- changed status to new
direct_post.jwt vs require_authorization_encrypted_response
Issue #2058
wontfix
Hi.
Would it make sense to move the value, that defines whether the response must be encrypted or not, in the configuration?
e.g., direct_post.jwt enables response encryption. All the encryption-related metadata is in the configuration, but whether or not the encryption is required.
Follow-up question is: would it make sense to also have a possibility to just encrypt the vp_token? (same JWE encryption approach as for the response)
Comments (2)
-
-
- changed status to wontfix
We discussed this on the 21-Sep-23 working group call. Closing, since this issue is not in the correct repository.
- Log in to comment
- Assignee
- –
- Type
- Priority
- Status
- wontfix
- Component
- Verifiable Presentation
- Milestone
- –
- Version
- –
- Votes
- 0
- Watchers
- 1
Please file this issue at https://github.com/openid/OpenID4VP/issues. We are no longer working on OpenID4VC issues in Bitbucket.