From c6ff7e73294226dec803a48e63df322d942a198e Mon Sep 17 00:00:00 2001 From: Paul Bastian Date: Fri, 11 Oct 2024 16:09:13 +0200 Subject: [PATCH 1/2] remove `claims` parameter from ISO mdoc and SD-JWT VC Credential Request --- examples/credential_request_iso_mdl.json | 8 ++++++++ ...credential_request_iso_mdl_with_claims.json | 18 ------------------ openid-4-verifiable-credential-issuance-1_0.md | 9 ++++----- 3 files changed, 12 insertions(+), 23 deletions(-) create mode 100644 examples/credential_request_iso_mdl.json delete mode 100644 examples/credential_request_iso_mdl_with_claims.json diff --git a/examples/credential_request_iso_mdl.json b/examples/credential_request_iso_mdl.json new file mode 100644 index 00000000..ed43bcc7 --- /dev/null +++ b/examples/credential_request_iso_mdl.json @@ -0,0 +1,8 @@ +{ + "format": "mso_mdoc", + "doctype": "org.iso.18013.5.1.mDL", + "proof": { + "proof_type": "jwt", + "jwt": "eyJraWQiOiJkaWQ6ZXhhbXBsZ...KPxgihac0aW9EkL1nOzM" + } +} \ No newline at end of file diff --git a/examples/credential_request_iso_mdl_with_claims.json b/examples/credential_request_iso_mdl_with_claims.json deleted file mode 100644 index 2d7a1fee..00000000 --- a/examples/credential_request_iso_mdl_with_claims.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "format": "mso_mdoc", - "doctype": "org.iso.18013.5.1.mDL", - "claims": { - "org.iso.18013.5.1": { - "given_name": {}, - "family_name": {}, - "birth_date": {} - }, - "org.iso.18013.5.1.aamva": { - "organ_donor": {} - } - }, - "proof": { - "proof_type": "jwt", - "jwt": "eyJraWQiOiJkaWQ6ZXhhbXBsZ...KPxgihac0aW9EkL1nOzM" - } -} \ No newline at end of file diff --git a/openid-4-verifiable-credential-issuance-1_0.md b/openid-4-verifiable-credential-issuance-1_0.md index 3d763c52..753cf6a5 100644 --- a/openid-4-verifiable-credential-issuance-1_0.md +++ b/openid-4-verifiable-credential-issuance-1_0.md @@ -2212,12 +2212,11 @@ The following is a non-normative example of an authorization details object with The following additional parameters are defined for Credential Requests and this Credential Format. -* `doctype`: REQUIRED when the `format` parameter is present in the Credential Request. It MUST NOT be used otherwise. It is a string as defined in (#server-metadata-mso-mdoc). The Credential issued by the Credential Issuer MUST contain at least the values listed in this claim. -* `claims`: OPTIONAL. Object as defined in (#server-metadata-mso-mdoc). +* `doctype`: REQUIRED when the `format` parameter is present in the Credential Request. It MUST NOT be used otherwise. It is a string as defined in (#server-metadata-mso-mdoc). The following is a non-normative example of a Credential Request with Credential Format `mso_mdoc`: -<{{examples/credential_request_iso_mdl_with_claims.json}} +<{{examples/credential_request_iso_mdl.json}} ### Credential Response @@ -2270,8 +2269,7 @@ The following is a non-normative example of an authorization details object with The following additional parameters are defined for Credential Requests and this Credential Format. -* `vct`: REQUIRED when the `format` parameter is present in the Credential Request. It MUST NOT be used otherwise. It is a string as defined in (#server-metadata-sd-jwt-vc). This claim contains the type value of the Credential that the Wallet requests the Credential Issuer to issue. -* `claims`: OPTIONAL. An object as defined in (#server-metadata-sd-jwt-vc). +* `vct`: REQUIRED when the `format` parameter is present in the Credential Request. It MUST NOT be used otherwise. It is a string as defined in (#server-metadata-sd-jwt-vc). The following is a non-normative example of a Credential Request with Credential Format `vc+sd-jwt`. @@ -2423,6 +2421,7 @@ The technology described in this specification was made available from contribut -15 + * remove `claims` parameter from ISO mdoc and SD-JWT VC Credential Request * credential response always returns an array when not returning a transaction_id with the option for additional meta-data * deferred credential response always returns an array (same as credential response) * notification_id is now used for an issuance flow that can contain more than one credential From 55988cd0ec3467bd7af4a383de282adffcc79c90 Mon Sep 17 00:00:00 2001 From: Kristina <52878547+Sakurann@users.noreply.github.com> Date: Fri, 1 Nov 2024 22:39:39 +0100 Subject: [PATCH 2/2] Apply suggestions from code review --- openid-4-verifiable-credential-issuance-1_0.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openid-4-verifiable-credential-issuance-1_0.md b/openid-4-verifiable-credential-issuance-1_0.md index 753cf6a5..202dae4d 100644 --- a/openid-4-verifiable-credential-issuance-1_0.md +++ b/openid-4-verifiable-credential-issuance-1_0.md @@ -2269,7 +2269,7 @@ The following is a non-normative example of an authorization details object with The following additional parameters are defined for Credential Requests and this Credential Format. -* `vct`: REQUIRED when the `format` parameter is present in the Credential Request. It MUST NOT be used otherwise. It is a string as defined in (#server-metadata-sd-jwt-vc). +* `vct`: REQUIRED when the `format` parameter is present in the Credential Request. It MUST NOT be used otherwise. It is a string as defined in (#server-metadata-sd-jwt-vc). This claim contains the type value of the Credential that the Wallet requests the Credential Issuer to issue. The following is a non-normative example of a Credential Request with Credential Format `vc+sd-jwt`.