Open ydanneg opened 2 months ago
babisRoutis
commented
1 month ago Hi @ydanneg
As you correctly pointed, this feature should be considered/addressed in case of HAIP/SD-JWT-VC adoption.
The same goes, I guess, for the similar feature of OpenId4VP draft 20 about client_id_scheme equal to verifier_attestation, for which I have raised a relevant issue (https://github.com/eu-digital-identity-wallet/eudi-lib-jvm-siop-openid4vp-kt/issues/126)
babisRoutis
commented
1 month ago Hi @ydanneg
As you correctly pointed, this feature should be considered/addressed in case of HAIP/SD-JWT-VC adoption. The same goes, I guess, for the similar feature of OpenId4VP draft 20 about
client_id_schemeequal toverifier_attestation, for which I have raised a relevant issue (eu-digital-identity-wallet/eudi-lib-jvm-siop-openid4vp-kt#126)
With regards to OpenId4VP, support for the verifier_attestation scheme has been added to the latest release of the library via
https://github.com/eu-digital-identity-wallet/eudi-lib-jvm-siop-openid4vp-kt/pull/245
Support Wallet Attestation Based Authentication
https://datatracker.ietf.org/doc/draft-ietf-oauth-attestation-based-client-auth/ https://openid.net/specs/openid4vc-high-assurance-interoperability-profile-sd-jwt-vc-1_0-00.html https://www.rfc-editor.org/rfc/rfc9126
PS. I'm not really confident on it, just leaving this ticket here to collect information about it.
Some server-side implementation I found that requires Wallet Attestation: https://github.com/open-eid/eudi-qeaa-as-mock/blob/master/src/main/java/ee/ria/eudi/qeaa/as/controller/ParController.java#L43 https://github.com/open-eid/eudi-qeaa-as-mock/blob/master/src/main/java/ee/ria/eudi/qeaa/as/controller/TokenController.java#L65
PPS. Latest ARF uses different term: "Wallet Trust Evidence (WTE)" together with "Wallet Instance Attestation (WIA)"