Open leecam opened 2 weeks ago
paulbastian
commented
1 day ago Any use case where I need to validate additional qualifications, e.g. employees need to prove their criminal record certificate to the employer. The employer already knows who you are, so he is interested in a credential matching a particular name.
tlodderstedt
commented
1 day ago A RP already knows the name of the user and wants to obtain further information, e.g. a prove of identity (through a mDL or PID). The wallet should ensure that only a matching credential is selected and presented. Otherwise, data from the wallet is disclosed that is useless and might pose a privacy issue.
This can be extended to generally filtering credentials in the wallet to ensure a high level of privacy preserving and disclosure of suitable data. Let's say the RP wants to obtain attestations of educational achievements for a certain domain (computer science only).
Another example would be to filter a credential by trust framework. The RP would specify the acceptable issuers or a symbolic name for the trust framework (e.g. "eIDAS QEAA providers"). This would ensure only credentials are considered that could be accepted by the RP.
danielfett
commented
1 day ago Making sure that the real_id claim is true might be a value matching use case.
Issue to track use-cases for value matching in DCQL.
The payment use-cases requires value matching for performing SCA. In this scenario a webpage would like to confirm the user holds a certain credit card. Here the RP would pass the credit card number as a value that needs to be matched, to filter the results to that given card.