fix: vp_formats

docs/en/pid-eaa-data-model.rst

@@ -107,9 +107,9 @@ The following claims MUST be in the JWT payload and MUST NOT be included in the
     * - **cnf**
       - JSON object containing the proof-of-possession key materials. By including a **cnf** (confirmation) claim in a JWT, the issuer of the JWT declares that the Holder is in control of the private key related to the public one defined in the **cnf** parameter. The recipient MUST cryptographically verify that the Holder is in control of that key. 
       - `[RFC7800, Section 3.1] <https://www.iana.org/go/rfc7800>`_.
-    * - **type**
+    * - **vct**
       - Credential type as a string, MUST be set in accordance to the type obtained from the PID/(Q)EAA Issuer metadata. For example, in the case of the PID, it MUST be set to ``PersonIdentificationData``.
-      - `[draft-terbu-sd-jwt-vc-latest. Section 4.2.2.2] <https://vcstuff.github.io/draft-terbu-sd-jwt-vc/draft-terbu-sd-jwt-vc.html#section-4.2.2.2>`__.
+      - `[draft-terbu-sd-jwt-vc-latest. Section Type Claim] <https://drafts.oauth.net/oauth-sd-jwt-vc/draft-ietf-oauth-sd-jwt-vc.html#type-claim>`__.
     * - **verified_claims**
       - JSON object containing the following sub-elements: 
 
@@ -532,7 +532,7 @@ The combined format for the PID issuance is represented below:
 
 .. code-block::
 
