[Openid-dcp] DCP WG + SIOP Call (EU) Aug 7

Lukasz Jaromin lukasz.jaromin at raidiam.com
Thu Aug 7 17:26:35 UTC 2025 

Hi All,

Please find below the minutes form the EU meeting today.


Attendees
Joseph Heenan (Chair)

Oliver Terbu

Lukasz Jaromin

Andrea Brian
Andy Lim
David Waite

David Zeuthen

Gareth Oliver

Hicham Mlozi

Jan Vereecken

Lenah Chacha

Martijn

Matthew Miller

Michael Jones

Oliver Terbu

Rajvardhan Deshmukh

Rene Leveille


Intro:

  *   No updates on events
  *   Announcement on In-person DCP WG on Monday prior to IIW


OpenID4VCI Public Review

  *   VCI Iis under public review. Announcement on voting is next Thursday
  *   Voting starts on 29th
  *   Plan to publish new version prior to voting
  *   Target publish date: Tuesday next week
  *   Thursday WG meeting extended to two hours to work on HAIP issue


VCI PRs


PR #589
https://github.com/openid/OpenID4VCI/pull/589

  *   Call to review and assess any security concerns
  *   After changes, no outstanding issues expected
  *   Tobias will be updating it today/tonight based on PR comments
  *   Jan: no new security concerns
  *   Joseph said about some concerns
  *   Oliver: mandating fresh session values should mitigate
  *   Joseph: mitigates, but different from auth code flow
  *   Jan volunteered to do a PR

PR #595
https://github.com/openid/OpenID4VCI/issues/595

  *   Needs to be addressed
  *   Daniel planned PR, didn’t manage
  *   Lenah volunteered


PR #605

  *   From Gareth
  *   Christian will review


PR #603

  *   4 approvals
  *   No objections → merged


PR #602

  *   Olivier on IAE URL
  *   Align to DC API structure using origin
  *   Call to review
  *   Gareth volunteered


PR 599 -> Editorial


PR #583

  *   From Gareth
  *   Call to review
  *   Joseph and Oliver volunteered


Issues

  *   #607 – editorial
  *   #609 – new comment added, review direction
     *   Call to do a PR, Oliver volunteered
  *   #604 – discussed. Joseph clarified that in VCI we IAE if is listed then the wallet should use it, while Oliver is suggesting that the issuer has a way to indicate it must be used. Now if wallet has a choice then it may not do it. The issuer needs to have a way to indicate that it must be done. Gareth supports it. We want to add a new metadata. See more comments in the issue.
  *   #611 – discussed, call to PR
  *   #612 – slight rewording, call for PR volunteer
  *   #606 – needed by Tue. Is it important? Gareth: important
     *   Should wallet revoke credentials when issuing new ones?
     *   Discussion: Oliver, Gareth, Joseph, LJ, Jan
     *   Jan volunteered to do PR

HAIP

  *   Call for approvals – most PRs open >7 days
  *   PR #231 – special call to review, what does high assurance mean?
  *   PR #217 – Torsten will work on it
  *   PR #210 – Torsten will review it

General call to review PRs

Call closed



Lukasz Jaromin
Head of Standards and Product Strategy
lukasz.jaromin at raidiam.com<mailto:lukasz.jaromin at raidiam.com>



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20250807/dd6cb4a9/attachment-0001.htm>

More information about the Openid-specs-digital-credentials-protocols mailing list