From a176546d379e3f23af276514f2f5ef20fe71aeb8 Mon Sep 17 00:00:00 2001 From: Paul Bastian Date: Fri, 1 Nov 2024 22:41:21 +0100 Subject: [PATCH] remove `claims` parameter from ISO mdoc and SD-JWT VC Credential Request (#405) 6 approvals. open for more than a week. agreed to merge during the hybrid WG call. there will be a follow up PR to complete what was agreed during a WG mtg --- examples/credential_request_iso_mdl.json | 8 ++++++++ ...credential_request_iso_mdl_with_claims.json | 18 ------------------ openid-4-verifiable-credential-issuance-1_0.md | 7 +++---- 3 files changed, 11 insertions(+), 22 deletions(-) create mode 100644 examples/credential_request_iso_mdl.json delete mode 100644 examples/credential_request_iso_mdl_with_claims.json diff --git a/examples/credential_request_iso_mdl.json b/examples/credential_request_iso_mdl.json new file mode 100644 index 00000000..ed43bcc7 --- /dev/null +++ b/examples/credential_request_iso_mdl.json @@ -0,0 +1,8 @@ +{ + "format": "mso_mdoc", + "doctype": "org.iso.18013.5.1.mDL", + "proof": { + "proof_type": "jwt", + "jwt": "eyJraWQiOiJkaWQ6ZXhhbXBsZ...KPxgihac0aW9EkL1nOzM" + } +} \ No newline at end of file diff --git a/examples/credential_request_iso_mdl_with_claims.json b/examples/credential_request_iso_mdl_with_claims.json deleted file mode 100644 index 2d7a1fee..00000000 --- a/examples/credential_request_iso_mdl_with_claims.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "format": "mso_mdoc", - "doctype": "org.iso.18013.5.1.mDL", - "claims": { - "org.iso.18013.5.1": { - "given_name": {}, - "family_name": {}, - "birth_date": {} - }, - "org.iso.18013.5.1.aamva": { - "organ_donor": {} - } - }, - "proof": { - "proof_type": "jwt", - "jwt": "eyJraWQiOiJkaWQ6ZXhhbXBsZ...KPxgihac0aW9EkL1nOzM" - } -} \ No newline at end of file diff --git a/openid-4-verifiable-credential-issuance-1_0.md b/openid-4-verifiable-credential-issuance-1_0.md index 5c4f9762..908ecff0 100644 --- a/openid-4-verifiable-credential-issuance-1_0.md +++ b/openid-4-verifiable-credential-issuance-1_0.md @@ -2217,12 +2217,11 @@ The following is a non-normative example of an authorization details object with The following additional parameters are defined for Credential Requests and this Credential Format. -* `doctype`: REQUIRED when the `format` parameter is present in the Credential Request. It MUST NOT be used otherwise. It is a string as defined in (#server-metadata-mso-mdoc). The Credential issued by the Credential Issuer MUST contain at least the values listed in this claim. -* `claims`: OPTIONAL. Object as defined in (#server-metadata-mso-mdoc). +* `doctype`: REQUIRED when the `format` parameter is present in the Credential Request. It MUST NOT be used otherwise. It is a string as defined in (#server-metadata-mso-mdoc). The following is a non-normative example of a Credential Request with Credential Format `mso_mdoc`: -<{{examples/credential_request_iso_mdl_with_claims.json}} +<{{examples/credential_request_iso_mdl.json}} ### Credential Response @@ -2276,7 +2275,6 @@ The following is a non-normative example of an authorization details object with The following additional parameters are defined for Credential Requests and this Credential Format. * `vct`: REQUIRED when the `format` parameter is present in the Credential Request. It MUST NOT be used otherwise. It is a string as defined in (#server-metadata-sd-jwt-vc). This claim contains the type value of the Credential that the Wallet requests the Credential Issuer to issue. -* `claims`: OPTIONAL. An object as defined in (#server-metadata-sd-jwt-vc). The following is a non-normative example of a Credential Request with Credential Format `vc+sd-jwt`. @@ -2488,6 +2486,7 @@ The technology described in this specification was made available from contribut -15 + * remove `claims` parameter from ISO mdoc and SD-JWT VC Credential Request * credential response always returns an array when not returning a transaction_id with the option for additional meta-data * deferred credential response always returns an array (same as credential response) * notification_id is now used for an issuance flow that can contain more than one credential