Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OpenID Federation Wallet Provider metadata #14

Open
peppelinux opened this issue Aug 17, 2024 · 0 comments
Open

OpenID Federation Wallet Provider metadata #14

peppelinux opened this issue Aug 17, 2024 · 0 comments
Labels

Comments

@peppelinux
Copy link
Member

This should become an extension of the OAuth 2.0 Authorization Server, and the current draft should include the authorization endpoint or reference a new draft defining this specific Authorization Server in the form of a wallet provider.

We suppose that the wallet provider can only issues attestations of complaince to the wallet instances belonging to it.
In the brand new world that is coming with the Wallet ecosystems, there might be more complex scenario where a wallet instance attestation might be issued through a neutral attestation service.
This opportunity may arise from real-world market dynamics, extending beyond the current and temporary limitations we might perceive.

This opens several challenges, since it requires a clear guidance about the interoperability. There might be wallet providers using propertary flows with their wallet instances, at the same time there might be other situations where interoperability (and security) requires a common standard.

To simplify, I would address this point by focusing on the needs of our implementers who rely on technical specifications to implement solutions comfortably. The advantage of using OAuth 2.0 or the OpenID Frameworks is that they significantly reduce implementation costs. Our specifications should aim to meet these needs and address these questions.

We could continue this work in a dedicated draft concerning wallet authorization servers. The scope of this draft would be how to authorize a wallet performing its operations in accordance with a framework, providing proof of its compliance (token, thus wallet attestation). This could introduce several architectural points of interest for technical implementations and also for the market. This would remark the need to reduce the content in the openid federation wallet architecture by referencing other openid4vc specifications.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant