Merge pull request #135 from TalaoDAO/up_12nov

up dev/ issuer/ verif config

docs/wallet/developer-mode.md

@@ -1,6 +1,6 @@
 # Developer Mode
 
-Updated the 30th of October 2024.
+Updated the 11st of November 2024.
 
 The developer mode allow any technical users to get internal information about the wallet data and logic. It modifies the display of verifiable credentials and it includes breakpoint in the code flow for debugging purposes.
 
@@ -32,7 +32,7 @@ After scanning an OIDC4VC QR code a popup proposes to users to:
 * download this information as a text file,
 * skip to bypass.
 
-Within the OIDC4VCI flow, the wallet proposes to display or download the data received from:
+Within the OIDC4VCI flow, the wallet proposes to display or download the data sent and received from:
 
 - the token endpoint,
 - the credential endpoint.
@@ -47,6 +47,10 @@ After scanning an OIDC4VP or SIOPV2 QR code a popup proposes to users to:
 * download this information as a text file,
 * skip to bypass.
 
+Within the OIDC4VP flow, the wallet proposes to display or download the data sent to:
+
+- the respone_uri endpoint.
+
 ## Display of errors details
 
 In case of an error response from issuers or verifiers, users have an access to the `error_description` data returned.

docs/wallet/issuer_configuration.md

@@ -1,6 +1,6 @@
 # Issuer configuration
 
-Updated the 31th of October 2024.
+Updated the 11st of November 2024.
 
 The wallets support most of the VC options of the OIDC4VCI standard for issuer configuration.
 
@@ -22,6 +22,8 @@ Specifications of the different Drafts are available here:
 
 Wallets support:
 
+* VC format ldp_vc, jwt_vc, jwt_vc_json, jwt_vc_json-ld, vc+sd-jwt,
+* VCDM 1.1,
 * credential offer by value and by reference,
 * pre authorized code (by default), authorized code flow, push authorization request, PKCE,
 * [Attestation based client authentication](https://datatracker.ietf.org/doc/draft-ietf-oauth-attestation-based-client-auth/),
@@ -35,14 +37,63 @@ Wallets support:
 * proof of possession header with `kid` or `jwk`,
 * deferred endpoint,
 * key identifiers as jwk thumbprint of DID,
-* keys as EdDSA, P-256, seckp256k1.
+* keys as EdDSA, P-256, seckp256k1,
 
 Wallets do not support:
 
 * notification endpoint,
 * batch endpoint of Draft 13,
 * DPoP for code and token,
-* encrypted credentials.
+* encrypted credentials,
+* VCDM 2.0.
+
+## Limitations due to VC formats
+
+### JSON-LD VC
+
+Wallets do not support remonte @context loading. Use embedded definition of json-ld attributes in the `@contex`t array.
+
+Example:
+
+```json
+{
+    "@context": ["https://www.w3.org/2018/credentials/v1",
+        {
+            "EmailPass" : {
+                "@id": "https://github.com/TalaoDAO/context#emailpass",
+                "@context": {
+                    "@version": 1.1,
+                    "@protected": true,
+                    "schema" : "https://schema.org/",
+                    "id": "@id",
+                    "type": "@type",
+                    "email": "schema:email"
+                }
+            }
+        }
+    ],
+    "id": "urn:uuid:123",
+    "type": [
+        "VerifiableCredential",
+        "EmailPass"
+    ],
+    "issuer": "did:web:talao.co",
+    "issuanceDate": "2024-03-27T15:42:10Z",
+    "credentialSubject" : {
+        "id": "did:key:zDnaeY6i6uVda46Vm8whCFQJPzTYBeZnkHvPCaBLfZoVYwqEP",
+        "type" : "EmailPass",
+        "email" : "[email protected]"
+    },
+    "proof": {
+        "type": "Ed25519Signature2018",
+        "proofPurpose": "assertionMethod",
+        "verificationMethod": "did:key:z6MkftN6LL5DRTG8u5LjhQuwUconSp3wremHoMjcH1LP7Hxd#z6MkftN6LL5DRTG8u5LjhQuwUconSp3wremHoMjcH1LP7Hxd",
+        "created": "2024-03-27T14:42:10.447Z",
+        "jws": "eyJhbGciOiJFZERTQSIsImNyaXQiOlsiYjY0Il0sImI2NCI6ZmFsc2V9..uEc2nusfEihJKUY6Owulwrm0tQccazRt3mDI_5RKXWSFc9ZYOoTJ5hAUI7BZE1vH9S62J8NBIXEkIkz4kcMdCw"
+    },
+}
+
+```
 
