authnplain.xhtml

<!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta name="viewport" content="width=device-width, initial-scale=1" /><meta charset="utf-8" /><meta name="generator" content="ReSpec 34.1.4" /><style>dfn{cursor:pointer}
.dfn-panel{position:absolute;z-index:35;min-width:300px;max-width:500px;padding:.5em .75em;margin-top:.6em;font-family:"Helvetica Neue",sans-serif;font-size:small;background:#fff;color:#000;box-shadow:0 1em 3em -.4em rgba(0,0,0,.3),0 0 1px 1px rgba(0,0,0,.05);border-radius:2px}
.dfn-panel:not(.docked)&gt;.caret{position:absolute;top:-9px}
.dfn-panel:not(.docked)&gt;.caret::after,.dfn-panel:not(.docked)&gt;.caret::before{content:"";position:absolute;border:10px solid transparent;border-top:0;border-bottom:10px solid #fff;top:0}
.dfn-panel:not(.docked)&gt;.caret::before{border-bottom:9px solid #a2a9b1}
.dfn-panel *{margin:0}
.dfn-panel b{display:block;color:#000;margin-top:.25em}
.dfn-panel ul a[href]{color:#333}
.dfn-panel&gt;div{display:flex}
.dfn-panel a.self-link{font-weight:700;margin-right:auto}
.dfn-panel .marker{padding:.1em;margin-left:.5em;border-radius:.2em;text-align:center;white-space:nowrap;font-size:90%;color:#040b1c}
.dfn-panel .marker.dfn-exported{background:#d1edfd;box-shadow:0 0 0 .125em #1ca5f940}
.dfn-panel .marker.idl-block{background:#8ccbf2;box-shadow:0 0 0 .125em #0670b161}
.dfn-panel a:not(:hover){text-decoration:none!important;border-bottom:none!important}
.dfn-panel a[href]:hover{border-bottom-width:1px}
.dfn-panel ul{padding:0}
.dfn-panel li{margin-left:1em}
.dfn-panel.docked{position:fixed;left:.5em;top:unset;bottom:2em;margin:0 auto;max-width:calc(100vw - .75em * 2 - .5em - .2em * 2);max-height:30vh;overflow:auto}</style>
    
    <title>Authentication and Authorization with Verifiable Credentials</title>
    

    
    <meta property="og:title" content="Authentication and Authorization with Verifiable Credentials" />
    <meta property="og:type" content="website" />
    <meta property="og:description" content="Authentication and Authorization with Verifiable Credentials" />
    <meta property="og:site_name" content="Authn with Verifiable Credentials" />
    <meta property="og:url" content="https://alastria.github.io/did-method-elsi/authzn.html" />

    
    
    <link rel="stylesheet" href="./assets/templates/respec/additional.css" />
<style id="respec-mainstyle">@keyframes pop{
0%{transform:scale(1,1)}
25%{transform:scale(1.25,1.25);opacity:.75}
100%{transform:scale(1,1)}
}
:is(h1,h2,h3,h4,h5,h6,a) abbr{border:none}
dfn{font-weight:700}
a.internalDFN{color:inherit;border-bottom:1px solid #99c;text-decoration:none}
a.externalDFN{color:inherit;border-bottom:1px dotted #ccc;text-decoration:none}
a.bibref{text-decoration:none}
.respec-offending-element:target{animation:pop .25s ease-in-out 0s 1}
.respec-offending-element,a[href].respec-offending-element{text-decoration:red wavy underline}
@supports not (text-decoration:red wavy underline){
.respec-offending-element:not(pre){display:inline-block}
.respec-offending-element{background:url(data:image/gif;base64,R0lGODdhBAADAPEAANv///8AAP///wAAACwAAAAABAADAEACBZQjmIAFADs=) bottom repeat-x}
}
#references :target{background:#eaf3ff;animation:pop .4s ease-in-out 0s 1}
cite .bibref{font-style:normal}
a[href].orcid{padding-left:4px;padding-right:4px}
a[href].orcid&gt;svg{margin-bottom:-2px}
.toc a,.tof a{text-decoration:none}
a .figno,a .secno{color:#000}
ol.tof,ul.tof{list-style:none outside none}
.caption{margin-top:.5em;font-style:italic}
table.simple{border-spacing:0;border-collapse:collapse;border-bottom:3px solid #005a9c}
.simple th{background:#005a9c;color:#fff;padding:3px 5px;text-align:left}
.simple th a{color:#fff;padding:3px 5px;text-align:left}
.simple th[scope=row]{background:inherit;color:inherit;border-top:1px solid #ddd}
.simple td{padding:3px 10px;border-top:1px solid #ddd}
.simple tr:nth-child(even){background:#f0f6ff}
.section dd&gt;p:first-child{margin-top:0}
.section dd&gt;p:last-child{margin-bottom:0}
.section dd{margin-bottom:1em}
.section dl.attrs dd,.section dl.eldef dd{margin-bottom:0}
#issue-summary&gt;ul{column-count:2}
#issue-summary li{list-style:none;display:inline-block}
details.respec-tests-details{margin-left:1em;display:inline-block;vertical-align:top}
details.respec-tests-details&gt;*{padding-right:2em}
details.respec-tests-details[open]{z-index:999999;position:absolute;border:thin solid #cad3e2;border-radius:.3em;background-color:#fff;padding-bottom:.5em}
details.respec-tests-details[open]&gt;summary{border-bottom:thin solid #cad3e2;padding-left:1em;margin-bottom:1em;line-height:2em}
details.respec-tests-details&gt;ul{width:100%;margin-top:-.3em}
details.respec-tests-details&gt;li{padding-left:1em}
.self-link:hover{opacity:1;text-decoration:none;background-color:transparent}
aside.example .marker&gt;a.self-link{color:inherit}
.header-wrapper{display:flex;align-items:baseline}
:is(h2,h3,h4,h5,h6):not(#toc&gt;h2,#abstract&gt;h2,#sotd&gt;h2,.head&gt;h2){position:relative;left:-.5em}
:is(h2,h3,h4,h5,h6):not(#toch2)+a.self-link{color:inherit;order:-1;position:relative;left:-1.1em;font-size:1rem;opacity:.5}
:is(h2,h3,h4,h5,h6)+a.self-link::before{content:"§";text-decoration:none;color:var(--heading-text)}
:is(h2,h3)+a.self-link{top:-.2em}
:is(h4,h5,h6)+a.self-link::before{color:#000}
@media (max-width:767px){
dd{margin-left:0}
}
@media print{
.removeOnSave{display:none}
}</style><meta name="description" content="We describe here a mechanism to use Verifiable Credentials to perform Authentication and Access Control leveraging the eIDAS trust framework and using advanced or qualified signatures and seals to provide a high level of legal certainty and specially enjoying the presumption of non-repudiation provided by those eIDAS signatures." /><style>var{position:relative;cursor:pointer}
var[data-type]::after,var[data-type]::before{position:absolute;left:50%;top:-6px;opacity:0;transition:opacity .4s;pointer-events:none}
var[data-type]::before{content:"";transform:translateX(-50%);border-width:4px 6px 0 6px;border-style:solid;border-color:transparent;border-top-color:#000}
var[data-type]::after{content:attr(data-type);transform:translateX(-50%) translateY(-100%);background:#000;text-align:center;font-family:"Dank Mono","Fira Code",monospace;font-style:normal;padding:6px;border-radius:3px;color:#daca88;text-indent:0;font-weight:400}
var[data-type]:hover::after,var[data-type]:hover::before{opacity:1}</style><script id="initialUserConfig" type="application/json">{
  "latestVersion": "https://alastria.github.io/did-method-elsi/authzn.html",
  "edDraftURI": "https://alastria.github.io/did-method-elsi/authzn.html",
  "github": "https://github.com/alastria/did-method-elsi/blob/main/authzn.html",
  "editors": [
    {
      "company": "JesusRuiz",
      "companyURL": "https://hesusruiz.github.io/hesusruiz",
      "email": "hesusruiz@gmail.com",
      "name": "Jesus Ruiz"
    }
  ],
  "authors": [
    {
      "company": "JesusRuiz",
      "companyURL": "https://hesusruiz.github.io/hesusruiz",
      "email": "hesusruiz@gmail.com",
      "name": "Jesus Ruiz"
    },
    {
      "company": "nicos AG",
      "companyURL": "https://www.nicos-ag.com/",
      "email": "jlangkau@nicos-ag.com",
      "name": "Jörg Langkau "
    }
  ],
  "localBiblio": {
    "DEP-DSS": {
      "date": "2019-10",
      "href": "https://ec.europa.eu/digital-building-blocks/wikis/display/DIGITAL/Qualified+electronic+signature+-+QES+validation+algorithm",
      "publisher": "European Commission",
      "title": "Algorithm for Validation of qualified and advanced signatures and seals"
    },
    "DID-DNS": {
      "href": "https://tools.ietf.org/html/draft-mayrhofer-did-dns-01",
      "publisher": "IETF",
      "status": "Internet Draft",
      "title": "The Decentralized Identifier (DID) in the DNS"
    },
    "DID-ELSI": {
      "date": "04 June 2023",
      "href": "https://alastria.github.io/did-method-elsi/",
      "title": "DID ETSI Legal person Semantic Identifier Method Specification (did:elsi)",
      "id": "did-elsi"
    },
    "DID-ONBOARDING": {
      "date": "04 June 2023",
      "href": "https://alastria.github.io/did-method-elsi/onboarding.html",
      "title": "Onboarding example with LEARCredential using did:elsi"
    },
    "DID-PRIMER": {
      "href": "https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/did-primer.md",
      "publisher": "Rebooting the Web of Trust 2017",
      "title": "DID Primer"
    },
    "DIF.PresentationExchange": {
      "href": "https://identity.foundation/presentation-exchange/spec/v2.0.0/",
      "title": "Presentation Exchange 2.0.0",
      "id": "dif.presentationexchange"
    },
    "EIDAS2-REG": {
      "date": "March 2023",
      "href": "https://www.europarl.europa.eu/doceo/document/A-9-2023-0038_EN.html",
      "title": "REPORT on the proposal for a regulation of the European Parliament and of the Council amending Regulation (EU) No 910/2014 as regards establishing a framework for a European Digital Identity",
      "id": "eidas2-reg"
    },
    "ENISA-QES": {
      "date": "December 2016",
      "href": "https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-electronic-signatures",
      "title": "Security guidelines on the appropriate use of qualified electronic signatures",
      "id": "enisa-qes"
    },
    "ENISA-QSEAL": {
      "date": "June 2017",
      "href": "https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-electronic-seals",
      "title": "Security guidelines on the appropriate use of qualified electronic seals",
      "id": "enisa-qseal"
    },
    "ETSI-CERTOVERVIEW": {
      "date": "2020-07",
      "href": "https://www.etsi.org/deliver/etsi_en/319400_319499/31941201/01.04.02_20/en_31941201v010402a.pdf",
      "publisher": "ETSI",
      "title": "ETSI EN 319 412-1 V1.4.2 (2020-07) - Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 1: Overview and common data structures"
    },
    "ETSI-JADES": {
      "date": "2021-03",
      "href": "https://www.etsi.org/deliver/etsi_ts/119100_119199/11918201/01.01.01_60/ts_11918201v010101p.pdf",
      "publisher": "ETSI",
      "title": "ETSI TS 119 182-1 V1.1.1 (2021-03) - Electronic Signatures and Infrastructures (ESI); JAdES digital signatures; Part 1: Building blocks and JAdES baseline signatures",
      "id": "etsi-jades"
    },
    "ETSI-LEGALPERSON": {
      "date": "2020-07",
      "href": "https://www.etsi.org/deliver/etsi_en/319400_319499/31941203/01.02.01_60/en_31941203v010201p.pdf",
      "publisher": "ETSI",
      "title": "ETSI EN 319 412-3 V1.2.1 (2020-07) - Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 3: Certificate profile for certificates issued to legal persons",
      "id": "etsi-legalperson"
    },
    "NIST-AUTH": {
      "date": "October 2016",
      "href": "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-178.pdf",
      "title": "NIST Special Publication 800-178: A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications",
      "id": "nist-auth"
    },
    "OWASP-TRANSPORT": {
      "href": "https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet",
      "title": "Transport Layer Protection Cheatsheet"
    },
    "OpenID.Core": {
      "date": "8 November 2014",
      "href": "http://openid.net/specs/openid-connect-core-1_0.html",
      "title": "OpenID Connect Core 1.0 incorporating errata set 1",
      "id": "openid.core"
    },
    "OpenID.SIOP2": {
      "date": "28 January 2022",
      "href": "https://openid.bitbucket.io/connect/openid-connect-self-issued-v2-1_0.html",
      "title": "Self-Issued OpenID Provider v2",
      "id": "openid.siop2"
    },
    "OpenID.VCI": {
      "date": "3 February 2023",
      "href": "https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html",
      "title": "OpenID for Verifiable Credential Issuance",
      "id": "openid.vci"
    },
    "OpenID.VP": {
      "date": "21 April 2023",
      "href": "https://openid.net/specs/openid-4-verifiable-presentations-1_0.html",
      "title": "OpenID for Verifiable Presentations",
      "id": "openid.vp"
    },
    "RFC6749": {
      "href": "https://www.rfc-editor.org/rfc/rfc6749.html",
      "title": "The OAuth 2.0 Authorization Framework",
      "id": "rfc6749"
    },
    "RFC7515": {
      "href": "https://www.rfc-editor.org/rfc/rfc7515",
      "title": "JSON Web Signature (JWS)",
      "id": "rfc7515"
    },
    "RFC7519": {
      "href": "https://www.rfc-editor.org/rfc/rfc7519",
      "title": "JSON Web Token (JWT)",
      "id": "rfc7519"
    },
    "RFC8414": {
      "href": "https://www.rfc-editor.org/rfc/rfc8414",
      "title": "OAuth 2.0 Authorization Server Metadata",
      "id": "rfc8414"
    },
    "RFC8725": {
      "href": "https://www.rfc-editor.org/rfc/rfc8725",
      "title": "JSON Web Token Best Current Practices",
      "id": "rfc8725"
    }
  },
  "publishISODate": "2023-07-05T00:00:00.000Z",
  "generatedSubtitle": "05 July 2023"
}</script><link rel="stylesheet" href="https://www.w3.org/StyleSheets/TR/2021/base.css" /></head>

<body class="h-entry toc-inline"><div class="head">
    
    <h1 id="title" class="title">Authentication and Authorization with Verifiable Credentials</h1> 
    <p id="w3c-state"> <time class="dt-published" datetime="2023-07-05">05 July 2023</time></p>
    <details open="">
      <summary>More details about this document</summary>
      <dl>
        
        <dt>Latest published version:</dt><dd>
                <a href="https://alastria.github.io/did-method-elsi/authzn.html">https://alastria.github.io/did-method-elsi/authzn.html</a>
              </dd>
        <dt>Latest editor's draft:</dt><dd><a href="https://alastria.github.io/did-method-elsi/authzn.html">https://alastria.github.io/did-method-elsi/authzn.html</a></dd>
        <dt>History:</dt><dd>
                    <a href="https://github.com/alastria/did-method-elsi/blob/main/authzn.html/commits/">Commit history</a>
                  </dd>
        
        
        
        
        
        <dt>Editor:</dt><dd class="editor p-author h-card vcard">
    <span class="p-name fn">Jesus Ruiz</span> (<a class="p-org org h-org" href="https://hesusruiz.github.io/hesusruiz">JesusRuiz</a>)
  </dd>
        
        <dt>Authors:</dt><dd class="editor p-author h-card vcard">
    <span class="p-name fn">Jesus Ruiz</span> (<a class="p-org org h-org" href="https://hesusruiz.github.io/hesusruiz">JesusRuiz</a>)
  </dd><dd class="editor p-author h-card vcard">
    <span class="p-name fn">Jörg Langkau </span> (<a class="p-org org h-org" href="https://www.nicos-ag.com/">nicos AG</a>)
  </dd>
        <dt>Feedback:</dt><dd>
        <a href="https://github.com/alastria/did-method-elsi/blob/main/authzn.html/">GitHub alastria/did-method-elsi</a>
        (<a href="https://github.com/alastria/did-method-elsi/blob/main/authzn.html/pulls/">pull requests</a>,
        <a href="https://github.com/alastria/did-method-elsi/blob/main/authzn.html/issues/new/choose">new issue</a>,
        <a href="https://github.com/alastria/did-method-elsi/blob/main/authzn.html/issues/">open issues</a>)
      </dd>
        
        
      </dl>
    </details>
    
    
    <p class="copyright">
        Copyright © 2023 the document editors/authors. Text is available under the <a rel="license" href="https://creativecommons.org/licenses/by/4.0/legalcode"> Creative Commons Attribution 4.0 International Public License</a>
    </p>
    <hr title="Separator for header" />
  </div>
    


