OpenID4VP aud parameter in the request object
Issue #1961
resolved
In https://openid.bitbucket.io/connect/openid-4-verifiable-presentations-1_0.html#name-aud-of-a-request-object we read that aud
is mandatory
I don’t see any requirement to mandate the use of this parameter since the VP should not know the wallet instance unique identifier and since having `https://self-issued.me/v2` or a duplication of the iss
value doesn’t give any benefit to the solution
Comments (3)
-
-
reporter Thank you Kris
-
reporter - changed status to resolved
- Log in to comment
the section says
When the Verifier is sending a Request Object as defined in [RFC9101],
and RFC9101 does not mandateaud
claim, soaud
is not mandatory.this is the issue that led to a PR that added the section you are referring to: openid / connect / issues / #1602 - [has-PR] Signed request - what is the audience? — Bitbucket