[Openid-dcp] DCP WG APAC 18th September 2025 Meeting Notes
Stefan Charsley
charsleysa at gmail.com
Thu Sep 18 08:25:57 UTC 2025
DCP WG APAC 18th September 2025
Attendees
Martijn Haring
Philip Halsall
Joseph Heenan
Stefan Charsley
Hiroyuki Sano
Tobias Looker
Updates
VCI 1.0 vote finished, final version of 1.0 spec published
Hope to start process for HAIP within next few weeks
HAIP
prohibit self-signed certificates for x509_hash #252
<https://github.com/openid/OpenID4VC-HAIP/pull/252>
-
Martijn: what does the mandate to do RP authentication when doing the
redirect flow mean? Why does DC API flow not need it?
-
Joseph: unsigned redirect flow, 2 issues, not letting the user send a
credential to unauthenticated verifier, also not sending credentials that
verifier didn’t request
-
Big discussion on what benefits RP authentication and signed requests
provide for redirect flow vs DC API flow
-
Tobias: upfront RP authentication when there isn’t preshared roots with
wallets is an issue. One solution is to have lookup for JWKS on the domain,
relying on TLS
-
Tobias: using self-signed certificates isn’t necessarily the best
solution for that
-
Stefan: agreed, other solution sounds better, happy with prohibiting
self-signed certs
-
new issue will be opened about upfront RP authentication
Seperate schemes for VP/VCI, make custom uri support ecosystem decision #266
<https://github.com/openid/OpenID4VC-HAIP/pull/266>
-
Joseph: just need to add iana considerations
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20250918/3ca49c1e/attachment-0001.htm>
More information about the Openid-specs-digital-credentials-protocols
mailing list