Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not require kid in JARM response encrypted JWT #48

Closed
TimoGlastra opened this issue Mar 3, 2025 · 1 comment · Fixed by #54
Closed

Do not require kid in JARM response encrypted JWT #48

TimoGlastra opened this issue Mar 3, 2025 · 1 comment · Fixed by #54

Comments

@TimoGlastra
Copy link
Contributor

This was required in 18013-7, but not in HAIP / OID4VP encryption profile. This makes associating the encrypted response to the request harder. It seems a comment pattern is to create an unique response uri for every request so that you always have the associated request.

This won't work for x509_san_uri, but this will probably be removed from the specification.

See issue openid/OpenID4VP#441

This is causing issues with the Multipaz wallet from Identity Credential
@TimoGlastra
Copy link
Contributor Author

I think we should at least allow providing the authorization request beforehand to the library, and we can remove the callback to the the openid4vp request. You need to know the request associate with the response beforehand.

@TimoGlastra TimoGlastra mentioned this issue Mar 15, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: cleanup and fixes openwallet-foundation-labs/oid4vc-ts
1 participant
@TimoGlastra