-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Relying Party Remote Presentation alignments with standards #400
Conversation
…t-wallet-docs into versione-corrente
…t-wallet-docs into versione-corrente
…t-wallet-docs into versione-corrente
…t-wallet-docs into versione-corrente
…t-wallet-docs into versione-corrente
…t-wallet-docs into versione-corrente
…t-wallet-docs into versione-corrente
…t-wallet-docs into versione-corrente
…t-wallet-docs into versione-corrente
…etadata_uri and added clarifications when client_metadata can be used along with openid federation and for ephemeral cryptographic keys provided by RP. Fixes #376
FYI in the actual changes you used |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, even if it seems that it is necessary to support HYPE too.
For remote flows in POTENTIAL, the ARF states that OpenID4VP and OpenID4VCI, HAIP and
SD-JWT-VC protocols must be supported (see ARF v1.4, p.17f.).
This PR
presentation_submission further clarifications
According to feedbacks ferom the implementers, further clarification abou how to match and decode correctly several credential contained within the vp_token array are included
Removed client_metadata_uri clarification section
since it is not supproted anymore in openid4vp
Added clarifications when client_metadata is present
It can be used along with openid federation and for ephemeral cryptographic keys provided by RP.
This might represent a vulnerability, further checks must be required.
Fixes #376
auth flow fixed for the redirect_uri
RP crossdevice flow without redirect_uri. Fixes #386
The redirect_uri MUST NOT be provided when the cross device flow is used.
further clarification about which key to use for singin a request object
Fixes #292