Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

missing the query parameter client_id_scheme when issuing VP requests with X509_sans_dns client_id_scheme #30

Closed
endimion opened this issue Oct 21, 2024 · 3 comments

Comments

@endimion
Copy link
Collaborator

@endimion
Copy link
Collaborator Author

In HAIP profile it says that “client_id_scheme parameter MUST be present in the Authorization Request” https://openid.net/specs/openid4vc-high-assurance-interoperability-profile-sd-jwt-vc-1_0.html#section-5-1.6 but this is about Authorization request which is what you get as a response from request_uri

@endimion endimion reopened this Nov 7, 2024
@endimion
Copy link
Collaborator Author

endimion commented Nov 7, 2024

Additional input has been shared:

[1] In the protocol, since the client_id_scheme parameter namespaces the client_id, it should appear everywhere where client_id appears :

Everywhere where a party checks a client id (especially the AS and the client), it must check the tuple (client_id, client_id_scheme) instead. This also applies if client_id_scheme is not used by one of the parties (in which case client_id_scheme must be replaced by, e.g., null).

@endimion
Copy link
Collaborator Author

endimion commented Nov 8, 2024

In EWC we are currently only supporting OIDC4VP v18. So closing for now and might reopen if we move to a newer version of the spec.

@endimion endimion closed this as completed Nov 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant