1. OpenID Foundation Avatar OpenID Foundation
  2. WGs
  3. connect
  4. Issues

Definition of credential_definition on OID4VCI section E.1.3.3 seems to be missing the inclusion of credentialSubject

Issue #1818 resolved
Pedro Felix created an issue

The definition of credential_definition on OID4VCI section E.1.3.3 seems to be missing the inclusion of credentialSubject. Note that the non-normative example on OID4VCI section E.1.3.4 includes a credentialSubject inside credential_definition and it points to OID4VCI section E.1.3.3 as the source for its definition.

Comments (3)

  1. Kristina Yasuda

    Hi, credentialSubject is not missing in the Credential Offer. If you look at the Credential Offer of other Credential Format Profiles, none of them pass credentialSubject parameter. this is because Credential Offer is a mere Offer from the Issuer that the Wallet may or may not accept it. credentialSubject is used by the Wallet to tell the issuer which of the claims in that the Issuer can offer for that Credential, the Wallet is actually interested in receiving (data minimization)

    Moreover, as described in section 11.2,

    The Wallet MUST consider the parameter values in the Credential Offer as not trustworthy since the origin is not authenticated and the message integrity is not protected

  4. Log in to comment
Assignee
Type
bug
Priority
minor
Status
resolved
Component
Credential Issuance
Milestone
Version
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!