Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

editorials before releasing draft 03 #32

Merged
merged 3 commits into from
Oct 1, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
68 changes: 4 additions & 64 deletions openid-federation-wallet-1_0.md
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,7 @@ that would be usable by wallet ecosystems both using and not using OpenID Federa
it is the editors' intent to work with the working groups creating
general-purpose wallet specifications to define those new parameters there.


# Terminology

This specification uses the terms
Expand Down Expand Up @@ -161,6 +162,8 @@ the Holder, the Credential Issuer, the Credential Verifier,
and an Entity trusted by the other Entities called the Trust Anchor.
This is an extension of the three-party Issuer-Holder-Verifier Model described in
[@!OpenID4VCI] and [@!OpenID4VP] that adds a fourth party: the Trust Anchor.


The four Entities interact with each other as described below:

1. **Holder**: The Holder requests, stores, presents, and manages Digital Credentials and other forms of digital attestations. It discovers trustworthy Credential Issuers through the Trust Anchor and its Intermediates. Additionally, the Holder evaluates trust with Credential Verifiers recognized by the Trust Anchor and its Intermediates and checks for the non-revocation of the other Entities in use.
Expand Down Expand Up @@ -336,70 +339,7 @@ These modifications allow a federation authority, such as a Trust Anchor, to app
"federation_entity": {
"organization_name": "Example Credential Verifier",
},
"openid_credential_verifier": {
"application_type": "web",
"client_name": "Example Credential Verifier",
"request_uris": [
"https://verifier.example.org/request_uri"
],
"response_uris_supported": [
"https://verifier.example.org/response_uri"
],
"presentation_definitions_supported": [
{
"id": "d76c51b7-ea90-49bb-8368-6b3d194fc131",
"input_descriptors": [
{
"id": "PersonIdentificationData",
"name": "Person Identification Data",
"purpose": "User Authentication",
"format": {
"vc+sd-jwt": {
"alg": [
"ES256",
"ES384",
"ES512"
]
}
},
"constraints": {
"limit_disclosure": "required",
"fields": [
{
"filter": {
"const": "PersonIdentificationData",
"type": "string"
},
"path": [
"$.vct"
]
},
{
"filter": {
"type": "object"
},
"path": [
"$.cnf.jwk"
]
},
{
"path": [
"$.first_name"
]
},
{
"path": [
"$.family_name"
]
}
]
}

}
]
}
],
}
"openid_credential_verifier": { ... as defined in the OpenID4VP specs ... }
},
"jwks": {
"keys": [
Expand Down
Loading