Here is a Dark Pattern of Verifier requests that was actually seen in the California mDL trials run lately. The Verifier will get permission (or whatever it might be called) to ask for a collection of purposes, for example a convenience store could be selling chewing gum, hard liquor and sim cards for smartphones. This is what the ecosystem allows it to ask for, along with payments. So if I buy a stick of chewing gum and decide to pay with my EUDIW, it is within the approved permissions for this store to ask intrusive questions that apply to purchasing liquor or sim cards, which are very intrusive in some countries. Peace ..tom jones On Tue, Apr 22, 2025 at 3:53 PM Joseph Heenan via Openid-specs-digital-credentials-protocols < openid-specs-digital-credentials-protocols@lists.openid.net> wrote:
Dear DCP Working Group Members,
As discussed on today’s (yesterday now for some of you!) working group call (and as per my email) we would like to start a get WG consensus that the current OpenID4VP draft is ready to start the final specification approval process.
Please respond to this email within the next 2 days, by end of Thursday 22nd April, whether you believe the current draft should proceed to the public review or not.
The OpenID4VP document to be reviewed can be found here: https://openid.net/specs/openid-4-verifiable-presentations-1_0-27.html
There is one normative PRs that we agreed during the working group meeting to work on during working group last call (just waiting for final reviews please!):
Rename authorization_encrypted_response_enc parameter https://github.com/openid/OpenID4VP/pulls
The above should resolve the point Mike Jones raised during WGLC.
There’s an ongoing attempt to understand Tom Jones’s issue raised during WGLC.
There’s also a few non-breaking improvements in PRs that may be merged before public review.
If there are other topics working group members think need to be handled before the specification moves to final please reply to this email with details.
This is very much just a step on the journey, and it is likely that comments will arrive during the 60 day review period that the working group chooses to fix before the voting period starts.
The details of the specification approval process can be found here: https://openid.net/wg/resources/approving-specifications/.
This email is about the first bullet point on this list "Obtain working group consensus to propose foundation-wide approval of the draft specification", which is often called Working Group Last Call (WGLC). The following steps are to start a 60-day Foundation-wide review, followed by the 7 day voting period (the poll itself will open 7 days before the end of the Foundation-wide review ends).
Kindest Regards, Editors & Chairs
-- Openid-specs-digital-credentials-protocols mailing list Openid-specs-digital-credentials-protocols@lists.openid.net
https://lists.openid.net/mailman/listinfo/openid-specs-digital-credentials-p...