LDAP revocation & wallet

[bluesteens]

Steering: Proposal Summary

Used to propose a change or addition to Steering. This is for the Steering work START approval step. Discuss the proposed work or change. Section 4.1.10 Credential Revocation seems to mix issuer and wallet requirements. Suggest to sharpen the focus and clarify the wallet requirements.

Steering: Publication Summary

Used to present completed work to Steering for approval to publish. Discuss the work that was completed in reference to the above proposal. Include any differences from the proposal and why. use [GitHub Preview](https://htmlpreview.github.io/) to show final state of documents along with pull requests (if needed). #

---

Detailed Description:

observation 1

Section 4.1.10 Credential Revocation says,

Digital Wallet Providers SHALL implement the OCI Directory Service (LDAP)-based mechanism for determining if a Verifiable Credential has been revoked (vc-status-2021-ldap).

This is not precise, as the issuer needs to run LDAP servers, the wallet just needs to be able to call them. Suggest to reword to sth like,

wallet providers shall implement API calls to the LDAP server of the issuer and check the revocation status

observation 2

I'd also remove the intro sentence, as that's hypothetical and not relevant for audits or implementers. They only need to know what applies NOW.

OCI can potentially support multiple methods for communicating when a Credential has been revoked.

observation 3

Further, the para ends with,

Credential Issuer and Digital Identity providers SHALL implement LDAPS, which is LDAP secured by communication over Transport Layer Security (TLS) protocol.

The CI criteria do not belong in the wallet conformance document.

---

Triage:

• [x] Is Issue appropriate for OCI Architecture
• [x] Assign Size
• [x] Assign Priority
• [x] Assign Label (if needed)
• [x] OCI affected Artifacts Identified
• [ ] Assign Triage - Artifact Version Target (v x.x.x Milestone)
• [ ] Assign Triage - Interop Profile Version Target (v x.x.x Milestone)
• [ ] Create sub-project (if needed)

Affected Parties (help determine Sunrise/Sunset):

• [ ] Trading Partners
• [x] Issuers
• [x] Wallet Solutions
• [ ] PI Verification Solutions

Affected OCI Artifact

• [ ] Schema Document
• [ ] Identity Schema
• [ ] ATP Schema
• [ ] Issuer Conformance Criteria
• [x] Wallet Conformance Criteria
• [ ] VRS Solution Conformance Criteria
• [ ] Wallet API Specification
• [ ] Governance Document
• [ ] Conformance Program
• [ ] OCI Website
• [ ] Internal Process

Change Category (Guides Steering Review)

- Steering/Industry Review

• [x] Business-Level (May affect business operations)
• [ ] OCI Governance, Policy or website feature

- Steering/Industry Notification

• [ ] Technical-Level (Does not affect business operations)
• [ ] OCI Internal Process or Infrastructure

Communication

• [ ] Website
• [ ] Newsletter
• [ ] email:
• [ ] Other:

[bluesteens]

consider impact on issuer criteria @britpayson

[bluesteens]

relates to https://github.com/Open-Credentialing-Initiative/Digital-Wallet-Conformance-Criteria/issues/76

[bluesteens]

hold until decision on PR #75

[bluesteens]

PR & ticket closed, as merged into https://github.com/Open-Credentialing-Initiative/Digital-Wallet-Conformance-Criteria/issues/76