Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mandated DCQL features #142

Closed
Sakurann opened this issue Dec 7, 2024 · 5 comments · Fixed by #151
Closed

mandated DCQL features #142

Sakurann opened this issue Dec 7, 2024 · 5 comments · Fixed by #151

Comments

@Sakurann
Copy link
Contributor

Sakurann commented Dec 7, 2024

decide the list of features in the DCQL query and response that MUST be supported.

https://github.com/openid/oid4vc-haip/pull/122/files#diff-762ef65fd82909517226ac1bb7e8855792bb57021abc1637c15b8557154dbbf1R235

@Sakurann
Copy link
Contributor Author

@mickrau @awoie @leecam @nklomp @TimoGlastra @hlozi do you have opinions on this?

@nklomp
Copy link

nklomp commented Dec 18, 2024

Ticket can be closed right? PR is merged

@TimoGlastra
Copy link
Member

@nklomp I think the previous PR still marks the required features as TBD and links to this issue

@TimoGlastra
Copy link
Member

TimoGlastra commented Dec 18, 2024

Given the limited amount of flows possible in DCQL I think almost all current features are a good candidate. Once extension and advanced flows for DCQL are merged it may make sense to not require those.

One option that could be left out at the moment I think is claim_sets, and with credential_sets you can achieve basically everything claim_sets can I think except that it's more verbose so you still keep same functionality by not making claim_sets required).

If the scope should be as small as possible credential_sets could also be optional but I do see a lot of value in them to request e.g. PID in SD-JWT or mDOC format, or choice between PID and mDL

I'd say important is:

  • request one credential
  • request multiple credentials
  • request one of a set of credential types (credentials_sets)
  • filter by doctype / vct
  • filter by claim presence
  • filter by claim value

edit: since only credential_sets has a purpose i think supporting this is essential

@jogu
Copy link
Contributor

jogu commented Jan 7, 2025

Discussed on today's WG call. People were happy that most of the features currently in DCQL would be mandatory to implement. Only contentious point was around value matching, which in VP is optional for wallets to implement - the verifier must check if the return credential does actually match the value it requested or not. We should double check if this is clear in VP already.

We may need a mechanism for the verifier to request that a credential is not returned if the wallet is not doing value matching, which could be based on advanced syntax for claims. That should be discussed further separately.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

5 participants