Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: c_nonce is recommended and AS takes care #323

Closed
wants to merge 8 commits into from
Closed

chore: c_nonce is recommended and AS takes care #323

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
3c4d68a
chore: c_nonce is recommended and AS takes care
peppelinux May 17, 2024
b0edc1b
chore: c_nonce is recommended and AS takes care
peppelinux May 17, 2024
764ccb5
Merge branch 'nonceandreplay' of https://github.com/openid/OpenID4VCI…
peppelinux May 23, 2024
7ee113b
clean up
peppelinux May 23, 2024
59ea0be
Joseph review about multiple and subsequent credential issuance
peppelinux May 23, 2024
5415559
fix: Joseph review about multiple and subsequent credential issuance
peppelinux May 24, 2024
f9ab3e9
clean up
peppelinux May 24, 2024
33ce077
clean up
peppelinux May 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion openid-4-verifiable-credential-issuance-1_0.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -630,7 +630,7 @@ The Authorization Server might decide to authorize issuance of multiple instance

In addition to the response parameters defined in [@!RFC6749], the Authorization Server MAY return the following parameters:

* `c_nonce`: OPTIONAL. String containing a nonce to be used when creating a proof of possession of the key proof (see (#credential-request)). When received, the Wallet MUST use this nonce value for its subsequent requests until the Credential Issuer provides a fresh nonce.
* `c_nonce`: OPTIONAL. String containing a nonce to be used when creating a proof of possession of the key proof (see (#credential-request)). While this parameter is optional for traditional Authorization Server implementations according to [RFC6749], it is recommended as a measure to prevent replay attacks. When received, the Wallet MUST use this nonce value for its subsequent requests until the Credential Issuer provides a fresh nonce.
* `c_nonce_expires_in`: OPTIONAL. Number denoting the lifetime in seconds of the `c_nonce`.
* `authorization_details`: REQUIRED when `authorization_details` parameter is used to request issuance of a certain Credential type as defined in (#authorization-details). It MUST NOT be used otherwise. It is an array of objects, as defined in Section 7 of [@!RFC9396]. In addition to the parameters defined in (#authorization-details), this specification defines the following parameter to be used with the authorization details type `openid_credential` in the Token Response:
* `credential_identifiers`: OPTIONAL. Array of strings, each uniquely identifying a Credential that can be issued using the Access Token returned in this response. Each of these Credentials corresponds to the same entry in the `credential_configurations_supported` Credential Issuer metadata but can contain different claim values or a different subset of claims within the claims set identified by that Credential type. This parameter can be used to simplify the Credential Request, as defined in (#credential-request), where the `credential_identifier` parameter replaces the `format` parameter and any other Credential format-specific parameters in the Credential Request. When received, the Wallet MUST use these values together with an Access Token in subsequent Credential Requests.
Expand Down
Loading