<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>DCP Meeting notes for 10th of December 2025<br>
<br>
Participants:<br>
Paul Bastian<br>
Kristina Yasuda<br>
Jan Vereecken<br>
Michael Jones<br>
Andrew Regenscheid<br>
Bjorn Hjelm<br>
Brian Campbell<br>
Daniel Fett<br>
Edmund Jay<br>
Hicham Lozi<br>
Jin Wen<br>
John Bradley<br>
Martjin Haring<br>
Nemanja Patrnogic<br>
Ryan Galluzzo<br>
Steve Venema<br>
Tobias Looker<br>
Tom Jones<br>
<br>
OpenID4VCI Wallet Attestation #408<br>
- has 3 approvals, waiting for a few more, please review<br>
<br>
OpenID4VCI Claim displasy description #276<br>
- waiting for changes to let mdoc use "path"<br>
- needs more approvals<br>
<br>
OpenID4VP ID3 vote is starting soon<br>
-
<a class="moz-txt-link-freetext" href="https://openid.net/public-review-period-for-proposed-third-implementers-draft-of-openid-for-verifiable-presentations-specification-3/">https://openid.net/public-review-period-for-proposed-third-implementers-draft-of-openid-for-verifiable-presentations-specification-3/</a><br>
- get ready to vote:
<a class="moz-txt-link-freetext" href="https://openid.net/foundation/members/polls/346">https://openid.net/foundation/members/polls/346</a><br>
<br>
ISO meeting updates:
<a class="moz-txt-link-freetext" href="https://docs.google.com/document/d/1AJDDWuRG_b-MOBrAwhBoQV3dhH3LD31WNEQKzOB36SY/edit?tab=t.0">https://docs.google.com/document/d/1AJDDWuRG_b-MOBrAwhBoQV3dhH3LD31WNEQKzOB36SY/edit?tab=t.0</a><br>
- chairs want over all OpenID4VP issues and labeled/created
milestones for Final 1.0<br>
- WG10 asked for more time to review document and then discussion
will continue in January<br>
- HAIP will define mdoc over Digital Credentials API<br>
- no hard timelines defined from WG10, but moving fast seems
good to get things settled<br>
- WG10 does not want to update Annex B ISO18013-7, so putting mdoc
over vanilla OpenID4VP in HAIP seems to make sense<br>
- if ID3 gets approved in vote, then Annex B seems deprecated<br>
- encryption over Browser API seems another important topic,
related to HPKE discussions<br>
- chairs would ask to focus HAIP<br>
<br>
HAIP refactor to add mdoc profile over OpenID4VP with Digital
Credentials API Issue#122<br>
- removed mentions of transaction data<br>
- Handover needs to be discussed further, there are some open
issues as follow-ups<br>
- 3 approvals and some editorial suggestions open<br>
- Kristina will clarify that Torsten's objections are solved<br>
- need 2-3 more approvals and then merge<br>
<br>
HAIP Encryption Issue#131<br>
- 3 options<br>
- option 1: use JWE with ECDH-ES as before and define apu+apv<br>
- option 2: use JWE with HPKE of existing IETF draft
<a class="moz-txt-link-freetext" href="https://datatracker.ietf.org/doc/html/draft-ietf-jose-hpke-encrypt-02">https://datatracker.ietf.org/doc/html/draft-ietf-jose-hpke-encrypt-02</a><br>
- option 3: define new method how to do HPKE within OpenID4VP<br>
- Mike: intend to accelerate IETF HPKE draft for option2, option3
seems a bad idea as we don't get cryptographic review<br>
- Kristina: possible to define multiple options and signal an
shift to implementers<br>
- Paul: how does option 2 enable lazy verifier problem that JWE
with ECDH-ES does not?<br>
- Brian/Tobias: they basically do the same, ECDH-ES with JWE just
doesn't allow detaching some of the data<br>
- Mike/Brian: IETF HPKE allows detached information, but IETF JOSE
HPKE doesn't currently support that, need to file an issue<br>
- Tobias: HPKE may use aad and communicate out-of-band/detached to
enable this<br>
- John: which value want people to use?<br>
- Brian: probably origin in DC API<br>
- Tobias: may be bad for debugging<br>
- Brian: there many other things a Verifier must do to be secure
that we cannot cover with this..<br>
- Paul: evaluation seems wrong, HPKE JOSE doesn't have this
feature right now, so there seems no difference between Option 1
and 2<br>
- Paul: we should not use session transcript or anything
credential format specific, as encryption is on the openidv4p
level<br>
- Kristina: most important we need to agree if we want to tackle
lazy verifier problem<br>
- HPKE JOSE won't be ready in January, seems best to start with
what we have right now and have option to move later on<br>
<br>
Best regards,<br>
Paul<br>
</p>
<div class="moz-cite-prefix">On 10.12.24 18:45, Kristina Yasuda via
Openid-specs-digital-credentials-protocols wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAFje9PhyxkZVGNUT+SxmQwDu75gLSix0n-H_6D0-rd=rY9Prag@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div class="gmail_quote gmail_quote_container">
<div>
<div name="messageBodySection">
<div dir="auto">Hi, <br>
<br>
Here is the agenda proposal for the call later today. <br>
</div>
<ol type="1">
<li style="font-size:10pt"><span
style="color:#000000;background-color:transparent;font-family:Arial,sans-serif;font-size:10pt">OIDF
Antitrust Policy at </span><a
style="background-color:transparent;font-family:Arial,sans-serif;font-size:10pt"
href="http://www.openid.net/antitrust"
target="_blank" moz-do-not-send="true">www.openid.net/antitrust</a><span
style="color:#000000;background-color:transparent;font-family:Arial,sans-serif;font-size:10pt"> applies</span></li>
<li style="font-size:10pt"><span
style="color:#000000;background-color:transparent;font-family:Arial,sans-serif;font-size:10pt">IPR
reminder/ Note-taking</span></li>
<li style="font-size:10pt"><span
style="color:#000000;background-color:transparent;font-family:Arial,sans-serif;font-size:10pt">Introductions/re-introductions</span></li>
<li style="font-size:10pt"><span
style="color:#000000;background-color:transparent;font-family:Arial,sans-serif;font-size:10pt">Agenda
bashing/adoption</span></li>
<li style="font-size:10pt"><span
style="color:#000000;background-color:transparent;font-family:Arial,sans-serif;font-size:10pt">Events/External
orgs</span></li>
<ol>
<li style="font-size:10pt"><span
style="color:#000000;background-color:transparent;font-family:Arial,sans-serif;font-size:10pt">proposal
to do a hybrid DCP WG a day before OSW </span></li>
<li style="font-size:10pt"><span
style="color:#000000;background-color:transparent;font-family:Arial,sans-serif;font-size:10pt">update
from the ISO Sapporo mtg last week - HAIP will be
the focus for the next month.</span></li>
</ol>
<li style="font-size:10pt"><span
style="color:#000000;background-color:transparent;font-family:Arial,sans-serif;font-size:10pt">VCI</span></li>
<ol type="a">
<li style="font-size:11pt"><font color="#000000"
face="Arial">please review the PRs. starting WGLC
for ID-2 once the PRs are ready.</font></li>
</ol>
<li style="font-size:10pt"><font color="#000000"
face="Arial, sans-serif">VP</font></li>
<ol>
<li style="font-size:10pt"><font color="#000000"
face="Arial, sans-serif">the list of issues that
chairs think should be discussed/tackled before
Final 1.0. (includes issues that the WG might
decide not to pursue but might result in breaking
changes if tackled)<br>
<a
href="https://github.com/openid/OpenID4VP/milestone/2"
moz-do-not-send="true"
class="moz-txt-link-freetext">https://github.com/openid/OpenID4VP/milestone/2</a></font></li>
<li style="font-size:10pt">voting on-going - please
vote!</li>
<li style="font-size:11pt">multi RP authentication: </li>
<ol>
<li style="font-size:11pt"><a
href="https://github.com/openid/OpenID4VP/pull/308" target="_blank"
style="background-color:transparent;font-family:Arial,sans-serif;font-size:11pt"
moz-do-not-send="true"
class="moz-txt-link-freetext">https://github.com/openid/OpenID4VP/pull/308</a></li>
</ol>
</ol>
<li style="font-size:10pt"><span
style="color:#000000;background-color:transparent;font-family:Arial,sans-serif;font-size:10pt">HAIP</span></li>
<ol type="a">
<li style="font-size:11pt"><span
style="color:#000000;background-color:transparent;font-family:Arial,sans-serif;font-size:10pt">HAIP
mdoc over the browser API profile - would like to
merge as a starting point:</span><br>
<a
style="background-color:transparent;font-family:Arial,sans-serif;font-size:10pt"
href="https://h" target="_blank"
moz-do-not-send="true">h</a><a
style="background-color:transparent;font-family:Arial,sans-serif;font-size:11pt"
href="https://github.com/openid/oid4vc-haip-sd-jwt-vc/pull/122"
target="_blank" moz-do-not-send="true">ttps://github.com/openid/oid4vc-haip-sd-jwt-vc/pull/122</a></li>
<li style="font-size:11pt"><span
style="color:#333333;background-color:transparent;font-family:Arial,sans-serif;font-size:11pt">repo
has been renamed to oid4vc-haip</span></li>
<li style="font-size:11pt">MDOC encryption (focus of
today)<br>
</li>
<ol>
<li style="font-size:11pt"><a
style="background-color:transparent;font-family:Arial,sans-serif;font-size:11pt"
href="https://h" target="_blank"
moz-do-not-send="true">h</a><a
style="background-color:transparent;font-family:Arial,sans-serif;font-size:11pt"
href="https://github.com/openid/oid4vc-haip-sd-jwt-vc/issues/131"
target="_blank" moz-do-not-send="true">ttps://github.com/openid/oid4vc-haip-sd-jwt-vc/issues/131</a></li>
</ol>
</ol>
<ol type="a">
<br>
</ol>
</ol>
</div>
<div name="messageSignatureSection">
<div>Best,</div>
<div>Kristina</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
</blockquote>
</body>
</html>