-  eyJ0eXAiOiJ2YytzZC1qd3QiLCJhbGciOiJSUzUxMiIsImtpZCI6ImQxMjZhNmE4NTZmNzcyNDU2MDQ4NGZhOWRjNTlkMTk1IiwidHJ1c3RfY2hhaW4iOlsiTkVoUmRFUnBZbmxIWTNNNVdsZFdUV1oyYVVobSAuLi4iLCJleUpoYkdjaU9pSlNVekkxTmlJc0ltdHBaQ0k2IC4uLiIsIklrSllkbVp5Ykc1b1FVMTFTRkl3TjJGcVZXMUIgLi4uIl19.eyJpc3MiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLm9yZyIsInN1YiI6Ik56YkxzWGg4dURDY2Q3bm9XWEZaQWZIa3hac1JHQzlYcy4uLiIsImp0aSI6InVybjp1dWlkOjZjNWMwYTQ5LWI1ODktNDMxZC1iYWU3LTIxOTEyMmE5ZWMyYyIsImlhdCI6MTU0MTQ5MzcyNCwiZXhwIjoxNTQxNDkzNzI0LCJzdGF0dXMiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLm9yZy9zdGF0dXMiLCJjbmYiOnsiandrIjp7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoic2lnIiwia2lkIjoiZDEyNmE2YTg1NmY3NzI0NTYwNDg0ZmE5ZGM1OWQxOTUiLCJhbGciOiJSUzI1NiIsIm4iOiJvaWFuczV3WUNXazR3RnRFU3RWWWNuX3hPdzllZEtNTkdIMzNfcTZfcEJJMFhhVFk3UDNhcFVnak8waXZrNWMxTlFBVlk2UFptY1BROFAxWTBjQkFDOVNUUm16dlR2RFFjT29jTGhWeTJabGNYVHUzOW9PR0xOcmE4X0xRc2FNQTM4NmxPX3FNVzQtdVk2RGJHWlk0dkhrU2N2QUM5RklaWURQYWZxV0JFUVVOVjJRT0ZNSDVWUG9paENUS0h3TUdYblpCYXRZT2JnNTd4U09VWC1idmhPX3NGTW0zazRSdnNYY3IzTUZvakFoTGZ3dXR1X2pLOWs3TjlLUl9tTmM1SXBpT3loWndfc1VtRjZTYW1ScXNTUHA0MktEMTBoUE1XMFlKVERNWXhCZEhyTUZlU01IWUlNWTRvQkJUNDNfX2E1NXpJTElfQ25JazQyNDF3T3ZHdncifX0sInR5cGUiOiJIZWFsdGhJbnN1cmFuY2VEYXRhIiwidmVyaWZpZWRfY2xhaW1zIjp7InZlcmlmaWNhdGlvbiI6eyJfc2QiOlsiMmpJUjE4Z2ZlQVNIWUdCMjdzN3NTM1NfaVE0eHhGSXhDUnlpb2hyQmZucyJdLCJ0cnVzdF9mcmFtZXdvcmsiOiJlaWRhcyIsImFzc3VyYW5jZV9sZXZlbCI6ImhpZ2gifSwiY2xhaW1zIjp7Il9zZCI6WyIxaXp0cTdib3Y2NHhUWWJEa1dGYzQ0X1ZqV2UwMjloWnFYZVVJbG9xVU40IiwiRU5ObzMxamZ6RnA4WTJEVzBSLWZJTWVXd2U3RUxHdkdvSE13TUJwdTE0RSIsIkZWMkNETld1VHFUZ09IYWZ0dlZhdW1CRjBPbG1ueXhNc3d5ZjR1SXhyaFkiLCJkWldqcTdtSlNTWC1YVElfSFd1RThCMng2SWRNNWxFLWRvRF95QnBLSmFvIiwiZ0hZaTE5ZnJiRF9pNEJvYVdFTk9qYzNsQ25NajRwYkdOUWNzQmpfUU00USJdfX0sIl9zZF9hbGciOiJzaGEtMjU2In0.PrVt9qpf1WmfoRKncGXw6loKRANomsL-foXMqMUIyK2AO0tWM5laveqRet9Bb5A0fPq7rxNQLU57ngV3o8VzKLhFkbKm1_wtA5XuZXBfz0qGCmIP6tZQu9yAvXy162h6_i4FOINyHoL8i5mNPFTHFY0nBYTyVkCScfBC2Ccv4i7RSALbpbpviTpoYVBzFWtdOKuuMED5XwKpW9-VF_JK11yaJJ880walzu5tZ3XAOb0KkfUS3sCmSkKO5wMm1SeaS7xL5iiPSnAMTMrlmKE6qcwAkdDX-hNeGzncwBjHASTWb2udayK8Cal-wFGDWrRWGq3mU0rfuxMIFkjv4gdi8Q
