-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix c_nonce language; may fix #331 #365
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
small nits here and there but overall looks good.
@@ -1070,9 +1070,11 @@ Cache-Control: no-store | |||
|
|||
### Credential Issuer Provided Nonce {#issuer-provided-nonce} | |||
|
|||
The Credential Issuer that requires the Client to send a key proof of possession of the key material for the Credential to be bound to (`proof`) MAY receive a Credential Request without such a key proof or with an invalid key proof. In such a case, the Credential Issuer MUST provide the Client with a `c_nonce` defined in (#credential-response) in a Credential Error Response using `invalid_proof` error code defined in (#credential-error-response). | |||
The Credential Issuer that requires the Client to send a key proof of possession of the key material for the Credential to be bound to (`proof` or `proofs`) MAY receive a Credential Request or Batch Credential Request without a or with an invalid server-provided `c_nonce` value included in the `proof` or `proofs` parameter. In such a case, the Credential Issuer MAY provide the Client with a `c_nonce` defined in (#credential-response) in a Credential Error Response or Batch Credential Error Response using `invalid_proof` error code defined in (#credential-error-response). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The Credential Issuer that requires the Client to send a key proof of possession of the key material for the Credential to be bound to (`proof` or `proofs`) MAY receive a Credential Request or Batch Credential Request without a or with an invalid server-provided `c_nonce` value included in the `proof` or `proofs` parameter. In such a case, the Credential Issuer MAY provide the Client with a `c_nonce` defined in (#credential-response) in a Credential Error Response or Batch Credential Error Response using `invalid_proof` error code defined in (#credential-error-response). | |
The Credential Issuer MAY accept a Credential Request or Batch Credential Request that lacks a valid `c_nonce` value in the `proof` or `proofs` parameter. In such cases, the Credential Issuer MAY respond with a Credential Error Response or Batch Credential Error Response, providing a `c_nonce` as specified in (#credential-response) and using the `invalid_proof` error code as defined in (#credential-error-response). |
TODO: remove the bach endpoint ref when the related PR will be merged!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This does not sound right to me. If the credential issuer accepts the proof(s) without a nonce, it is a bit misleading to say that under this condition, the issuer may provide a c_nonce.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have just reworded what I understood from your text trying to simplify the reading.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why is Batch still in here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
needs to be removed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@peppelinux i updated the text to make it more readable. please also check @Sakurann
Co-authored-by: Kristina <[email protected]>
Co-authored-by: Nemanja Patrnogic <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some trivial suggestions but basically looks good to me, thanks Oliver!
Co-authored-by: Joseph Heenan <[email protected]>
Co-authored-by: Joseph Heenan <[email protected]>
Co-authored-by: Joseph Heenan <[email protected]>
Co-authored-by: Christian Bormann <[email protected]>
May fix #331.
out of scope of this PR: