Jacob
Jacob
Yes, just checked. This works now by depending on 0.3.1. Do we want to yank 0.3.0?
@awoie Just want to point out that the text in the current 23220-3 draft says base64 encoded, whereas here we are saying base64url. I'm a bit out of the loop,...
+1. This feature leads to terrible UX where users must understand all of the claims in their credentials AND every context where those claims could be presented to make an...
> Just because there is a feature in the spec that allows a confusing UX doesn't mean that wallets have to implement a confusing UX. I think that is a...
@jogu > the wallet obtaining data it doesn't need is sufficient to be a breach of the law Maybe I have a different definition of wallet. In my understanding, a...
> That is not sufficient to prevent wallets receiving claims they don't want. Maybe it helps to talk about concrete examples of claims wallets might not want to hold or...
+1 to this. I would also request that the restriction for the `client_id` to match the `redirect_uri` (or `response_uri` in the case of the `direct_post` response modes) is included here.