1. OpenID Foundation Avatar OpenID Foundation
  2. WGs
  3. connect
  4. Issues

OpenID4VCI: The initial c_nonce is not issued by the credential issuer

Issue #1827 resolved
Takahiko Kawasaki created an issue

From Section 7.2. Credential Request of the draft 11 of “OpenID for Verifiable Credential Issuance”:

The proof element MUST incorporate a c_nonce value generated by the Credential Issuer and the Credential Issuer Identifier (audience) to allow the Credential Issuer to detect replay.

However, the initial c_nonce is issued from the token endpoint of the authorization server, not from the credential endpoint of the credential issuer. That is, the first credential request cannot incorporate a c_nonce generated by the credential issuer.

Comments (9)

  1. Torsten Lodderstedt

    I guess we missed that text when moving towards the split model between AS and Credential Issuer. We should adopt the text to mention the AS as source of the c_nonce as well. In a decoupled model, the AS could share the initial c_nonce with the credential issuer through the access token.

  2. Brian Campbell

    Alternatively maybe the remove c_nonce from AS entirely. It seems to add a lot of complexity. And what value does it add? AFAICT it only optimizes reducing one direct request/response cycle at the credential issuer to get the nonce value.

  3. Kristina Yasuda

    the first credential request cannot incorporate a c_nonce generated by the credential issuer.

    This is intentional.

    what we agreed to do (at least in my understanding, and what I believe should be the way forward) was to 1/remove c_nonce from AS and 2/return c_nonce in the credential error response when it is needed.

  4. Kristina Yasuda

    suggest do a clarification PR that there are two options to provide c_nonce (AS / Issuer).

    wait for the implementation feedback which option is preferred.

  5. Kristina Yasuda

    PR #465.

    Suggest we require returning c_nonce from the Token Endpoint when the Credential Issuer supports Batch Credential Endpoint and requires proof. What I noticed when doing a PR is that without such measure, wallet will never get a credential because Batch Credential Error Response is fail all or pass all - so if wallet that did not receive c_nonce from the Token Endpoint sends a Batch Credential Request without proof/c_nonce, it cannot get initial c_nonce.

  7. Brian Campbell

    I would kinda expect the credential issuing endpoints to be consistent and have the same mechanism for supplying a c_nonce rather than conditionalize requirements on the AS based on the issuance endpoints of the Credential Issuer.

  8. Kristina Yasuda

    yes, I updated the text in PR #465 introducing a mechanism how to return c_nonce in the error response of the batch credential endpoint. please review

  10. Log in to comment
Assignee
Type
bug
Priority
major
Status
resolved
Component
Credential Issuance
Milestone
Version
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!