OpenID for Verifiable Credential IssuanceのImplementers Draftに向けた準備

こんにちは、富士榮です。

OpenID for Verifiable Credential IssuanceもImplementer’s Draftに向けたPublic Review期間に入りました、ということを以前のポストで少しだけ触れましたが、更新履歴を見ていきたいと思います。

こちらがOpenID Foundationからの公式アナウンスです。

https://openid.net/review-of-proposed-implementers-draft-of-openid-for-verifiable-credential-issuance/

これを見ると、以下のスケジュールで進むようです。

• 2/8-3/24 Public Review期間
• 3/11 投票のアナウンス
• 3/18 早期投票開始
• 3/25-4/1 公式投票期間

問題なく進めば4月には正式にImplementer’s Draft 1が出そうですね。

Implementers Draft 1に向けて仕様がどのように更新されたのかを見るにはDocument History（Appendix F）を見るのが一番なのでこちらを見ていきましょう。

https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-13.html#appendix-F

余談ですが、仕様を読む時、Appendixに結構有用な情報（議論されてきた経緯やサンプルなど）があるので是非Appendixも読むと良いと思います。

で、こちらがDocument Historyのうち、今回の更新分です。

さすが、結構多いです。（マーカーを引いた部分が個人的には結構重要な変更だと思うので既存の実装を持っている人は気をつけないと行けなさそうです。主にパラメータ名の変更などです）

• change the structure of proof_types from an array to a proof_types_supported map that contains a required proof_signing_alg_values_supported parameter
• renamed cryptographic_suites_supported to credential_signing_alg_values_supported to clarify the purpose of the parameter
• renamed credential_configurations Credential Offer parameter to credential_configuration_ids
• remove format from the Credential Response
• added signed_metadata parameter
• clarified that logo can is a uri and not a url only
• moved the annex with Credential format profiles to the top of all annexes
• added a Notification Endpoint used by the Wallet to notify the Credential Issuer of certain events for issued Credentials
• completed IANA registrations section
• clarified description of a mandatory claim
• made sure to use gender-neutral language throughout the specification
• added an option in authorization_details to use credential_configuration_id pointing to the name of a credential_configurations_supported object in the Credential Issuer's Metadata; in addition to an option to use format and type.
• renamed credentials Credential Offer parameter to credential_configuration_ids
• renamed credentials_supported Credential Issuer metadata parameter to credential_configurations_supported
• grouped credential_encryption_jwk, credential_response_encryption_alg and credential_response_encryption_enc from Credential Request into a single credential_response_encryption object
• replaced user_pin_required in Credential Offer with a tx_code object that also now contains description and length
• reworked flow description in Overview section
• removed Credential Offer examples from Credential format profiles
• added support for HTTP Accept-Language Header in the request for Credential Issuer Metadata to request a subset for display data
• clarified how the Credential Issuer indicates that it requires proof of possession of the cryptographic key material in the Credential Request
• added an option to use data integrity proofs as proof of possession of the cryptographic key material in the Credential Request
• added privacy considerations
• clarifed that AS that only supports pre-auth grant can omit response_types_supported metadata
• added background_image credential issuer metadata
• editorial clean-up (fix capitalization, etc.)

そろそろちゃんと実装初めていっても良さそうな時期にきましたね。