+  eyJhbGciOiJSUzI1NiIsImtpZCI6Iks2S2hpUDNrOC1XOWVHdk1SVTg0NVVwWVRTdEJsR0g4ejFKZl85czMtUWsifQ.eyJpc3MiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLm9yZyIsInN1YiI6Ik56YkxzWGg4dURDY2Q3bm9XWEZaQWZIa3hac1JHQzlYcy4uLiIsImp0aSI6InVybjp1dWlkOjZjNWMwYTQ5LWI1ODktNDMxZC1iYWU3LTIxOTEyMmE5ZWMyYyIsImlhdCI6MTU0MTQ5MzcyNCwiZXhwIjoxNTQxNDkzNzI0LCJzdGF0dXMiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLm9yZy9zdGF0dXMiLCJjbmYiOnsiandrIjp7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoic2lnIiwia2lkIjoiZDEyNmE2YTg1NmY3NzI0NTYwNDg0ZmE5ZGM1OWQxOTUiLCJhbGciOiJSUzI1NiIsIm4iOiJvaWFuczV3WUNXazR3RnRFU3RWWWNuX3hPdzllZEtNTkdIMzNfcTZfcEJJMFhhVFk3UDNhcFVnak8waXZrNWMxTlFBVlk2UFptY1BROFAxWTBjQkFDOVNUUm16dlR2RFFjT29jTGhWeTJabGNYVHUzOW9PR0xOcmE4X0xRc2FNQTM4NmxPX3FNVzQtdVk2RGJHWlk0dkhrU2N2QUM5RklaWURQYWZxV0JFUVVOVjJRT0ZNSDVWUG9paENUS0h3TUdYblpCYXRZT2JnNTd4U09VWC1idmhPX3NGTW0zazRSdnNYY3IzTUZvakFoTGZ3dXR1X2pLOWs3TjlLUl9tTmM1SXBpT3loWndfc1VtRjZTYW1ScXNTUHA0MktEMTBoUE1XMFlKVERNWXhCZEhyTUZlU01IWUlNWTRvQkJUNDNfX2E1NXpJTElfQ25JazQyNDF3T3ZHdncifX0sInR5cGUiOiJIZWFsdGhJbnN1cmFuY2VEYXRhIiwidmVyaWZpZWRfY2xhaW1zIjp7InZlcmlmaWNhdGlvbiI6eyJfc2QiOlsiMmpJUjE4Z2ZlQVNIWUdCMjdzN3NTM1NfaVE0eHhGSXhDUnlpb2hyQmZucyJdLCJ0cnVzdF9mcmFtZXdvcmsiOiJlaWRhcyIsImFzc3VyYW5jZV9sZXZlbCI6ImhpZ2gifSwiY2xhaW1zIjp7Il9zZCI6WyIxaXp0cTdib3Y2NHhUWWJEa1dGYzQ0X1ZqV2UwMjloWnFYZVVJbG9xVU40IiwiRU5ObzMxamZ6RnA4WTJEVzBSLWZJTWVXd2U3RUxHdkdvSE13TUJwdTE0RSIsIkZWMkNETld1VHFUZ09IYWZ0dlZhdW1CRjBPbG1ueXhNc3d5ZjR1SXhyaFkiLCJkWldqcTdtSlNTWC1YVElfSFd1RThCMng2SWRNNWxFLWRvRF95QnBLSmFvIiwiZ0hZaTE5ZnJiRF9pNEJvYVdFTk9qYzNsQ25NajRwYkdOUWNzQmpfUU00USJdfX0sIl9zZF9hbGciOiJzaGEtMjU2In0.vl5ELdx9d7smuDHHDfBGaUySolBe7O3RROqpHDkM3txvXJxgZcCwZQhbWN3sSrBkJgSZ_kFEs2ddYIVKE4bglASlBbSizC8CASdJlyDD3T_dyimA1r2bwSfsHTyrcG_SpoU5Ee9KS-Lr2PCQ3LmTc8_nhaeBGtZCO4B8oZI9bpD6zqms1Zr-ymaE0pYnnQ3aWOclhiLavVudKxLxZvYXTdMStjyNbwBXekVVOnAZuCTuXMsD_jah7_MkmJP_buJgq3u6TthctsORHp4pKuZeI_43Y728-Qg7mIDeL5_-j_vgXdu7FWVa0OSTjZJM27GCDzr2M8LAhApk4aeDoF1Cmw
 
