[OpenID-Specs-eKYC-IDA] Issue #1308: definition/implementation of essential claims (openid/ekyc-ida)
josephheenan
issues-reply at bitbucket.org
Wed Jun 1 08:38:45 UTC 2022
New issue 1308: definition/implementation of essential claims
https://bitbucket.org/openid/ekyc-ida/issues/1308/definition-implementation-of-essential
Joseph Heenan:
The eKYC IDA spec seems to redefine ‘essential’ in the context of a requested claim:
> RPs MAY indicate that a certain Claim is essential to the successful completion of the request for Verified Claims by utilizing the `essential` field as defined in Section 5.5.1 of the OpenID Connect specification \[[OpenID](https://openid.bitbucket.io/ekyc/openid-connect-4-identity-assurance.html#OpenID)\]. T
The definition in OpenID Connect core is subtly different though:
> By requesting Claims as Essential Claims, the RP indicates to the End-User that releasing these Claims will ensure a smooth authorization for the specific task requested by the End-User.
If the eKYC spec is deliberately defining different behaviour to connect here \(which it does seem to be\), I think an extra sentence defining how the OP is meant to handle `essential: true` would be beneficial.
‘Handling Unfulfillable Requests and Unavailable Data’ could also be more explicit - it seems to refer only to the definition of essential from core, and not mention the definition in section 6.1.
More information about the Openid-specs-ekyc-ida
mailing list