1. OpenID Foundation Avatar OpenID Foundation
  2. WGs
  3. connect
  4. Issues

what is the point of alg_values_supported in wallet metadata?

Issue #1813 resolved
Kristina Yasuda created an issue

Issuer had already signed over holder’s key, so technically there is only one algorithm that the holder can use to sign the Verifiable Presentations (regardless of the credential format).

so I don’t think we need alg_values_supported in wallet metadata vp_formats_supported.

Comments (7)

  1. David W Chadwick

    I think there is a difference between the algorithm used by the issuer to sign the VC and the algorithm that the wallet uses to sign the VP. They do not need to be the same, even if in many cases they may be the same. Without this metadata parameter we would need to introduce a rule to say that the algorithm used to sign the VP must be the same as that used to sign the encapsulated VCs. But what if two issuers used different algorithms to sign their VCs? Then the wallet would be forced to issue multiple VPs.

    So on balance I think this metadata parameter should be present.

  2. Torsten Lodderstedt

    Metadata shall allow the parties to determine the intersection of their capabilities. If the verifier is able to determine the algs the wallet supports, it might directly stop (as there is no intersection) or adjust the request to the wallet’s capabilities. Same holds true for formats. If the wallet does have the capabilities but the matching credential deviates, the wallet could try to obtain a new credential with the requested algs/formats.

  3. David W Chadwick

    @Torsten. Given the above definition this would rule out the redirect_uris from being present in the metadata since this does not fit the definition

  4. Torsten Lodderstedt

    @Torsten. Given the above definition this would rule out the redirect_uris from being present in the metadata since this does not fit the definition

    I generally agree that the redirect_uris must not be presented in the client metadata parameter(s). I don’t see how my statement above is related to this topic. Could you pls. explain?

  5. David W Chadwick

    It was a passing comment, not directly related to this issue, but to the metadata in general.

  6. Kristina Yasuda reporter

    I think there is a difference between the algorithm used by the issuer to sign the VC and the algorithm that the wallet uses to sign the VP.

    my point was not the alg used to sign the VC itself, but the alg of the holder’s pubKey signed over by the issuer in the VC - the latter has to be the same as the alg signing the VP, obviously.

    Overall, I agree it is a useful parameter. my suggestion would be to say alg_values_supported is optional. (right now it does not say whether it is mandatory or optional). And make it clear it is an empty object when not used..?

  8. Log in to comment
Assignee
Type
bug
Priority
major
Status
resolved
Component
Verifiable Presentation
Milestone
Version
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!