 MDOC-CBOR
 =========

docs/en/pid-eaa-issuance.rst

@@ -84,7 +84,7 @@ The PID/(Q)EAA Issuance phase is based on the **Authorization Code Flow** with *
 .. figure:: ../../images/Low-Level-Flow-ITWallet-PID-QEAA-Issuance.svg
     :figwidth: 100%
     :align: center
-    :target: https://www.plantuml.com/plantuml/svg/bLJDRXit4BxpAGREeJQmGky24aIErLXeK0Yk0ryABAZTaJJrYjoIGodgeS_UuL9Yk79Zr8O1IUJypFSp_EXPEmwxJkd0reJT2frIlPnHGxqs35TVFRehq1w2KYlxBHtyvC7l9AhVMeDNyEuBRRPysmKSvzuwUyZfUdptfBiE6HP6HZ0D3Z47XQO5wQB-CtRfx9xQKxtLHSnoSJSE82L_1vXyW305ks9D1eusE9185M0Y5uSf7D4hvOnb1Bj71mTuztI_U9ohKuQ6ZZo3NSEZ2vwnXR9Hd7T8bawJ3zAdiMPDRWUyHV3OOSDaZMIFirIGxjBSFezxLoHKBZxVFtv-cCz_KnSKGRF5vjbBRSr3Wx8ca8V8X_GQxdv1ETH3TstQCtvY3pjatMhMvUmGoG0Ptw5cAVphfxb0QH5aB5eJkg78qs8sMThbAPuaVZbxW0VyAw1dk7ReUsiyrdpiiOAc8pHSKriDfUfc6-6O3Lx-hcMYhPKmbohbLEqzkWYXg5WUlvU1_ZaDTGCbarIjHaoEcBgaiNJNwqo-NiVJncWE3YMpB3nZHizPYq64lUwe9Jv2eOAYPChCQw8Jha-yrC5H1VYj9uU-9dEJ_1qDhgSm2qAYexzJdonAeK9HvaO5FMJIcnFLcETmtfVWeqkabcHHaueTYBU0YxlPxt1Fc-s0lecO3B_4BHDT35DG41rJGMHHFiZx3E3mbgJ2wHiqKLM4Ep4FFEFnXtUzitPT-X_MrertZ-qp6X14lIM1LYp8eznaKWS-og8boHkd3P-DRjlpbfmNy0TByJuuCoNazLGigtT-QgC4qnGxoR6J63lzyy2JyyrtJrP_c5StA-hVaiFcR01AF6LmcM_TDEXzFR1H9L8IeCAqWgCsrZIOlzGZHry-HOae-U-jzr8zAdnzoXp2n_4bkozaaf0skbDtMQj2ga_VRr_gLKABNXYhc3Fh5jTaQA0rzjzfhbBKJRasvsV-zilNkNh03NcEozDryTaenfmux0HK2ufCgYQ51rp95cdDVdQujwUDAz-Jh5E9B8jrcgxezh-b4LBp0pQG4PqKV7eGYpZFrfLmr4SPBkowVm40
+    :target: https://www.plantuml.com/plantuml/svg/bLJVRzis47xdNt587vO0DlPke4MTn6kC5OEHfSXB086HplOj4gcHnwZUm_xs7KLPfkQqQ8C0KSZxyNtVVSUFdhNZqDHA1xOcDC_eb6hbZ4fgjM6u-EBHNO3s49Hwjb_JmIyUV2DHxTuQl81tdsctv-iwu3JtsjbkJDVJkqTTryYmDWB1bDZ7T0fD1TBbVnWswrlOEFjArL2CbFnqCFy0OG7scJKPEDZWG29LWBbST0iue5VA6Si8zXKTTF3kyMxzi5931kyHQl8CTjj_FxZW6Il8s_a8gQyX3USVf5rfpPPSqsTuhB5aiYQMoDEK2W92CDYNAOGPYLhhJtSFd-vNgp_KpHxBbqaca0SXFuBw3ULGzpsqgOvaYJqqoBhIh7E449c3W7Ie6M7p-yrA05S8qfosXAulyhXUpZTsCyIJn6-Mzt2FVmVq39TF1i2XRwtnMF2XnLayAMj2mmLLwJyfMfJxE4IpmpUE2e6tjodOfSfv6UqzkiXgsY2_UIym_nsWFfaho7LyIyNag1yHSaZmj3EQWyCXv5XXoOoUJvf7iLzrJHNn0JAr5IMdZVeboU1ou5i4HpF0hoqvz0MPgsJQw5gzW6KGVHpza_gCufzaXgpCbGgwpwIVJbGJtMRXk0J1HpT8BScYCXNhYFU0wzlbdt0dAzspBoCdm-Uy1T4Pc562Q8OPH1Nb3ta_4kX-9Ybpz0vD71_2hTW1Nl3mpRlMMRlDVGvRwwOxnlO53GYZrf9GonRXGMv6KPCUMT7ByqNOEMquCx6jicquRjstdVy-EBCWvEr2lAeRlx1n98iKEnzZvp5syLV7y-FDoQDI_BkxCwnWHGxBtXDFqOcKn4kCyo7eiaJlYrwYML8gqSkSF8EoCDQKE7uKcStFtw6adlosrdkf7iT-EMJsuTFuNFApsKb85Ishwt60sVnkJhVdGyofzGR9HtkgMrIu9KEzjh5_etcMegxUUeEkFtzPgNlSaUUuKNKTtv8CvjnXBQGgK6HIDIdSyqhsIBltgyDNcpuXVsI6EUNCic4DwB9kFpmQ4VNqgaKnefs2XpA-ZLcSP-joEkgZW0jD_Hy0
 
     PID/(Q)EAA Issuance - Detailed flow
 

docs/en/relying-party-solution.rst

@@ -188,17 +188,13 @@ To attest a high level of security, the Wallet Instance submits its Wallet Insta
 
 Below the description of the parameters defined in *OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP)*.
 
-.. note::
-    The use of DPoP doesn't represent any breaking changes to Wallet Instances that do not support DPoP to a *request_uri* endpoint, since it is assumed to use it as an additional security mechanisms for the attestation of the status of the Wallet Instance.
-
-    If the DPoP HTTP Header is missing, the Relying Party would assume the lowest attestable level of security to the Wallet Instance it is interacting with.
+If the DPoP HTTP Header is missing, the Relying Party would assume the lowest attestable level of security to the Wallet Instance it is interacting with.
 
