[Openid-dcp] Notes from 28th Aug EU call

Joseph Heenan joseph at authlete.com
Thu Aug 28 16:08:30 UTC 2025 

Attendees

Gail Hodges
Joseph Heenan
Kristina Yasuda
Andy Lim
Bjorn Hjelm
Brian Campbell
Hicham Lozi
Klaus Roehrle
Lee Campbell
Martijn
Oliver Terbu
Peter Sorotokin
Rajvardhan Deshmukh
Ryan Galluzzo
Christian Bormann
Paul Bastian


General updates

DCP hybrid meeting pre-IIW Monday morning expected to be at Cisco, invites should appear in next few days.

Thursday 11th September EU call will be extended to 2 hours to allow additional time on HAIP.

VCI


PR 621: Kristina to update use of terms, Joseph to approve, then we’ll merge.


PR 639 (update to language in split-architecture): Agreed on call to merge.

Issue 638 (move encrypted messages section): Agreed to look at addressing that, will ask if Gareth can do a PR



VP

Some IANA registrations have been processed; some others we’ve had queries back from the experts. Joseph will check the responses and deal with them or raise them to the working group as appropriate.


HAIP


Issue 65 (key resolution for status list): agreed to close as we have more specific issues for each of the currently unsolved issues.

Issue 218 (profiling of status list) - the remaining change may be handled in SD-JWT VC. Brian will figure out if we need to say something in HAIP as well.

Issue 136 (Requirements that can't be met unless browser/OS support them): Agree to look at adding a generic disclaimed, see comment on the issue from Kristina. Joseph to try doing a PR.

Issue 184 (What to do about non-high-assurance credentials): As per Kristina’s comment on the issue, consensus to try and align those use cases on using HAIP, add text to HAIP to make this clear, Christian to try doing a PR.

Issue 243 (Reasons for x509_hash instead of x509_san_dns client id prefix):

see discussion on issue. Ecosystems/certificate issuers may define certificate profiles etc.

Discussion about whether we’re still comfortable with using x509_hash over x509_san_dns. There were potential extra security benefits of x509_san_dns, but it was not going to work for all certificate formats. Some people do want to reuse existing x509 certificates. Needs further discussion. Please answer the questions Kristina added on the issue.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20250828/cc0a007b/attachment.htm>

More information about the Openid-specs-digital-credentials-protocols mailing list