[Openid-dcp] DCP WG APAC 31st July 2025 Meeting Notes

Stefan Charsley charsleysa at gmail.com
Thu Jul 31 08:09:27 UTC 2025 

DCP WG APAC 31st July 2025

Attendees:

   -

   Martijn Haring
   -

   Christian Bormann
   -

   Dima Postnikov
   -

   Kenichi Nakamura
   -

   Oliver Terbu
   -

   Joseph Heenan
   -

   Stefan Charsley
   -

   Nat Sakimura




UPDATES

   -

   Client attestation draft progressing well
   -

   Token status list progressing well
   -

   SD-JWT DID discussion resolved, will likely proceed without significant
   text for DID
   -

   JOSE HPKE, further changes desired, likely to have breaking changes
   -

   ISO meeting, shared latest draft of HAIP, more discussion around APU/APV
   -

   VCI under public review



VCI

https://github.com/openid/OpenID4VCI/pull/589

   -

   Martijn: does there need to be changes specified in VP for
   SessionTranscript?
   -

   Oliver: unsure as well what to use for SessionTranscript
   -

   Joseph: generated according to Appendix B.2.6.2
   -

   Martijn: the DC API mechanism should not be used for anything other than
   DC API
   -

   Joseph: no text in HAIP that says anything about this
   -

   Martijn: HAIP says DC API flow cannot be invoked for anything other than
   DC API. only HAIP section 5 and section 6 flows allowed. Section 6 is not
   applicable to IAR endpoint.
   -

   Christian: we dont want to restrict IAR response types
   -

   Christian: need to clarify text regarding SessionTranscript for IAR
   -

   Oliver: 6.2.1.1, processing request point 2 and 3 of should be moved to
   format specific annexes
   -

   Martijn: IAR origin would be invalid since it’s not an origin when
   prefixed with `iar:`
   -

   Joseph: `iar:` is a Client ID Prefix
   -

   Martijn: there is the option of not being strictly compliant with
   OpenID4VP for IAR
   -

   Oliver: could create a new SessionTranscript for IAR to be compliant
   with VP
   -

   Martijn: we might have to list everything from VP thats needed in VCI
   for IAR




https://github.com/openid/OpenID4VCI/pull/584

   -

   Needs more reviewers
   -

   Stefan to review



https://github.com/openid/OpenID4VCI/pull/581

   -

   Enough reviewers, merged



https://github.com/openid/OpenID4VCI/pull/583

   -

   Needs more reviewers
   -

   Christian to review



HAIP

https://github.com/openid/oid4vc-haip/pull/222

   -

   Needs more reviewers


https://github.com/openid/oid4vc-haip/pull/223

   -

   Christian: unrelated, HAIP needs a restructure for readability after
   merging PRs
   -

   Needs more reviewers


https://github.com/openid/OpenID4VCI/issues/590

   -

   Martijn: checking of the expected origin requires stripping IAR prefix,
   need to be clear of processing


https://github.com/openid/oid4vc-haip/pull/214

   -

   Needs more reviewers



https://github.com/openid/oid4vc-haip/pull/208

   -

   Martijn: what is the need in requiring publishing scopes for every
   credential?
   -

   Oliver: no reason not to mandate the publishing of scope for every
   credential
   -

   Christian: need to clarify requirements for AS metadata as it could be
   published on different paths
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20250731/c60c930f/attachment-0001.htm>

More information about the Openid-specs-digital-credentials-protocols mailing list