more consistently
relax language in some cases that required wallets to always perform signature verification
fix language implying verifier_attestations was mandatory
try to make it clearer that direct_post.jwt builds on top of direct_post
update pre-final specs section
add IANA considerations for encrypted_response_enc_values_supported
remove now unused reference to JARM
move verifier_attestations IANA consideration to correct section
fix title in 23220-2 ref
add example of response encryption
remove reference to CBOR encoding the OpenID4VPDCAPIHandoverInfo thumbprint
fixed reference for DC API single/multi sign requests and made it clear what the protocol identifier is
fix type_values example in W3C Verifiable Credential section
fix an example that used now removed jwt_vp and ldp_vp
fix description of invalid_request error
add note that cross-device flow diagram doesn't show all parameters
additions to & typo fixed in acknowledgements

Thanks

Joseph

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20250610/2ca2e462/attachment-0001.htm>