Server metadata needs to specify supported proof types / algorithms
Issue #1697
resolved
The credential request contains a proof of possession of a private key by the client. The spec allows flexibility in the type of proof provided, though only JWT is defined. (I filed #1696 on whether this flexibility is required.) A client needs to know what proof types and signature algorithms the server supports. It seems like this calls for some server metadata fields, say credential_proof_types_supported and credential_request_alg_values_supported.
Comments (5)
-
-
- changed status to open
-
I agree an Credential Issuer metadata need
proof_type_supportedequivalent of
credential_request_alg_values_supportedis already covered bycryptographic_binding_methods_supportedandcryptographic_suites_supporteddefined here: https://openid.bitbucket.io/connect/openid-4-verifiable-credential-issuance-1_0.html#section-10.2.3.1-2.3.1 -
-
- changed status to resolved
PR merged
- Log in to comment
- Assignee
- –
- Type
- Priority
- Status
- resolved
- Component
- Credential Issuance
- Milestone
- –
- Version
- –
- Votes
- 0
- Watchers
- 1
We looked at this on the 31-Oct-22 working group call. It would probably benefit from discussion on a SIOP special topic call.