[Openid-dcp] Notes from Oct 24 2025 hybrid meeting

Bjorn Hjelm blhjelm at gmail.com
Tue Nov 4 19:46:41 UTC 2025 

*DCP WG Notes - Oct 24 2025 Hybrid Meeting*

*Attendees*
Joseph
Kristina
Gareth
Lee
Martijn
Hicham
Christian
Paul
Tobias
Brian
Oliver
Victor Lu
Yuki Tokimori
Bjorn

*IIW Discussion Topics*

1. Both VP and VCI: HPKE

   - Gareth summarized the proposed text for HPKE in OID4VP Issue #676
   <https://github.com/openid/OpenID4VP/issues/676>.
   - Brian expressed concerns that a new response_mode.hpke might be
   problematic because the verifier needs to specify how it wants encryption
   to work. The topic of (a) how to communicate the usage of HPKE and (b) how
   to actually do HPKE was also raised.
   - The options available for moving forwards are (1) wait for IETF
   draft-ietf-jose-hpke-encrypt
   <https://datatracker.ietf.org/doc/draft-ietf-jose-hpke-encrypt/>, (2)
   define JWE with HPKE in DCP WG, or (3) define a 'vanilla' HPKE wrapper.
   There was no decision made and the group was requested to continue the
   discussion in the issue.


2. OID4VCI: Interactive Authorization Endpoint (IAE) - presentation during
issuance

   - Joseph highlighted the open issues related to IAE
   <https://github.com/openid/OpenID4VCI/issues?q=is%3Aissue%20state%3Aopen%20label%3Aiae%20sort%3Aupdated-desc>
   and the group reviewed the open PRs
   <https://github.com/openid/OpenID4VCI/pulls?q=is%3Aopen+is%3Apr+label%3Aiae>.
   Joseph agreed to create a PR for issue #595
   <https://github.com/openid/OpenID4VCI/issues/595>.
   - The group agreed to prioritize PR #602
   <https://github.com/openid/OpenID4VCI/pull/602> before discussing PR #629
   <https://github.com/openid/OpenID4VCI/pull/629>; open an issue about
   where (OID4VCI or OID4VP) to define this new response mode (see new issue #
   665 <https://github.com/openid/OpenID4VCI/issues/665>); and try to merge
   PR #602 <https://github.com/openid/OpenID4VCI/pull/602> before
   addressing the previous two points.
   - The group agreed that PR #615
   <https://github.com/openid/OpenID4VCI/pull/615> was ready to merge and
   to open a new issue/PR related to Paul's concern with more metadata
   <https://github.com/openid/OpenID4VCI/pull/615#issuecomment-3444121798>.
   Paul will also create a PR for OID4VCI issue #598
   <https://github.com/openid/OpenID4VCI/issues/598>.


3. VCI: Server-to-server issuance

   - The group reviewed the discussion at IIW (captured in OID4VCI issue #
   663 <https://github.com/openid/OpenID4VCI/issues/663> from Day 2
   <https://github.com/openid/OpenID4VCI/issues/663#issue-3519071851> and Day
   3
   <https://github.com/openid/OpenID4VCI/issues/663#issuecomment-3444079052>
   ).
   - The group discussed the requirements/assumption for server-to-server.
   It was agreed that this work shouldn't complicate existing OID4VCI
   implementations.
   - A draft Google Doc
   <https://docs.google.com/document/d/1spjhNkVqTd2E9dDrH7YSNz9xgl6wwdOhS5C9yW29ArE/edit>
was
   created to capture the requirements.
   - The general building blocks include issuer authenticating the user;
   authorization of the wallet server to the issuer server; issuer server
   establishing how to determine information is coming from user device; and
   wallet/credential lifecycle management.
   - Gareth started documenting an overall flow in a sequence diagram.


4. VCI: DC API

   - The group agreed to wait for the W3C FedID to discuss DC API issue #382
   <https://github.com/w3c-fedid/digital-credentials/issues/382> before the
   WG would take any actions.


5. VCI: credential usage policy

   - HAIP #260 <https://github.com/openid/OpenID4VC-HAIP/issues/260>
was discussed
   at IIW
   <https://github.com/openid/OpenID4VC-HAIP/issues/260#issuecomment-3438728923>
    and the group agreed that Gareth would draft a PR that Paul can use as
   input towards ETSI.


6. VCI: per-credential metadata

   - OID4VCI Issue #421 <https://github.com/openid/OpenID4VCI/issues/421>
   was discussed at IIW
   <https://github.com/openid/OpenID4VCI/issues/421#issuecomment-3438409665>.
   Christian agreed to create a PR related to how the wallet should display
   it
   <https://github.com/openid/OpenID4VCI/issues/421#issuecomment-3444191692>
   .


*HAIP*

The group was asked to review the open PRs
<https://github.com/openid/OpenID4VC-HAIP/pulls> (#312, #313, #323, #324,
#325).

-- 
Kind Regards,
Bjorn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20251104/8351450c/attachment.htm>

More information about the Openid-specs-digital-credentials-protocols mailing list