Automatism for age_over_NN claims?

[danielfett]

ISO 18013-5 has an automatism for data-reduced requesting of age_over_NN claims, where only the nearest matching claim is returned. Do we need/want something like that in DCQL as well? This is the discussion that sparked this idea: https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/pull/160#discussion_r2013777494

[awoie]

IMO, it is a bad idea to introduce special handling for dedicated requested claims. This is going to cause real interop challenges. For example, even with ISO where this mechanism is defined for mDLs (!), it is not clear how this applies to other doc types. It is my understanding that even if other doc types would use the same age claims, this automatism does not automatically apply since this automatism was only defined in the context of the claims in the mDL namespace.

I was under the impression we have a mechanism that allows sufficiently privacy-preserving requests for age based on options that are acceptable for verifiers (i.e., asking for birthdate, age_over_18, etc.) and allowing the wallet to choose which one to pick (see https://github.com/openid/OpenID4VP/pull/450).

[davidz25]

I agree with @awoie on this one. I never liked these special rules for the mDL doctype and with a modern query-language (which the original edition of 18013-5 lacked), applications can simply ask for the age_over_NN they need (and chances are the issuer is smart enough to provision all the usual ones) and fall back to age_in_years or birth_date otherwise. So with e.g. DCQL and 18013-5 Second Edition, the 18013-5 age_over_NN logic is not really needed anymore.