 DPoP HTTP Header
 ^^^^^^^^^^^^^^^^
 
 A **DPoP proof** is included in the request using the HTTP Header ``DPoP`` and containing a JWS. The JWS MUST be verified with the public key made available in the Wallet Instance Attestation (``Authorization: DPoP``).
 
-
 The JOSE header of the **DPoP JWS** MUST contain at least the following parameters:
 
 .. list-table:: 
@@ -288,7 +284,7 @@ The Relying Party issues the signed Request Object, where a non-normative exampl
   }
   .
   {
-    "scope": "eu.europa.ec.eudiw.pid.it.1 pid-sd-jwt:unique_id+given_name+family_name",
+    "scope": "eu.europa.ec.eudiw.pid.it.1 tax_id_number",
     "client_id_scheme": "entity_id",
     "client_id": "https://relying-party.example.org",
     "response_mode": "direct_post.jwt",
@@ -353,11 +349,7 @@ The JWS payload parameters are described herein:
 
 .. warning::
 
-    This implementation profile use the parameter ``scope`` within the request instead of the ``presentation_definition``. 
-
-Using the parameter ``scope`` requires that the Relying Party Metadata MUST 
-contain the ``presentation_definition``, where a non-normative example of it
-is given below:
+    Using the parameter ``scope`` requires that the Relying Party Metadata MUST contain the ``presentation_definition``, where a non-normative example of it is given below:
 
 .. code-block:: JSON
 
@@ -366,7 +358,7 @@ is given below:
       "id": "presentation definitions",
       "input_descriptors": [
         {
-          "id": "pid-sd-jwt:unique_id+given_name+family_name",
+          "id": "eu.europa.ec.eudiw.pid.it.1",
           "name": "Person Identification Data",
           "purpose": "User authentication",
           "format": "vc+sd-jwt",
@@ -432,7 +424,7 @@ Below is a non-normative example of the decrypted JSON ``response`` content:
         "id": "04a98be3-7fb0-4cf5-af9a-31579c8b0e7d",
         "descriptor_map": [
             {
-                "id": "pid-sd-jwt:unique_id+given_name+family_name",
+                "id": "eu.europa.ec.eudiw.pid.it.1",
                 "path": "$.vp_token.verified_claims.claims._sd[0]",
                 "format": "vc+sd-jwt"
             }
@@ -567,7 +559,7 @@ Below is a non-normative response example:
                     "https://www.spid.gov.it/SpidL2",
                     "https://www.spid.gov.it/SpidL3"
                 ],
-                "vp_formats_supported": {
+                "vp_formats": {
                     "vc+sd-jwt": {
                         "sd-jwt_alg_values": [
                             "ES256",
@@ -581,8 +573,7 @@ Below is a non-normative response example:
                 },
                   "presentation_definitions": [
                       {
-                        "id": "pid",
-                        "id": "pid",
+                        "id": "eu.europa.ec.eudiw.pid.it.1",
                         "input_descriptors": [
                             {
                                 "id": "IdentityCredential",

docs/en/trust.rst

@@ -433,20 +433,21 @@ Below there is a non-normative example of an Entity Statement issued by an Accre
                       ]
                 },
             },
-        "wallet_relying_party": {
-            "vp_formats_supported": {
-                "vc+sd-jwt": {
-                    "sd-jwt_alg_values": [
-                        "ES256",
-                        "ES384"
-                    ],
-                    "kb-jwt_alg_values": [
-                        "ES256",
-                        "ES384"
-                    ]
+            "wallet_relying_party": {
+                "vp_formats": {
+                    "vc+sd-jwt": {
+                        "sd-jwt_alg_values": [
+                            "ES256",
+                            "ES384"
+                        ],
+                        "kb-jwt_alg_values": [
+                            "ES256",
+                            "ES384"
+                        ]
+                    }
                 }
             }
-        }
+         }
     }
 
