Paul Bastian
Paul Bastian
My opinions on the matter in the sibling-thread: https://github.com/openid/OpenID4VCI/issues/91#issuecomment-1791115185
---------DEPRECATED EXAMPLE------------ Token Response ``` HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-store { "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6Ikp..sHQ", "token_type": "bearer", "expires_in": 86400, "c_nonce": "tZignsnFbp", "c_nonce_expires_in": 86400, "credential_identifiers": [ "CivilEngineeringDegree-2023", "ElectricalEngineeringDegree-2023" ] } ```...
most recent ideas for Credential Request POST /credential HTTP/1.1 Host: server.example.com Content-Type: application/json Authorization: BEARER czZCaGRSa3F0MzpnWDFmQmF0M2JW ```json { "credential_encryption_jwk": "...", "credential_response_encryption_alg": "...", "credential_response_encryption_enc": "...", "credential_requests": [ //uses credential_identifier returned from...
most recent ideas for Credential Response HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-store ```json { "credential_responses": [ //issuer was able to successfully issue both copies of the credential { "credentials":...
To give the prespective what is drafted in ISO currently, this is the issuer metadata: ``` { "format": "mdoc", "doctype": "org.iso.18013.5.1.mDL", "policy": { "one_time_use": true, "batch_size": 10 }, "cryptographic_suites_supported": [...
As I stated [here](https://github.com/openid/OpenID4VCI/pull/219#pullrequestreview-1833193401) I strongly support the idea of removing format again and this discussion is very valuable, pointing in the same direction.
It seems to me that there is a clear majority in this issue that thinks otherwise?
I have the fear that in the long run, saying format+type is enough could hurt us, because this puts significant requirements on the possibly supported credential formats and maybe in...
> > - making credential instance identifier from token response mandatory and use that one in the credential request would not work for the implementations that re-use existing ASs and...
I believe that this is covered by the resolution on #392 of today's DCP Hybrid Call :+1: