Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Protocols for offline/proximity flows should be credential/proof format agnostic #299

Open
c2bo opened this issue Aug 12, 2024 · 2 comments

Comments

@c2bo
Copy link

c2bo commented Aug 12, 2024

The current iteration of the ARF (1.4) uses two different credential formats and it is likely that credential formats and especially proof types will evolve over time. There is already a lot of ongoing discussion about the support of ZKP Systems that might result in different credential or proof formats. To keep the complexity of these evolutions manageable, it is important to keep other parts of the system somewhat constant if possible.

The OpenID4VC protocols offer flows that are credential format agnostic for the online flows (issuance & presentation) and can be extended to support other credential or proof types (e.g., ZKP-based credential types like AnonCreds can already be used with OpenID4VP).
For offline/proximity cases, the protocol used in the ARF is currently directly bound to one credential format (mDL/mDoc). To ensure that the system is able to evolve over time, it would be highly beneficial to somehow generalize this. That way it could more easily be used/adapted for other credential or proof formats.

@c2bo
Copy link
Author

c2bo commented Aug 15, 2024

An easy first step could be to design a protocol or a small extension to the proximity flow in 18013-5 and demonstrate that it would also work presenting a second format other than mDoc (e.g., sd-jwt-vc).

@digeorgi
Copy link
Contributor

Thank you for your suggestion, which advises towards the adaptation of the ISO/IEC 18013-5 in that direction.
No foreseen change to ARF is identified. A change or improvement request could be considered to "ISO/IEC JTC 1, Information technology, SC 17 Cards and security devices for personal identification" to extend the protocol.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants