OIDF-automation

### Imported from AB/Connect bitbucket - Original Commenter: pwlb The most common scenario for this is issuer initiated issuance flows with credential offer, e.g. The user is on a website...

### Imported from AB/Connect bitbucket - Original Commenter: alen_horvat This would be a nice addition for the same-device flow.

### Imported from AB/Connect bitbucket - Original Commenter: KristinaYasuda usually, the issuer can refresh the UI on the device where the issuance flow has started after it sends a credential...

### Imported from AB/Connect bitbucket - Original Commenter: alen_horvat Here the user is already in the wallet and the wallet just fetched the VCs from the server.

### Imported from AB/Connect bitbucket - Original Commenter: pwlb exactly, in same-device flow the UX ends in the wallet screen and the user does not recognize the refreshed issuer UI...

### Imported from AB/Connect bitbucket - Original Commenter: jermiller Since the PoP is required to include the `c_nonce` provided by the Issuer, this attack vector _could_ also be addressed by...

### Imported from AB/Connect bitbucket - Original Commenter: dwc8 This attack assumes the attacker gets hold of the victims PoP JWT. Therefore cannot we assume that the attacker can just...

### Imported from AB/Connect bitbucket - Original Commenter: gffletch If the OAuth client supports client authentication, wouldn’t it be simpler to bind the PoP JWT to the OAuth client? If...

### Imported from AB/Connect bitbucket - Original Commenter: KristinaYasuda Issue #1625 was marked as a duplicate of this issue.

### Imported from AB/Connect bitbucket - Original Commenter: tlodderstedt The proposal is to bind a PoP to a certain access token. I think implementers can achieve this by binding the...