Re: AW: The German Government slams JSON-LD from Jori Lehtinen on 2026-02-27 (public-credentials@w3.org from February 2026)

From: Jori Lehtinen <lehtinenjori03@gmail.com>
Date: Fri, 27 Feb 2026 20:11:53 +0200
To: Steffen Schwalm <Steffen.Schwalm@msg.group>
Cc: Anders Rundgren <anders.rundgren.net@gmail.com>, Lluís Alfons Ariño Martín <lluisalfons.arino@urv.cat>, "carsten.stoecker@spherity.com" <carsten.stoecker@spherity.com>, Melvin Carvalho <melvincarvalho@gmail.com>, W3C Credentials CG <public-credentials@w3.org>
Message-ID: <CAA6zkAtZ7S-N=9h0unHd=JmXBNuVgP3wvTYc=vi+PZ4kqsfRNg@mail.gmail.com>

I'm not critizing anything, I'm just having a hard time understanding what
you are saying,

Maybe IA means implementing act

And looking closer maybe WRAC means

(14)

‘wallet-relying party access certificate’ means a certificate for
electronic seals or signatures authenticating and validating the
wallet-relying party issued by a provider of wallet-relying party access
certificates;

where WRPAC would be more accurate abbrevation, I'm just trying to
understand you Steffen... Because I want to understand the EUDI / eIDAS
framework...


But basically are you saying that Relying party access certificates are not
required for Signatures and Payments in light of the Implementing Acts?

If yes what does that mean in practice?



pe 27.2.2026 klo 19.50 Steffen Schwalm (Steffen.Schwalm@msg.group)
kirjoitti:

>
>    1. I gave you relevant IA on PID
>    2. on WRAC see
>    https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ:L_202500848
>
>
> Recommend to have look in IA first before we criticize
>
> Gesendet von Outlook für Android <https://aka.ms/AAb9ysg>
> ------------------------------
> *From:* Anders Rundgren <anders.rundgren.net@gmail.com>
> *Sent:* Friday, February 27, 2026 6:41:27 PM
> *To:* Steffen Schwalm <Steffen.Schwalm@msg.group>; Lluís Alfons Ariño
> Martín <lluisalfons.arino@urv.cat>; carsten.stoecker@spherity.com <
> carsten.stoecker@spherity.com>; 'Melvin Carvalho' <
> melvincarvalho@gmail.com>
> *Cc:* 'W3C Credentials CG' <public-credentials@w3.org>
> *Subject:* Re: AW: The German Government slams JSON-LD
>
> Caution: This email originated from outside of the organization. Despite
> an upstream security check of attachments and links by Microsoft Defender
> for Office, a residual risk always remains. Only open attachments and links
> from known and trusted senders.
>
> On 2026-02-27 16:50, Steffen Schwalm wrote:
> > Hi Anders,
> >
> > What`s a PID is technically and legally clearly defined in Art. 5a and:
> https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ%3AL_202402979&qid=1733300667869
> <
> https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ%3AL_202402979&qid=1733300667869
> >
> He Steffen,
>
> I did not find anything.  I believe this is OK since there is no consensus
> on just about anything with respect to identity.  In Sweden you cannot do
> anything without a "personnummer" while in France, this is considered
> against the constitution.
> https://en.wikipedia.org/wiki/National_identification_number
> Usage in Sweden:
> https://cyberphone.github.io/doc/research/citizen-register.pdf
> >
> > - Services typically only speak local languages.
> >
> >   *
> >     W3CVCDM allows multi language
>
> In
> https://github.com/eu-digital-identity-wallet/eudi-doc-standards-and-technical-specifications/blob/main/docs/technical-specifications/ts12-electronic-payments-SCA-implementation-with-wallet.md#23-sca-attestation-metadata
> I found this little gem:
>
>              "schema": "urn:eudi:sca:payment:1",
>              "claims": [
>                  {
>                      "path": [ "payload", "transaction_id"],
>                      "visualisation": 4,
>                      "display": [
>                          {
>                              "lang": "de-DE",
>                              "label": "Transaktionsnummer",
>                              "description": "Eindeutige Nummer der
> Transaktion"
>                          },
>                          {
>                              "lang": "en-GB",
>                              "label": "Transaction ID",
>                              "description": "Unique identifier of the
> transaction"
>                          }
>                      ]
>                  }
>
> This is not how the industry at large deals with multiple languages and
> localization.  For the "SCA Rulebook" they are [still] waiting for the
> "industry" to fill in the blanks...
>
> As a Technologist, European (SE/FR), Consumer, and Tax-payer, I feel a bit
> concerned.
>
> I also wonder where NFC is.  QR is beginning to get on my nerves with tons
> of different apps op the phone.   There simply MUST be a better way!
>
> Regards,
> Anders
>
> >   *
> >     WRAC covers this
> >
> >
> >   *
> >     Payment --> Where exactly should be issue (if RP requests data
> before payment it`s not issue and for SCA the WRAC is IMHO not used)
> >
> >
> > Best
> > Steffen
> >
> >
>

Received on Friday, 27 February 2026 18:12:11 UTC