[Openid-dcp] DCP WG APAC meeting notes for February 25th
Frederik Krogsdal Jacobsen
frederik.krogsdal at idura.eu
Wed Feb 25 09:11:41 UTC 2026
- Participants: Joseph Heenan, Frederik Krogsdal Jacobsen, Valentine
Mazurov, Stefan Charsley, Martijn Haring, Paul Bastian
- Events:
- OAuth Security Workshop on May 27-29
- Proposed face-to-face meeting with ISO on May 30 (location
to-be-decided)
- Test requirements document for EU
- Will eventually get to the working group, but needs more work first.
- Ecosystem CG updates
- W3C is requesting help with digitalcredentials.dev site. It is
currently more or less empty and needs content to explain the basic
concepts of OpenID4VC. It is focused on the DC API context. You/your
company can be credited on any pages you contribute to.
- Conformance test updates
- Please try the new tests and report to Joseph or Thomas if you run
into issues. See
https://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/Week-of-Mon-20260209/001125.html
- Joint work with ISO
- Next meeting with Tuesday. There are multiple suggestions for
structure of the work. In the next meeting, the group will be asked for
feedback on the suggestions.
- Server-to-server updates
- There is an initial draft of the structure of the APIs that the
group is gathering feedback on. See
https://github.com/openid/OpenID4VCI/issues/663
- The group will soon start drafting normative text, so a decision
needs to be made on where that will be located.
- Server-to-server will require a lot of changes, so it will be
difficult to develop as part of the “main” spec.
- There are multiple options: create a separate spec, fork the
main spec and try to merge it back in later, copy and trim
down the main
spec, etc.
- One issue: the structure of the “main” spec assumes an
OAuth-based structure, which may not fit well with the
server-to-server
communication.
- It’s unclear how much of the VCI text can be used because the
structure of server-to-server is not stable yet.
- Co-chair appointment proposal
- There are two candidates: Brent Zundel and Dima Postnikov.
- The current co-chairs (Kristina and Joseph) recommend to appoint
both of the candidates such that there will be four co-chairs
going forward.
- Zoom setup
- Other groups have had issues with spam bots joining calls, so we
may need to introduce some mitigation such as requiring login or waiting
rooms.
- Proposal: post-OID4VP authn and authz integration
- See https://github.com/openid/OpenID4VP/issues/695
- WG consensus: we should add the security consideration
- The WG likes the pattern suggested by Joseph, but more discussion
is necessary on where it should be located. It might be in the
spec itself
(as suggested in the issue), in an OIDF white paper or somewhere else.
Perhaps a task for the Ecosystem CG.
- OpenID4VP 1.1
- Please review https://github.com/openid/OpenID4VP/pull/698
- Discussion on whether we allow “small” breaking changes in 1.1 or
not. More discussion is required.
- Interactive Authorization Endpoint
- Please review open PRs:
- https://github.com/openid/OpenID4VCI/pull/710
- https://github.com/openid/OpenID4VCI/pull/706
- Please review these issues:
- https://github.com/openid/OpenID4VCI/issues/696
- https://github.com/openid/OpenID4VCI/issues/703
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20260225/f8852aa2/attachment.htm>
More information about the Openid-specs-digital-credentials-protocols
mailing list