oid4vc-haip-sd-jwt-vc
oid4vc-haip-sd-jwt-vc copied to clipboard
openid
Credential request parameters for IETF SD-JWT VCs on this profile seem inconsistent with OID4VCI's
This profile requires credential requests to include a credential_definition object that MUST contain a vct claim with the credential type being requested, such as:
{
"format": "vc+sd-jwt",
"credential_definition": {
"vct": "IdentityCredential"
},
"proof": {
"proof_type": "jwt",
"jwt":"eyJ0eXAiOiJvcGVuaWQ0dmNpLXByb29mK2p3dCIsImFsZyI6IkVTMjU2IiwiandrIjp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiblVXQW9BdjNYWml0aDhFN2kxOU9kYXhPTFlGT3dNLVoyRXVNMDJUaXJUNCIsInkiOiJIc2tIVThCalVpMVU5WHFpN1N3bWo4Z3dBS18weGtjRGpFV183MVNvc0VZIn19.eyJhdWQiOiJodHRwczovL2NyZWRlbnRpYWwtaXNzdWVyLmV4YW1wbGUuY29tIiwiaWF0IjoxNzAxOTYwNDQ0LCJub25jZSI6IkxhclJHU2JtVVBZdFJZTzZCUTR5bjgifQ.-a3EDsxClUB4O3LeDD5DVGEnNMT01FCQW4P6-2-BNBqc_Zxf0Qw4CWayLEpqkAomlkLb9zioZoipdP-jvh1WlA"
}
}
However, the OID4VCI in its editor's draft requires requests for IETF SD-JWT VCs credentials to include the vct claim as a root property on the JSON object, such as:
{
"format": "vc+sd-jwt",
"vct": "SD_JWT_VC_example_in_OpenID4VCI",
"proof": {
"proof_type": "jwt",
"jwt":"eyJ0eXAiOiJvcGVuaWQ0dmNpLXByb29mK2p3dCIsImFsZyI6IkVTMjU2IiwiandrIjp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiblVXQW9BdjNYWml0aDhFN2kxOU9kYXhPTFlGT3dNLVoyRXVNMDJUaXJUNCIsInkiOiJIc2tIVThCalVpMVU5WHFpN1N3bWo4Z3dBS18weGtjRGpFV183MVNvc0VZIn19.eyJhdWQiOiJodHRwczovL2NyZWRlbnRpYWwtaXNzdWVyLmV4YW1wbGUuY29tIiwiaWF0IjoxNzAxOTYwNDQ0LCJub25jZSI6IkxhclJHU2JtVVBZdFJZTzZCUTR5bjgifQ.-a3EDsxClUB4O3LeDD5DVGEnNMT01FCQW4P6-2-BNBqc_Zxf0Qw4CWayLEpqkAomlkLb9zioZoipdP-jvh1WlA"
}
}
These are clearly incompatible. Which one should we adopt? Does this profile require an update on this regard?
OID4VCI is the source of truth. I will do a PR updating example in HAIP. thank you for the catch!
OID4VCI is the source of truth. I will do a PR updating example in HAIP. thank you for the catch!
Thanks @Sakurann!