[Openid-dcp] [OpenID DCP] EU friendly call meeting notes

Thu Feb 12 17:35:40 UTC 2026

Hi all,

Please find meeting notes that occurred on February 12 below.

Attendees:
- Joseph Heenan
- Gail Hodges
- Brent
- Frederik Krogsdal Jacobsen
- Jan Vereecken
- Klaus Roehrle
- Max Crone
- Rajvarhan Deshmukh
- Oliver Terbu
- Rene Leveille
- Tim Cappalli
- Dima Postnikov
- Ryan Galluzzo
- Valentine Mazurov

Notes:
- Gail Hodges on European Commission: 
-- As Exec Director I have no vote on cochairs, but I observed that in addition to spec work the cochairs play a role in ecosystem adoption, Comms, and liaisons with partner SDOs. In that context I can see the value of addition cochairs to share the load of this important work.
-- European Commission has a requirement to have test objectives that will inform the test cases, a practice of SDOs like ISO (e.g. 18013-6) but not OIDF practice. Given DCP WG and OIDF staff are at capacity at the moment, the EC requirement to progress test objectives was tricky to resource by OIDF. As a result the EC is resourcing and will publish opening test requirements. Staff will be disclosed on their progress on draft starting this week, as will a few of the WG volunteers from as early as next week. This small group will help ensure accuracy of the test objectives and their alignment to the underlying specifications. Once we think we have it as accurate as possible eg 95-99% right we would share with WG to confirm it is accurate. In parallel staff will ensure there are no gaps on test cases and align test cases and hierarchy. Ideally this would be published in April.
-- Any additional volunteers to this subgroup pls let me, Mark Haine or Joesph know. gail at oidf.org.
-- OIDF staff will also seek advice from the Specs Council on what if any requirements and OIDF process is suitable to develop and maintain test objectives. It could be that a process different to that of specs is suitable. We will keep DCP WG in the loop on any such requirements and process. The key insight here is balancing rigor of OIDF process, with requirements to maintain tests with some agility (e.g. Responsible Disclosures on security issues that might arise)
- Joseph Heenan on conformance tests update tests updates:
-- email on Monday: https://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/Week-of-Mon-20260209/001125.html
-- updates to VCI tests are coming in the near future (including batch issuence and encrypted response);
-- by the end of this month a new version of a VP conformance tests is planned for a release;
-- Fail Hodges:
--- Test tests and feedback are appreciated
--- Participants can be mentioned at a launch
- ISO:
-- Next call in 5 hours after OID DCP WG EU friendly call.
- Vacancy to co-chair OID DCP WG is open 
-- there are 2 candidates already
-- probably 2 co-chairs will be added
- IAE issues:
-- Make auth_session optional if other binding mechanism exists. #706
--- https://github.com/openid/OpenID4VCI/pull/706
-- Stuttgart 6: spec doesn't clearly state that client authentication is required in followup IAE requests #693
--- reviews needed
-- Stuttgart 5: In case of multiple redirect_to_web is request_uri unique each time? #692
--- https://github.com/openid/OpenID4VCI/issues/692
--- reviews needed
-- consistent iae_post #697
--- https://github.com/openid/OpenID4VCI/pull/697
--- Approved and merged
-- Use expected URL instead of expected origins for IAE flow #695
--- https://github.com/openid/OpenID4VCI/pull/695
--- Update according to Timo's input
-- Add invalid_tx_code error code to pre-authz code flow #686
--- https://github.com/openid/OpenID4VCI/pull/686
--- WG has not come to an agreement on whether MUST here is a breaking change
--- WG agreed to add an errata on brute force attacks to OID4VCI 1.0.

Best regards,
Valentine
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20260212/49b39997/attachment-0001.htm>