[has-PR] Define which object should be returned for `mdl_iso_cbor`
Issue #1612
resolved
ISO 18013-5 does not define a CDDL for mdoc or mdl. We should define which object we return in the credential response for mdl_iso_cbor. One candidate is the Document object from ISO 18013-5 8.3.2.1.2.2 but without deviceSigned. The ISO spec describes the CDDL for Document.
Comments (8)
-
reporter
-
to add a little more context.
ISO 18013-5 specifies that wallet app has to send the following to the Verifier during the presentation (SD-JWT style selective disclosure is mandatory in ISO 18013-5):
- IssuerAuth - an object signed by the issuer that contains digests of all data elements disclosed (equivalent to SD-JWT in sd-jwt IETF draft)
- IssuerSigned - an object that contains actual values of the data elements disclosed (equivalent to SVC in sd-jwt IETF draft)
- DeviceSigned - an object signed by the wallet’s/holder’s key (holder binding is mandatory)
All these three items are returned inside a
Documentobject.The options of what to return during issuance are:
- only IssuerSigned
- entire Document object with DeviceSigned as Null (or inexistent)
I think I prefer the first option for cleanness?
-
reporter
Yes, I would also prefer option 1. In that case we could just refer to the normative definition in ISO 18013-5 of
IssuerSignedwithout additional requirements. -
- changed title to [needs-PR] Define which object should be returned for `mdl_iso_cbor`
-
- changed title to [has-PR] Define which object should be returned for `mdl_iso_cbor`
-
-
I think that this should be addressed in ISO profile of this spec, because it is very ISO specific. pending close.
-
- changed status to resolved
Migrated to GitHub
- Log in to comment
- Assignee
- –
- Type
- Priority
- Status
- resolved
- Component
- Credential Issuance
- Milestone
- –
- Version
- –
- Votes
- 0
- Watchers
- 1
We could also use
IssuerSignedas per ISO.