Differences between spec and examples in OIDVCI
Issue #1875
resolved
There are a couple of differences between the spec and the examples provided by the spec. it’s good if you can clarify these properties. here are some examples of such inconsistencies:
-
In https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-11.html#section-10.2.3.1, in the properties list there’s no mention of
typesbut in the exampletypesis present. this is particularly important because in the deeplink we see the types value:openid-credential-offer://credential_offer=%7B%22credential_issuer%22:%22https://credential-issuer.example.com %22,%22credentials%22:%5B%7B%22format%22:%22jwt_vc_json%22,%22types%22:%5B%22VerifiableCr edential%22,%22UniversityDegreeCredential%22%5D%7D%5D,%22issuer_state%22:%22eyJhbGciOiJSU0Et... FYUaBy%22%7D
2. In https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-11.html#section-10.2.3.1, we don’t see credentialSubject key, but in the provided example there is one present.
3. In https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-11.html#name-credential-offer-parameters credential offer has this property chain (leading to issuer_state): $.grants.authorization_code.issuer_state but in the deeplink we see the following object:
{"credential_issuer":"https://credential-issuer.example.com","credentials":[{"format":"jwt_vc_json","types":["VerifiableCredential","UniversityDegreeCredential"]}],"issuer_state":"eyJhbGciOiJSU0Et...FYUaBy"}
which has the following property chain: $.issuer_state
Thanks in advance for your help!
Comments (8)
-
-
- changed status to open
Discussed on 20-Mar-23 working group call.
-
the spec is written as such that the main spec text defines parameters that are to be used regardless of the credential format used. the Annex E defines parameters that are to be used depending on which credential format is used.
because the examples in the main text are examples of a specific credential format, they already use parameters that are defined later in Annex E.
We’ve previously tried clarify this, but if it is still not clear, happy to give it another try and do a PR to make this more explicit :)
-
reporter
That’s great. I do have several other questions though:
In https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-11.html#name-credential-offer-5 we have this sentence:
The following additional claims are defined for this Credential format.
But in the example we don’t have the required parameters defined in section https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-11.html#name-credential-offer-parameters (
credentialsproperty which should have aformatproperty). and instead we havecredential_definition. what is the relation betweenCredentialOfferin the main text, and the same object in Annex E?And one more question about
credential_definitionobject. in the E.1.3.4 for the type it’s referencing E.1.3.3 for the actual definition of the type. but in the example of E.1.3.4, I seeCredentialSubjectproperty which is not mentioned in the E.1.3.3. should we consider it for the previous section as well?Thanks in advance
-
Hi! I believe the first question has been addressed in the latest -13 draft (https://openid.bitbucket.io/connect/openid-4-verifiable-credential-issuance-1_0.html#appendix-E.1.2.3). In short, claims defined in Annex E are used in addition to the claims defined in the main Credential Offer section.
for the second question, please see Issue
#1818. I added some test in this PR to clarify because the same question has been asked twice… -
I also added the text in the same PR (this commit) to clarify your first question too.
-
reporter
thanks. that is clarified now.
-
- changed status to resolved
PR merged
- Log in to comment
- Assignee
- –
- Type
- Priority
- Status
- resolved
- Component
- Credential Issuance
- Milestone
- –
- Version
- –
- Votes
- 0
- Watchers
- 1
Apparently there's confusion between general parameters and parameters specific to particular credential formats. We can try to clarify this.