Closed Zicchio closed 2 months ago
In the header of the Key Binding JWT the parameter kid is included https://github.com/italia/eudi-wallet-it-docs/blob/491419ca1fc537fa04eda0fccb5106393e565ca6/docs/en/remote-flow.rst?plain=1#L477-L478 but the parameter is NOT actually included in the reference specs of sd-jwt#section5.3
kid
This make sense since the signature verification key is always identified without ambiguity in the cnf claim of the issuer jwt, hence no kid need to be matched. Similarly, kid is also usually (but not necessarily) omitted from the cnf.jwk claim of the issuer jwt - this also holds in the it specs, see https://github.com/italia/eudi-wallet-it-docs/blob/491419ca1fc537fa04eda0fccb5106393e565ca6/examples/pid-sd-jwt-example-payload.json#L29-L36
cnf
cnf.jwk
In the header of the Key Binding JWT the parameter
kidis included https://github.com/italia/eudi-wallet-it-docs/blob/491419ca1fc537fa04eda0fccb5106393e565ca6/docs/en/remote-flow.rst?plain=1#L477-L478 but the parameter is NOT actually included in the reference specs of sd-jwt#section5.3This make sense since the signature verification key is always identified without ambiguity in the
cnfclaim of the issuer jwt, hence nokidneed to be matched. Similarly,kidis also usually (but not necessarily) omitted from thecnf.jwkclaim of the issuer jwt - this also holds in the it specs, see https://github.com/italia/eudi-wallet-it-docs/blob/491419ca1fc537fa04eda0fccb5106393e565ca6/examples/pid-sd-jwt-example-payload.json#L29-L36