Credential Issuer Identifier underspecified
Issue #1758
resolved
Current text:
A Credential Issuer is identified by an HTTPS URL. The way the wallet discovers the Credential Issuer's URL is out of scope of this specification.
(…)Credential Issuers publishing Metadata MUST make a JSON document available at the path formed by concatenating the string /.well-known/openid-credential-issuer to the Credential Issuer identifier. If the Credential Issuer value contains a path component, any terminating / MUST be removed before appending /.well-known/openid-configuration.
The credential issuer identifier need to be defined as in OIDC core to ensure that there is no query or fragment component. I assume that is what is desired, but if query or fragment need to be allowed, the last two sentences need to be reworded to fit the model.
OIDC Core says this on the issuer identifier:
Verifiable Identifier for an Issuer. An Issuer Identifier is a case sensitive URL using the https scheme that contains scheme, host, and optionally, port number and path components and no query or fragment components.
Comments (4)
-
reporter
-
please have a look at PR #386
-
- changed status to open
-
- changed status to resolved
PR merged
- Log in to comment
- Assignee
- –
- Type
- Priority
- Status
- resolved
- Component
- Credential Issuance
- Milestone
- –
- Version
- –
- Votes
- 0
- Watchers
- 1
Also, the last sentence still says
/.well-known/openid-configuration.