<section id="abstract" class="introductory"><h2>Abstract</h2>
    <p>We describe here a mechanism to use Verifiable Credentials to perform Authentication and Access Control leveraging the eIDAS trust framework and using advanced or qualified signatures and seals to provide a high level of legal certainty and specially enjoying the presumption of non-repudiation provided by those eIDAS signatures.
    </p>
</section><nav id="toc"><h2 class="introductory" id="table-of-contents">Table of Contents</h2><ol class="toc"><li class="tocline"><a class="tocxref" href="#abstract">Abstract</a></li><li class="tocline"><a class="tocxref" href="#conformance"><bdi class="secno">1. </bdi>Conformance</a></li><li class="tocline"><a class="tocxref" href="#authentication-and-authorization-with-verifiable-credentials"><bdi class="secno">2. </bdi>Authentication and Authorization with Verifiable Credentials</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#introduction"><bdi class="secno">2.1 </bdi>Introduction</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#signature_benefits"><bdi class="secno">2.1.1 </bdi>Signature of the Verifiable Credentials</a></li><li class="tocline"><a class="tocxref" href="#a-taxonomy-of-verifiable-credentials"><bdi class="secno">2.1.2 </bdi>A taxonomy of Verifiable Credentials</a></li><li class="tocline"><a class="tocxref" href="#verifiableid"><bdi class="secno">2.1.3 </bdi>Authentication requires a VerifiableID</a></li><li class="tocline"><a class="tocxref" href="#access-control-requires-a-verifiable-authorisation"><bdi class="secno">2.1.4 </bdi>Access Control requires a Verifiable Authorisation</a></li><li class="tocline"><a class="tocxref" href="#combining-verifiableid-and-verifiable-authorisation-in-the-learcredential"><bdi class="secno">2.1.5 </bdi>Combining VerifiableID and Verifiable Authorisation in the LEARCredential</a></li><li class="tocline"><a class="tocxref" href="#the-learcredential-for-some-identification-processes"><bdi class="secno">2.1.6 </bdi>The LEARCredential for some identification processes</a></li></ol></li><li class="tocline"><a class="tocxref" href="#the-learcredential-through-an-example"><bdi class="secno">2.2 </bdi>The LEARCredential through an example</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#claims-identifying-the-employee"><bdi class="secno">2.2.1 </bdi>Claims identifying the employee</a></li><li class="tocline"><a class="tocxref" href="#did-of-the-employee"><bdi class="secno">2.2.2 </bdi>DID of the employee</a></li><li class="tocline"><a class="tocxref" href="#legalrepresentative"><bdi class="secno">2.2.3 </bdi><code>legalRepresentative</code></a></li><li class="tocline"><a class="tocxref" href="#rolesandduties-of-the-lear"><bdi class="secno">2.2.4 </bdi><code>rolesAndDuties</code> of the LEAR</a></li><li class="tocline"><a class="tocxref" href="#assembling-the-pieces-together"><bdi class="secno">2.2.5 </bdi>Assembling the pieces together</a></li></ol></li><li class="tocline"><a class="tocxref" href="#issuing-the-learcredential"><bdi class="secno">2.3 </bdi>Issuing the LEARCredential</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#overview"><bdi class="secno">2.3.1 </bdi>Overview</a></li><li class="tocline"><a class="tocxref" href="#authentication"><bdi class="secno">2.3.2 </bdi>Authentication</a></li><li class="tocline"><a class="tocxref" href="#credential-offer"><bdi class="secno">2.3.3 </bdi>Credential Offer</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#credential-offer-parameters"><bdi class="secno">2.3.3.1 </bdi>Credential Offer Parameters</a></li><li class="tocline"><a class="tocxref" href="#contents-of-the-qr-code"><bdi class="secno">2.3.3.2 </bdi>Contents of the QR code</a></li></ol></li><li class="tocline"><a class="tocxref" href="#credential-issuer-metadata"><bdi class="secno">2.3.4 </bdi>Credential Issuer Metadata</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#credential-issuer-metadata-parameters"><bdi class="secno">2.3.4.1 </bdi>Credential Issuer Metadata Parameters</a></li></ol></li><li class="tocline"><a class="tocxref" href="#oauth-2-0-authorization-server-metadata"><bdi class="secno">2.3.5 </bdi>OAuth 2.0 Authorization Server Metadata</a></li><li class="tocline"><a class="tocxref" href="#access-token"><bdi class="secno">2.3.6 </bdi>Access Token</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#token-request"><bdi class="secno">2.3.6.1 </bdi>Token Request</a></li><li class="tocline"><a class="tocxref" href="#successful-token-response"><bdi class="secno">2.3.6.2 </bdi>Successful Token Response</a></li><li class="tocline"><a class="tocxref" href="#token-error-response"><bdi class="secno">2.3.6.3 </bdi>Token Error Response</a></li></ol></li><li class="tocline"><a class="tocxref" href="#request-and-receive-credential"><bdi class="secno">2.3.7 </bdi>Request and receive Credential</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#binding-the-issued-credential-to-the-identifier-of-the-end-user-possessing-that-credential"><bdi