From aa50d3669504664ca3e18dd8b366f7fdc23bbc9d Mon Sep 17 00:00:00 2001
From: David Zeuthen <zeuthen@google.com>
Date: Mon, 17 Mar 2025 18:28:51 -0400
Subject: [PATCH] Clarify credential response for ISO mdoc.

This change removes the reference to AuthorizedNamespaces of the
MobileSecurityObject since this doesn't apply to issuer-signed data.

Fixes Issue #462.

Signed-off-by: David Zeuthen <zeuthen@google.com>
---
 openid-4-verifiable-credential-issuance-1_0.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openid-4-verifiable-credential-issuance-1_0.md b/openid-4-verifiable-credential-issuance-1_0.md
index 44469599..2ed3d4ab 100644
--- a/openid-4-verifiable-credential-issuance-1_0.md
+++ b/openid-4-verifiable-credential-issuance-1_0.md
@@ -2224,7 +2224,7 @@ The following is a non-normative example of an authorization details object with
 
 ### Credential Response
 
-The value of the `credential` claim in the Credential Response MUST be a string that is the base64url-encoded representation of the CBOR-encoded `IssuerSigned` structure, as defined in [@!ISO.18013-5]. This structure SHOULD contain all `Namespaces` and `IssuerSignedItems` that are included in the `AuthorizedNamespaces` of the `MobileSecurityObject`.
+The value of the `credential` claim in the Credential Response MUST be a string that is the base64url-encoded representation of the CBOR-encoded `IssuerSigned` structure, as defined in [@!ISO.18013-5].
 
 The following is a non-normative example of a Credential Response containing a Credential of format `mso_mdoc`.