[has-PR] Server metadata under specified
Issue #1539
resolved
Section 8.1 of the 21 June 2022 draft of OIDC4VP under specifies server metadata. It simply says:
A JSON object defining the formats, proof types and algorithms of verifiable presentations and verifiable credentials that a RP supports. Valid values include…
What is a value of a JSON object? There’s no normative or non-normative reference to a JSON spec, but RFC 7591 and OpenID.Registration have such references to RFCs that are updated to RFC 8259 which says:
An object structure is represented as a pair of curly brackets surrounding zero or more name/value pairs (or members).
From this, I can’t make out what 8.1 is saying exactly. (Sorry I’m being pedantic, but it’s important to be exact in specs, right?)
As a result, one could argue that the following is valid metadata:
{
"vp_formats_supported": {
"key1": [
{ "value": "jwt_vp" },
"my_good_proof_type",
"my_good_algorithm"
],
"key2": [
{ "value": "ldp_vp" },
"my_other_good_proof_type",
"my_other_good_algorithm"
]
}
}
From the example of client metadata in 8.2.3.1, one could infer the expected structure of this JSON object. (For this reason, I view this issue as minor). However, the spec should clearly state this in 8.1 IMHO.
Comments (6)
-
reporter
-
- changed milestone to Implementer's Draft
-
Opened duplicate issuer in
#1590... -
Regarding questions in the comment:
-
Section 5.1 says that the “VC and VP formats supported by an AS should be published in its metadata (see Section 8.1).” Yet, the parameter is called
vp_...This is perhaps OK but I wonder if it’s conflating two things. Should that be two metadata values instead, one for VP formats and one for VC formats?- It has been discussed in the WG and so far we agreed to stick to including both VC and VP formats under the same parameter, partially because there are formats that do not have clear vc/vp separation like ISO mDL
-
Also, in section 8.1., it says, “vp_formats_supported: A JSON object defining [things] that a RP supports.” From 5.1 and the fact that this is about server metadata, I assume RP here should be AS or that it should say “…that an RP may register.”
- good catch. I believe it should be
AS supports.
- good catch. I believe it should be
-
Lastly, 8.1 says “Valid values include jwt_vp, ldp_vp, jwt_vc and ldp_vc.” Could a comment be made about where jwt_vp, ldp_vp, jwt_vc, and ldp_vc are defined (and any normative references added if not already present)?
- Has been changed to
Valid values are defined in Section 6.7.3. of [@!OpenID.VCI].
- Has been changed to
-
-
- changed title to [has-PR] Server metadata under specified
-
- changed status to resolved
PR merged
- Log in to comment
- Assignee
- –
- Type
- Priority
- Status
- resolved
- Component
- Verifiable Presentation
- Milestone
- Implementer's Draft
- Version
- –
- Votes
- 0
- Watchers
- 1
A few more comments about the server metadata:
Section 5.1 says that the “VC and VP formats supported by an AS should be published in its metadata (see Section 8.1).” Yet, the parameter is called
vp_...This is perhaps OK but I wonder if it’s conflating two things. Should that be two metadata values instead, one for VP formats and one for VC formats?Also, in section 8.1., it says, “vp_formats_supported: A JSON object defining [things] that a RP supports.” From 5.1 and the fact that this is about server metadata, I assume RP here should be AS or that it should say “…that an RP may register.”
Lastly, 8.1 says “Valid values include jwt_vp, ldp_vp, jwt_vc and ldp_vc.” Could a comment be made about where jwt_vp, ldp_vp, jwt_vc, and ldp_vc are defined (and any normative references added if not already present)?