[Openid-dcp] DCP WG APAC 12th June 2025 Meeting Notes

[Stefan Charsley]

DCP WG APAC 12th June 2025
Attendees:

Joseph Heenan

Oliver Terbu

Stefan Charsley

Andres Olave

Kenichi Nakamura

Anders Mellqvist

Updates:

   -

   Update VP to draft 29 for public review, comprehensive privacy section
   update, session transcript updates, verifier_attestations -> verifier_info.
   Will formally happen at a later meeting
   -

   Continuing to work on conformance tests, added support for wallet
   attestations
   -

   VP draft 29 conformance tests possibly towards end of next week
   -

   Another interop session for VCI being scheduled
   -

   VCI to WGLC hopefully next week


Discussing OpenID4VCI:

Cleanup language around c_nonce #525
<https://github.com/openid/OpenID4VCI/pull/525>

   -

   Stefan: consistency on nonce_endpoint vs Nonce Endpoint, approved after
   change
   -

   More approvals needed


Attempt to make OAuth2 security recommendations more actionable #534
<https://github.com/openid/OpenID4VCI/pull/534>

   -

   More approvals needed


Clarify that number of issued credentials is related to number of keys #533
<https://github.com/openid/OpenID4VCI/pull/533>

   -

   More approvals needed


require proof_signing_alg_values_supported to match key proof algorithms
and rename ldp_vp to di_vp #529
<https://github.com/openid/OpenID4VCI/pull/529>

   -

   More approvals needed


Align claims path query for ISO mdocs with JSON-based credentials #513
<https://github.com/openid/OpenID4VCI/pull/513>

   -

   Have approvals, merged


decouple credential metadata #500
<https://github.com/openid/OpenID4VCI/pull/500>

   -

   Andres: credential_metadata name feels weird
   -

   Andres: Look at metadata coming from other ecosystem sources
   -

   Stefan: type_metadata name proposed could possibly confuse people as
   metadata structure is not quite the same as SD-JWT type_metadata


Add support for request encryption to credential endpoint and
request/response encryption to deferred credential endpoint #505
<https://github.com/openid/OpenID4VCI/pull/505>

   -

   Will discuss this more in the next EU meeting


Remove the option to use format from authorization_details in the
Authorization Request #517 <https://github.com/openid/OpenID4VCI/pull/517>

   -

   Andres: will take a look a further look, possibly raise a separate issue
   so this one can be merged


Presentation During Issuance #509
<https://github.com/openid/OpenID4VCI/pull/509>

   -

   Andres: will this support cross wallet presentation? Potential use case
   for presenting from government wallet and issuing to another wallet as
   government wallet can only store government issued credentials
   -

   Stefan: would be good for renewing/refreshing outdated/expired
   credential without refresh_token, also HAIP recommends refresh_token last
   no more than 1 year


Integrity of the JWK used for Credential Response encryption #522
<https://github.com/openid/OpenID4VCI/pull/522>

   -

   Take a look if interested in encryption


Attempt to clarify intro text about key attestations #524
<https://github.com/openid/OpenID4VCI/pull/524>

   -

   More reviews please
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20250612/534a6acc/attachment-0001.htm>