communicating extra wallet capabilities when obtaining the request object

[Sakurann]

trafficstars

verifier sends a request_uri, when wallet hits that request_uri, it can communicate information such as version control. maybe using the headers. not urgent

[peppelinux]

wallet capabilities should be attested in the wallet instance attestation wallet should submit its wallet instance attestation to the request_uri URL using the HTTP POST method

[tlodderstedt]

I guess this issue is about the verifier to wallet communication (presentation), specifically the callback from the wallet to the verifier at the request_uri. MSFT currently passes additional information in HTTP request headers to allow the verifier to produce a request object tailored for the capabilities of the wallet. We are considering to add this to the spec. I don't see why there is any attestation required.

[peppelinux]

The Wallet Solution has many capabilities, these are attested by Wallet Provider to the Wallet Instance with the Wallet Instance Attestation, this latter should contain the policy and the interop metadata attesting the wallet instance capabilities and should be presented by Wallet Instance to prove its capabilities

this is the picture I have in mind

[Sakurann]

we introduced request_uri_mode post in OID4VP, so guess the question is do we want to introduce it in HAIP or not?

[paulbastian]

Did anybody actually implement this yet and can share experience?

[Sakurann]

let's discuss in the WG, and decide if we add any text about request_uri_method post

[tlodderstedt]

Isn't the question whether which request_uri_method(s) we define as MTI and which we recommend to be used?