Open Sakurann opened 1 year ago
brentzundel
commented
1 year ago It was originally added at a request for more clarification, but would probably be better inside an implementation guide.
Can a verifier use PE to indicate that holder binding using biometrics is required? absolutely yes. But that would rely on a definition of the biometric binding method being specified.
Sakurann
commented
1 year ago Can a verifier use PE to indicate that holder binding using biometrics is required? absolutely yes.
which mechanism can one use to express in PE that "I am telling you to do something with this VC in presentation_definition, but don't return it to me in the response/presentation_submission"?
bumblefudge
commented
1 year ago Discussed on today's call:
brentzundel
commented
1 year ago @Sakurann I'm not sure I can respond in a helpful way without a better understanding your use case. Could you walk me through the flow?
bumblefudge
commented
1 year ago Discussed on today's call:
Barring a more detailed/actionable proposal for an interoperable implementation of this feature, striking this explanatory text from v3 of the spec and moving it into an implementation guide (which may come out sooner) to iterate on it and potentially link to examples would make sense.
Kim made a good point that implementation guide might benefit from checking in with the OIDF WG tracking biometrics and strong authN.
How is section 8.2 on Holder and Subject binding relevant to PE?
there is a use case where verifier is requesting to perform a biometric based holder binding using a portrait image in a specific VC (that VC itself is not expected to be returned in the response). Section 8.2.3 Biometrics does not tell if I can use PE to do that or not.