-
Notifications
You must be signed in to change notification settings - Fork 37
Description
When using inline credential offers (so using an object directly in the credentials array in an offer), the only required general property is the format. All other fields are declared by the format.
The credentials_supported from the issuer metadata however has a lot more properties that are supported by default. Most notably: cryptographic_binding_methods_supported, cryptographic_suites_supported and display.
I think this makes it very hard to use inline credential offers, as you have to guess which binding methods and cryptosuites the issuer supports.
How I'd first understood the different between referenced offers (with id) and inline is that inline offers may be used for one-off credentials, or credentials you don't want displayed in the public issuer metadata.
But there's a certain limitation to using the inline format, which I don't necessarily understand.
So my questions are:
- Is there a specific reason why the format of the
credentials_supportedand the inline credential offer format aren't aligned? Also for the formats the credentials_supported has more metadata (such ascredentialSubject,orderetc.. This seems to be useful to have with inline offers as well - Would there be any objection to aligning the properties between credentials_supported and inline offers more? Without at least the
cryptographic_binding_methods_supportedandcryptographic_suites_supportedproperties, the inline offers seem hard to use to me. But even thedisplayproperty would be nice to have in an inline offer. I can understand the display is a bit more risky, as someone could change the display properties somehow, while if you fetch it from a domain you're sure the properties are endorsed by the issuer. But if using acredential_offer_urithis is also migitated.