OIDC4VCI: Write RFC - Githubissues

nuts-foundation / nuts-specification

Contains the source of the Nuts specification RFCs.

https://nuts-foundation.gitbook.io

2 stars 0 forks source link

OIDC4VCI: Write RFC #258

Open reinkrul opened 1 year ago

reinkrul commented 1 year ago

The OIDC4VCI spec is really flexible, but we don't need everything. Thus, to reduce complexity, we should specify what we actually use.

Part of the Nuts RFC on the topic.

Specify:

which grants are supported (pre-authorized code)
how wallet metadata is discovered (registration of oidc4vci-wallet-metadata URL in DID document)

Could use a description of example use cases:

Phase 1: Issuer initiated credential issuance of NutsAuthorizationCredential (e.g. initiating eOverdracht transfer)
Phase 2: Requesting credential issuance of Nuts AuthorizationCredential (e.g. care professional requesting access to patient dossier at other care organization)
Phase X: Receiving care organization credential (e.g. issued by LrZA)
Phase X: Issuing and receiving any other credential (e.g. KIK-v)

Also determine and specify:

which certificate(s) are to be used (PKIoverheid Private Services or a publicly trusted one).
what is contained in the challenge, which is signed as c_nonce
do we support multiple credential subjects? (would require offering to multiple wallets)