OID4VCI with Digital Credentials API #410
Comments
|
I support adding both metadata as optional parameters to Credential Offer. We should make clear that this is currently intended to enable an offline credential selector/matcher. The Wallet should make sure that the metadata is authentic and probably fetch it on their own after wallet invocation |
|
This is the slides we used at IIW: https://docs.google.com/presentation/d/1MJc33dmXb2Yip2neo0gbWilMUZ1vpCDq1Ucy48GFG34/edit?usp=sharing Agree with all the points above from Paul/Kristina :) |
|
depends on the progress of DC API, but ideally, we should add text on using DC API for issuance in VCI spec before final |
|
Discussed on today's WG call. Would definitely be nice to have in 1.0 but we're lacking implementation experience. Could potentially add it during public review if we get the implementation experience - let's try and do an interop event on it to get the experience. |
we added support to use OpenID4VP over Digital Credentials API, it would be beneficial to add support to use Digital Credentials API for VCI, too, when passing a credential offer. it would greatly help with wallet selector. Not so much with cross-device security, since credential offer is not signed, but adding an origin information to the credential offer might help already?
This was discussed at IIW and since the wallet matcher needs enough information to make a decision whether the wallet can support a credential offer from a specific issuer, and wallet matcher cannot make an external call, the preferred direction seems to be to add entire issuer metadata and authorization server metadata by value to the credential offer, when it is passed over the browser API. and the wallet can make its own decision which issuer it can talk to, based on that information.
The text was updated successfully, but these errors were encountered: