RFC021: client_id can't be derived from request

nuts-foundation / nuts-specification

Contains the source of the Nuts specification RFCs.

https://nuts-foundation.gitbook.io

2 stars 1 forks source link

RFC021: client_id can't be derived from request #269

Open reinkrul opened 11 months ago

reinkrul commented 11 months ago

client_id can't be simply derived from the credential subject, since there can be multiple VPs in vp_token and multiple credential subject in the VPs. In my opinion, client_id is passed by the client/RP with some form of authenticated, so we should derive it.

The current Nuts node implementation makes a best guess of the credential subject of the first presentation in vp_token, but should be adressed in the RFC.

woutslakhorst commented 11 months ago

The current RFC says: all credentialSubject.ID values MUST be the same.