Torsten Lodderstedt

> What about setting the alg=none in kb-jwt? I have a bad feeling to use alg none because using a object that seems to be signed and is not is...

It seems you are proposing to encrypt the whole authorization request and then provide the Verifier Response Endpoint with the IKM. That would allow the Verifier Response Endpoint to decrypt...

@tplooker thanks for filing this issue. My biggest concern is that implementers of a credential exchange protocol need to wait for browser vendors to adjust their software before they can...

"Likewise wallet applications will not learn anything about a given request unless the user explicitly consents to select a credential from that wallet" How shall the wallet indicate it knows/maintains...

That's not how the matcher mechanism works, right? As far as I understand, the OS/Browser asks the Wallet to match a request.

Perhaps. The fundamental challenge is whether the Wallet is allowed to trust in the origin asserted by the web platform. If we assume so, I think it would require Verifier...

The question whether encryption is the solution is less a technical than a question of perception by users and regulators. Same with origin authentication. Authentication with the web origin might...

I'm ok with viewing the external mechanism as additional layer. My focus is on getting this additional layer secured appropriate. As I explained, I think a signed request including a...

@tplooker which of the messages is replayed?

@tplooker the attacker can get access to credential data. Counter-measures: - encrypted authorization response - direct post response - the wallet could use the asserted web origin as additional threat...