Skip to content

Commit

Permalink
guidance to use all attested keys in jwt proof type
Browse files Browse the repository at this point in the history
  • Loading branch information
paulbastian committed Oct 21, 2024
1 parent 30f32fc commit e71e851
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions openid-4-verifiable-credential-issuance-1_0.md
Original file line number Diff line number Diff line change
@@ -826,6 +826,8 @@ The JWT MUST contain the following elements:

The Credential Issuer MUST validate that the JWT used as a proof is actually signed by a key identified in the JOSE Header.

If an `attestation` is provided and successfully validated by the Credential Issuer, it SHOULD return a Credential for each of the keys provided in the `attested_keys` claim of the attestation.

Cryptographic algorithm names used in the `proof_signing_alg_values_supported` Credential Issuer metadata parameter for this proof type SHOULD be one of those defined in [@IANA.JOSE.ALGS].

Below is a non-normative example of a `proof` parameter (with line breaks within values for display purposes only):

0 comments on commit e71e851

Please sign in to comment.