Skip to content

Integrity of the JWK used for Credential Response encryption - Option 1 #522

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

Integrity of the JWK used for Credential Response encryption - Option 1 #522

wants to merge 3 commits into from

Conversation

@c2bo
Copy link
Member

@c2bo c2bo commented May 27, 2025
edited
Loading

Closes #507

This is the option leveraging the key proofs to also transport the encryption key (with integrity protection)

@tplooker
Copy link
Contributor

tplooker commented May 27, 2025

Have left a comment here, personally im not convinced that this approach is the right path forward #507 (comment)

@Sakurann Sakurann added this to the Final 1.0 milestone May 28, 2025
@Sakurann
Copy link
Collaborator

Sakurann commented May 29, 2025

WG discussion:

  • sign credential request as a JWT
  • current direction. need more discussion:
    • define how to obtain key to validate the signature on the credential request. two options are wallet attestation and DPoP key?
    • in HAIP, mandate DPoP?

@Sakurann
Copy link
Collaborator

Sakurann commented Jun 3, 2025

WG discussion: @c2bo to do a PR with second option, signing the entire request using the key that is sufficiently associated to the wallet.

@Sakurann Sakurann changed the title Integrity of the JWK used for Credential Response encryption Integrity of the JWK used for Credential Response encryption - Option 1 Jun 12, 2025
@jogu
Copy link
Contributor

jogu commented Jun 17, 2025

As per Kristina's comment above / on #540 , and further discussion on today's WG call - closing for now. We can revisit in the future. (And thanks to Christian for putting together these PRs so we had some clear options to discuss the pros & cons of - I think that really helped us reach a conclusion).

@jogu jogu closed this Jun 17, 2025
@jogu jogu mentioned this pull request Jun 18, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

pending close

Projects

None yet

Milestone

Final 1.0

Development

Successfully merging this pull request may close these issues.

Integrity of the JWK used for Credential Response encryption

5 participants

@c2bo @tplooker @Sakurann @jogu