-
Regarding the proof in a credential request defined in OID4VCI. The "[Proof Types](https://openid.bitbucket.io/connect/openid-4-verifiable-credential-issuance-1_0.html#name-proof-types)" section in th…
-
Accept credential offers and store them in a persistent store so they can be retried.
Probably needs fields like:
* offered_at
* state (offered, retrieved)
* grant_type (for now only pre-auth)
* gra…
-
See last comment for solution: move to /n2n
---
There currently is no trust store configured, so it falls back to the OS certbundle.
We should decide which certificates parties should use to …
-
### Imported from AB/Connect bitbucket: https://bitbucket.org/openid/connect/issues/1551
### Original Reporter: dwc8
Wallets may need to decide if RPs are administratively trusted prior to asking th…
-
During IIW, a good point was raised about whether the specification should require a new parameter `client_discovery` for the client to indicate to the AS that its client_id is a URL.
Here is a bri…
-
Decrypting the PAL header (or other future decryption actions) is done by getting the latest DID Document. If a key rotation has occurred, an older key might be able to decode but this is currently no…
-
When using inline credential offers (so using an object directly in the `credentials` array in an offer), the only required general property is the `format`. All other fields are declared by the forma…
-
Is it a requirement to return an ID Token?
OpenID4VP is based on OAuth and ID Token is optional. I have not found a reason to mandate ID Token in this document but I migh tbe missing something.
I s…
-
There seem to be certain requirements around crypto algorithms which should be separated into its own section
> The alg value MUST represent a digital signature algorithm supported by the Verifier. T…
-
related to issue #2, calling this document OpenID Connect Verifiable Credentials is too broad of a scope and is too conflicting with OpenID4VC spec family that it builds upon. Suggest to pick somethin…