 

docs/en/wallet-instance-attestation.rst

@@ -249,9 +249,9 @@ Payload
 ||                          || problems is to have a limited                 |
 ||                          || duration of the attestation.                  |
 +---------------------------+------------------------------------------------+
-|| attested_security_context|| Attested security context:                    |
-||                          || Represents the level of "security"            |
-||                          || attested by the Wallet Provider.              |
+|| aal                      || JSON String asserting the authentication level|
+||                          || of the Wallet and the key as asserted in      |
+||                          || the cnf claim.                                |
 +---------------------------+------------------------------------------------+
 || cnf                      || This parameter contains the ``jwk``           |
 ||                          || parameter                                     |
@@ -269,8 +269,9 @@ Payload
 ||                          || authorization server supports.                |
 ||                          || `RFC 8414 section 2`_                         |
 +---------------------------+------------------------------------------------+
-|| vp_formats               || JSON object containing at least               |
-||                          || ``vc+sd-jwt``.                                |
+|| vp_formats_supported     || JSON object with name/value pairs,            |
+||                          || identifying a Credential format supported     |
+||                          || by the Wallet.                                |
 +---------------------------+------------------------------------------------+
 || request_object_signing   || JSON array containing a list of the           |
 || _alg_values_supported    || JWS signing algorithms (alg values)           |
@@ -282,10 +283,6 @@ Payload
 ||                          || reference. MUST set to `false`.               |
 +---------------------------+------------------------------------------------+
 
-.. note::
-   The claim ``attested_security_context`` (Attested Security Context) is under discussion
-   and MUST be intended as experimental.
-
 Below is an example of Wallet Instance Attestation:
 
 .. code-block:: javascript
@@ -304,7 +301,7 @@ Below is an example of Wallet Instance Attestation:
   {
     "iss": "https://wallet-provider.example.org",
     "sub": "vbeXJksM45xphtANnCiG6mCyuU4jfGNzopGuKvogg9c",
-    "attested_security_context": "https://wallet-provider.example.org/LoA/basic",
+    "aal": "https://trust-list.eu/aal/high",
     "cnf":
     {
       "jwk":
@@ -323,7 +320,7 @@ Below is an example of Wallet Instance Attestation:
     "response_modes_supported": [
       "form_post.jwt"
     ],
-    "vp_formats": {
+    "vp_formats_supported": {
         "vc+sd-jwt": {
             "sd-jwt_alg_values": [
                 "ES256",

docs/en/wallet-solution.rst

@@ -145,14 +145,11 @@ Payload
 | token_endpoint                              | Endpoint for obtaining the Wallet                                   |
 |                                             | Instance Attestation.                                               |
 +---------------------------------------------+---------------------------------------------------------------------+
-| attested_security_context_values_supported  | List of supported values for the                                    |
+| aal_values_supported                        | List of supported values for the                                    |
 |                                             | certifiable security context. These                                 |
 |                                             | values specify the security level                                   |
 |                                             | of the app, according to the levels: low, medium, or high.          |
-|                                             | An attested security context is                                     |
-|                                             | defined by the proof that the                                       |
-|                                             | Wallet Instance can provide to the                                  |
-|                                             | Wallet Provider.                                                    |
+|                                             | Authenticator Assurance Level values supported.                     |
 +---------------------------------------------+---------------------------------------------------------------------+
 | grant_types_supported                       | The types of grants supported by                                    |
 |                                             | the token endpoint. It MUST be set to                               |
@@ -163,11 +160,11 @@ Payload
 | ted                                         | the token endpoint.                                                 |
 +---------------------------------------------+---------------------------------------------------------------------+
 | token_endpoint_auth_signing_alg_va          | Supported signature                                                 |
-| lues_supported                              | algorithms for the token endpoint                                   |
+| lues_supported                              | algorithms for the token endpoint.                                  |
 +---------------------------------------------+---------------------------------------------------------------------+
 
 .. note::
-   The `attested_security_context_values_supported` parameter is experimental and under review.
+   The `aal_values_supported` parameter is experimental and under review.
 
 Payload `federation_entity`
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -224,7 +221,7 @@ Below a non-normative example of the Entity Configuration.
         ]
       },
       "token_endpoint": "https://wallet-provider.example.org/token",
-      "attested_security_context_values_supported": [
+      "aal_values_supported": [
         "https://wallet-provider.example.org/LoA/basic",
         "https://wallet-provider.example.org/LoA/medium",
         "https://wallet-provider.example.org/LoA/high"