- From: Oliver Terbu <o.terbu@gmail.com>
- Date: Fri, 25 Mar 2022 11:42:30 +0100
- To: Manu Sporny <msporny@digitalbazaar.com>
- Cc: Credentials Community Group <public-credentials@w3.org>
- Message-ID: <CAJdc_Gm-mJgXLDNOaQv598LezNzLG0Z0g1iVmOAW12Pv6n7O3w@mail.gmail.com>
@Manu: SIOPv2 does allow mediation but doesn't define mediation. I also think you cannot compare CHAPI with SIOP. CHAPI is a mediator with high-level APIs without defining request/response objects whereas SIOPv2 is a protocol with defined request/response objects. That is also why I mentioned one could potentially use CHAPI to get a list of SIOPv2 OP configs (where the `authorization_endpoint` of the particular wallet is configured). On Fri, 25 Mar 2022 at 02:09, Manu Sporny <msporny@digitalbazaar.com> wrote: > On 3/20/22 3:51 AM, Nikos Fotiou wrote: > > Related to that, EBSI’s “Verifiable Exchange Scenarios” are a useful > > guideline > > > > https://ec.europa.eu/digital-building-blocks/wikis/display/EBSIDOC/EBSI+Verifiable+Presentation+Exchange+Guidelines#EBSIVerifiablePresentationExchangeGuidelines-VerifiablePresentationExchangeScenarios > > Similar to what Tobias said, I cannot see how CHAPI can be used in use > > cases B and C. > > Thank you, Nikos, that is helpful! > > CHAPI is not designed for B and C (and never was) -- the point of > contention > is Case A: Same-device flow. > > CHAPI can solve for that use case for a high percentage of the market while > not falling into the NASCAR, scheme, app URL traps that Dmitri has > outlined. > > How does OIDC/SIOP solve for that use case? That is -- where's the mediator > for SIOP? > > -- manu > > -- > Manu Sporny - https://www.linkedin.com/in/manusporny/ > Founder/CEO - Digital Bazaar, Inc. > News: Digital Bazaar Announces New Case Studies (2021) > https://www.digitalbazaar.com/ > > >
Received on Friday, 25 March 2022 10:43:54 UTC