Closed babisRoutis closed 3 months ago
Sakurann
commented
5 months ago (separate topic, but @babisRoutis can you please sign OIDF IPR agreement/Contribution agreement? it would make it much easier for us to take in your feedback, which we really appreciate but there is so me process that we need to follow.)
babisRoutis
commented
5 months ago @Sakurann Just singed & send it.
awoie
commented
5 months ago IMO, we should update the OID4VCI cwt section after the POTENTIAL interop event. The POTENTIAL profile (see description of Track 1 in their opencode gitlab) currently defines:
"proof_alg_values_supported": [ -7 ],
"proof_crv_values_supported": [ 1 ]However, this is not aligned with OID4VCI that REQUIRES "proof_signing_alg_values_supported": [ -7 ],.
Our issuer implementation supports both just in case but fully agree, this should be fixed after the POTENTIAL interop event.
IMO, if we keep cwt proofs, then we should probably keep proof_signing_alg_values_supported because otherwise we would break OID4VCI that requires it and introduce a second parameter, e.g., proof_crv_values_supported that indicates the cryptographic curve (until we have fully-specified algorithms in COSE). proof_alg_values_supported is probably not needed.
bc-pi
commented
5 months ago Noting the existence of #320 "Consider removing cwt proof type" for posterity
babisRoutis
commented
3 months ago Closing this due to #320
While trying various credential issuers I see 4 common variations to their metadata:
1st
2nd
3d
4th
To my understand :
proof_signing_alg_values_supportedcontains JOSE algorithms not COSE algorithms. That's not aligned with dradt13proof_signing_alg_values_supportedcontains COSE algorithms as strings. I believe that this should have been integersproof_signing_alg_values_supported. I believe that's not correct since VCI d13 suggests that is a required attributeCan you please clarify the expected content of
proof_signing_alg_values_supported?