Clarify in OIDC4VP that purpose of sending back id_token and VP is different
Issue #1334
resolved
There have been questions “why return ID Token when it is signed by the same user-controlled key as a Verifiable Presentation (VP) and the two seems duplicative”.
Suggest adding a text to OIDC4VP that clarifies that there are two functions in OpenID Connect, 1/ authentication of the user and 2/ return of the claims about the user. ID Token server the first purpose as an authentication receipt and VP serves the second purpose as a proof of possession of a third party attested claims.
Comments (6)
-
-
is an mdl a third party attested claim? or a statment about the wallet itself?
-
reporter
I would say mDL would be a third party attested claim as it includes a signature of the Issuing Authority, even though mDL uses user device key as a user identifier.
-
reporter
-
reporter
-
assigned issue to
Kristina Yasuda
-
assigned issue to
-
reporter
- changed status to resolved
closed by merging PR #75
- Log in to comment
- Assignee
- Type
- Priority
- Status
- resolved
- Component
- Verifiable Presentation
- Milestone
- –
- Version
- –
- Votes
- 0
- Watchers
- 1
I agree with this perspective, as does Torsten, as discussed on the 9-Sep-21. Kristina agreed to write a PR to do this.