-
Sec. 9.3: this section is worded a bit strange, in particular the phrase "if additional measures are not taken to ensure the authenticity of the application." Since we're discussing authentication att…
-
I am experiencing an issue with credential propagation in Google Colab since January 31, 2024. The problem occurs during the execution of a script for Google Drive API authentication. This script work…
-
Should we distinguish between information disclosure (attacker learns information it should not have) vs attacker obtains control of a credential that it can use to impersonate a workload, perform lat…
-
See https://github.com/openid/OpenID4VCI/pull/391#pullrequestreview-2319901526
-
A Verifiable Credential issued in JWT format currently uses the long-form of a Prism DID in the iss field of the JWT. We should update this to use the short-form Prism DID instead. Below is an example…
-
### Feedback
Following the tutorial to delete a spotify credential, when I click on "Delete", it opens a pop-up "Application identification information used by an integration cannot be deleted." with…
-
Is it possible to make the wallet configurable, allowing a switch between using a single public-private key pair for all credentials versus unique keys per credential?
This could be useful in scen…
-
Section 7 states that "_The Client can request issuance of a Credential of a certain type multiple times, e.g., to associate the Credential with different public keys/Decentralized Identifiers (DIDs) …
-
I would like to disable credential sharing. I searched the docs but didn't find any setting. Is this possible?
AFAIK, on MacOS, credential sharing is automatic: https://code.visualstudio.com/remote…
-
The [`Public Key Credential Source`](https://www.w3.org/TR/webauthn-2/#public-key-credential-source) is currently defined as containing:
- `type`
- `id`
- `privateKey`
- `rpId`
- `userhandle`
- …