Deferred Credential Error represents non-error cases

[decentralgabe]

The Deferred Credential Error Response is used for two primary cases: issuance_pending and invalid_transaction_id. Functionally, there is a distinction between:

1. A valid request where the issuance is not yet completed (issuance_pending)
2. An invalid request where the server cannot response (invalid_transaction_id)

The text points to section 7.3.1.2. which states:

HTTP response MUST use the HTTP status code 400 (Bad Request)

This is not an ideal practice, since in the case of (1) above (a valid request) we are requiring a 400 which signifies a Bad Request.

Instead it would be preferable to send a 200 with a response stating issuance_pending.

[nklomp]

See also #167 for more issues with the deferred endpoint, including more or less this issue, but with a different suggestion altogether

[Sakurann]

wg discussion:

• if it is pending, it is a successful deferred credential response with 202
• if it is invalid transaction id, it is an deferred error response, use 4xx error code
• remove defined in Section 3.1 of [[RFC6750](https://openid.github.io/OpenID4VCI/openid-4-verifiable-credential-issuance-wg-draft.html#RFC6750)] in https://openid.github.io/OpenID4VCI/openid-4-verifiable-credential-issuance-wg-draft.html#section-8.3.1.2-1