support HTTP Accept-Language in the request for Credential Issuer Met…

…adata to request a subset for display data (#116)

4 approvals. Agreed to merge during Dec-7-2023 WG call. open for 3 weeks.

* support HTTP Accept-Language in the request for Credential Issuer Metadata to request a subset for display data

* Apply suggestions from code review

Co-authored-by: Joseph Heenan <joseph@heenan.me.uk>

* Apply suggestions from code review

Co-authored-by: Giuseppe De Marco <demarcog83@gmail.com>

* Apply suggestions from code review

Co-authored-by: Giuseppe De Marco <demarcog83@gmail.com>

* Apply suggestions from code review

Co-authored-by: Kristina <52878547+Sakurann@users.noreply.github.com>

* Update openid-4-verifiable-credential-issuance-1_0.md

Co-authored-by: Kristina <52878547+Sakurann@users.noreply.github.com>

---------

Co-authored-by: Joseph Heenan <joseph@heenan.me.uk>
Co-authored-by: Giuseppe De Marco <demarcog83@gmail.com>
Co-authored-by: Kristina <52878547+Sakurann@users.noreply.github.com>

openid-4-verifiable-credential-issuance-1_0.md

@@ -1163,6 +1163,8 @@ If the Credential Issuer is unable to perform discovery of the Wallet's Credenti
 
 ## Credential Issuer Metadata {#credential-issuer-metadata}
 
+The Credential Issuer Metadata contains information on the Credential Issuer's technical capabilities, supported Credentials and (internationalized) display information.
+
 ### Credential Issuer Identifier {#credential-issuer-identifier}
 
 A Credential Issuer is identified by a case sensitive URL using the `https` scheme that contains scheme, host and, optionally, port number and path components, but no query or fragment components. 
@@ -1171,9 +1173,26 @@ A Credential Issuer is identified by a case sensitive URL using the `https` sche
 
 The Credential Issuer's configuration can be retrieved using the Credential Issuer Identifier.
 
-Credential Issuers publishing metadata MUST make a JSON document available at the path formed by concatenating the string `/.well-known/openid-credential-issuer` to the Credential Issuer Identifier. If the Credential Issuer value contains a path component, any terminating `/` MUST be removed before appending `/.well-known/openid-credential-issuer`. 
+Credential Issuers publishing metadata MUST make a JSON document available at the path formed by concatenating the string `/.well-known/openid-credential-issuer` to the Credential Issuer Identifier. If the Credential Issuer value contains a path component, any terminating `/` MUST be removed before appending `/.well-known/openid-credential-issuer`.
+
+Communication with the Credential Issuer Metadata Endpoint MUST utilize TLS.
+
+To fetch the Credential Issuer Metadata, a requester MUST send a HTTP request using the GET method and the path formed following the steps above. The URL SHOULD NOT contain any query parameters. The Credential Issuer MUST return a JSON document compliant with this specification using the `application/json` media type and a HTTP Status Code 200.
+
+The Wallet is RECOMMENDED to send an `Accept-Language` Header in the HTTP GET request to indicate the language(s) preferred for display. It is up to the Credential Issuer whether to
+
+* send a subset the metadata containing internationalized display data for one or all of the requested languages and indicate returned languages using the HTTP `Content-Language` Header.
+* ignore the `Accept-Language` Header and send all supported languages or any chosen default subset.
 
-The path formed following the steps above MUST point to a JSON document compliant with this specification. The document MUST be returned using the `application/json` media type.
+The language(s) in HTTP `Accept-Language` and `Content-Language` Headers MUST use the values defined in [@!RFC3066]. 
+
+Below is a non-normative example of a Credential Issuer Metadata request:
+
+```
+GET /.well-known/openid-credential-issuer HTTP/1.1
+Host: server.example.com
+Accept-Language: fr-ch, fr;q=0.9, en;q=0.8, de;q=0.7, *;q=0.5
+```
 
 ### Credential Issuer Metadata Parameters {#credential-issuer-parameters}