 ## Invocation schemes for issuance
 
@@ -63,12 +114,9 @@ For security reasons Talao wallets use Universal Links and App Links to redirect
 
 Dynamic Credential Request is an option to operate a VP presentation for user authentication inside an authorization code flow.
 
-The differences between this process and the use of a VP authentication step (OIDC4VP) followed by the issuance of a VC by pre authorized code flow (OIDC4VCI) are multiple:
-
-- the VP(s) requested from the user depend on the VC requested by the user,
-- the integration and the UX are simpler.
+The main difference between this process and the use of a VP authentication step (OIDC4VP) followed by the issuance of a VC by pre authorized code flow (OIDC4VCI) is that the VP(s) requested by the verifier for user authentication maybe adapted dynamically to the user identity and the VC requested,
 
-In order to manage that combination wallet must provide its own authorization endpoint to the issuer. Our wallets support the "EBSI V3.x implementation" way with a `client_metadata` argument when Draft is below or equal to 11 and the `wallet_issuer` attribute for more recent Draft, both added to the authorization request and push authorization request.
+In order to manage that combination wallet must provide its own authorization endpoint to the issuer. Our wallets support the `client_metadata` attribute when OIDC4VCI Draft is below or equal to 11 and the `wallet_issuer` attribute for more recent Draft, both added to the authorization request and push authorization request.
 
 Example of client_metadata:
 
@@ -391,7 +439,7 @@ Use the developer mode to display the VC decoded inside the wallet or download i
 
 ```
 
-## Issuance flow example
+## Full issuance flow example
 
 This example is based on the flow of [this issuer](https://talao.co/sandbox/issuer/test_2).
 

docs/wallet/verifier-configuration.md

@@ -1,14 +1,14 @@
 # Verifier configuration
 
-Updated the 28th of October 2024.
+Updated the 11st of November 2024.
 
 ## OIDC4VP Specifications Drafts
 
 Wallets support both OIDC4VP and SIOPV2 specifications.
 
 * [OIDC4VP Draft 18](https://openid.net/specs/openid-4-verifiable-presentations-1_0-18.html) supported
 * [OIDC4VP Draft 20](https://openid.net/specs/openid-4-verifiable-presentations-1_0-20.html) supported
-* [OIDC4VP Draft 21](https://openid.net/specs/openid-4-verifiable-presentations-1_0.html) coming soon
+* [OIDC4VP Draft 22](https://openid.net/specs/openid-4-verifiable-presentations-1_0.html) coming soon
 * [SIOPV2 Draft 13](https://openid.net/specs/openid-connect-self-issued-v2-1_0.html) supported
 
 ## OIDC4VP and SIOPV2 features
@@ -293,7 +293,7 @@ Integration of the example provided by waltid documentation must be updated by:
 }
 ```
 
-## Verifier flow example
+## Full verifier flow example
 
 This example is based on the flow of [this verifier](https://talao.co/sandbox/verifier/test_2).
 

docusaurus.config.ts

@@ -60,7 +60,7 @@ const config: Config = {
           type: 'docSidebar',
           sidebarId: 'documentationSidebar',
           position: 'left',
-          label: 'Documentation v0.1.1',
+          label: 'Documentation v0.1.2',
         },
         {
           href: 'https://github.com/TalaoDAO',