- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Sun, 27 Mar 2022 17:38:15 -0400
- To: public-credentials@w3.org
On 3/25/22 3:08 PM, Kristina Yasuda wrote: > Putting on a hat of a chair of a SIOP Special Calls in OpenID Foundation > Connect WG, if you have issues, concerns, comments regarding OpenID > Connect for SSI specification family (SIOP v2, OIDC4VP, OIDC4VCI), please > join the Connect mailing list or the calls. We would welcome you there. Thank you, Kristina -- I think this is the first time... ever... that we've had a chair from the OpenID Community extend a welcome for us to participate. I will say that I've had some fairly negative experiences from certain members in the OpenID community, but also know some that are genuinely nice and welcoming people. That's not to say that there haven't been folks in CCG that participate in OpenID, but there has never seemed to be much interest in what we're doing here (until very recently). I wanted to take a second to appreciate the gesture. > For example, we could explore using CHAPI as one of the options for > SIOP(wallet) selection/invocation in SIOPv2 and OIDC4VP, since CHAPI itself > does not seem to be defining request/response syntax. Though if CHAPI works > only with browser wallets and same-device, it would not be able to be used > with other scenarios of SIOP/OIDC4VP: native apps, cross-device (where user > uses a phone to scan a request on another device). You can find the > information on joining here: https://openid.net/wg/connect/ CHAPI works for same device invocation of web wallets and native wallets... and could be generalized to work for OIDC IdPs (again, same device, web or native). CHAPI does not cover cross-device invocation, but Verifiable Presentation Request does (and can support OIDC-style URLs). > Some of the points discussed in this thread openly criticize specifications > being worked on outside the CCG. You won't influence those specifications > here. Nor will you be able to get responses from the subject-matter experts > not participating in W3C CCG. Understood, and remember that there is history here (multiple failed initiatives to try and communicate concerns related to OpenID). Luckily, people like Tobias, Oliver, and Dmitri are quite involved in this community as well as OpenID work... that's what I'm personally counting on to bridge this divide. Also, please understand that many of us are overworked and have almost no spare cycles to join other groups and have conversations at this level of depth. We're all putting in time where we feel we can have the most impact. At some level, those of us that are working on CHAPI can't be expected to get it working for VPR, and DIDCommv2, and OIDC without some help from those communities. We need the OpenID community to carry some water here if there is truly interest in CHAPI. That said, the first step you proposed sounds like a good one -- a discussion around if CHAPI can be an option for SIOP wallet selection. We'll see if this community wants to wrap that into the CHAPI presentation in this community or we want to split that presentation into two things across both communities. My suggestion is that we wait until this thread settles down before scheduling any of that. -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. News: Digital Bazaar Announces New Case Studies (2021) https://www.digitalbazaar.com/
Received on Sunday, 27 March 2022 21:38:32 UTC