class="secno">2.3.7.1 </bdi>Binding the Issued Credential to the identifier of the End-User possessing that Credential</a></li><li class="tocline"><a class="tocxref" href="#credential-request"><bdi class="secno">2.3.7.2 </bdi>Credential Request</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#proof_type"><bdi class="secno">2.3.7.2.1 </bdi>Proof Type</a></li></ol></li><li class="tocline"><a class="tocxref" href="#credential-response"><bdi class="secno">2.3.7.3 </bdi>Credential Response</a></li><li class="tocline"><a class="tocxref" href="#credential-error-response"><bdi class="secno">2.3.7.4 </bdi>Credential Error Response</a></li><li class="tocline"><a class="tocxref" href="#credential-issuer-provided-nonce"><bdi class="secno">2.3.7.5 </bdi>Credential Issuer Provided Nonce</a></li></ol></li></ol></li><li class="tocline"><a class="tocxref" href="#authenticating-with-verifiable-credentials"><bdi class="secno">2.4 </bdi>Authenticating with Verifiable Credentials</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#overview-0"><bdi class="secno">2.4.1 </bdi>Overview</a></li><li class="tocline"><a class="tocxref" href="#starting-the-openid-for-verifiable-presentations-flow"><bdi class="secno">2.4.2 </bdi>Starting the OpenID for Verifiable Presentations flow</a></li><li class="tocline"><a class="tocxref" href="#generating-the-authorization-request"><bdi class="secno">2.4.3 </bdi>Generating the Authorization Request</a></li><li class="tocline"><a class="tocxref" href="#verification-of-the-authorization-request"><bdi class="secno">2.4.4 </bdi>Verification of the Authorization Request</a></li><li class="tocline"><a class="tocxref" href="#creating-and-sending-the-authorization-response"><bdi class="secno">2.4.5 </bdi>Creating and sending the Authorization Response</a></li><li class="tocline"><a class="tocxref" href="#authenticating-the-user-with-the-learcredential"><bdi class="secno">2.4.6 </bdi>Authenticating the user with the LEARCredential</a></li></ol></li><li class="tocline"><a class="tocxref" href="#accesscontrol"><bdi class="secno">2.5 </bdi>Access control with Verifiable Credentials</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#overview-1"><bdi class="secno">2.5.1 </bdi>Overview</a></li><li class="tocline"><a class="tocxref" href="#determine-the-authorization-policies-which-apply-to-the-request"><bdi class="secno">2.5.2 </bdi>Determine the Authorization Policies which apply to the request</a></li><li class="tocline"><a class="tocxref" href="#determine-which-trusted-issuer-lists-should-be-queried"><bdi class="secno">2.5.3 </bdi>Determine which Trusted Issuer Lists should be queried</a></li><li class="tocline"><a class="tocxref" href="#query-the-trusted-issuer-lists"><bdi class="secno">2.5.4 </bdi>Query the Trusted Issuer Lists</a></li><li class="tocline"><a class="tocxref" href="#compute-the-decision-and-allow-or-not-access"><bdi class="secno">2.5.5 </bdi>Compute the decision and allow (or not) access</a></li><li class="tocline"><a class="tocxref" href="#summary-of-the-authorization-process"><bdi class="secno">2.5.6 </bdi>Summary of the authorization process</a></li></ol></li></ol></li><li class="tocline"><a class="tocxref" href="#participants"><bdi class="secno">A. </bdi>Example scenario: Participants in the ecosystem</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#participant"><bdi class="secno">A.1 </bdi>GoodAir: the company that wants to perform the process</a></li><li class="tocline"><a class="tocxref" href="#coo-chief-operating-officer-of-goodair"><bdi class="secno">A.2 </bdi>COO (Chief Operating Officer) of GoodAir</a></li><li class="tocline"><a class="tocxref" href="#realtruth-a-trust-service-provider"><bdi class="secno">A.3 </bdi>RealTruth: a Trust Service Provider</a></li><li class="tocline"><a class="tocxref" href="#john-doe-an-administrative-employee-of-goodair"><bdi class="secno">A.4 </bdi>John Doe: an administrative employee of GoodAir</a></li><li class="tocline"><a class="tocxref" href="#dome-an-instance-of-a-data-space-for-smart-cities"><bdi class="secno">A.5 </bdi>DOME: an instance of a Data Space for Smart Cities</a></li></ol></li><li class="tocline"><a class="tocxref" href="#request_scope"><bdi class="secno">B. </bdi>Request Scope</a></li><li class="tocline"><a class="tocxref" href="#glossary"><bdi class="secno">C. </bdi>Glossary</a></li><li class="tocline"><a class="tocxref" href="#references"><bdi class="secno">D. </bdi>References</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#normative-references"><bdi class="secno">D.1 </bdi>Normative references</a></li></ol></li></ol></nav>
<section id="conformance"><div class="header-wrapper"><h2 id="x1-conformance"><bdi class="secno">1. </bdi>Conformance</h2><a class="self-link" href="#conformance" aria-label="Permalink for Section 1."></a></div><p>As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.</p><p>
        The key words <em class="rfc2119">MAY</em>, <em class="rfc2119">MUST</em>, <em class="rfc2119">MUST NOT</em>, <em class="rfc2119">OPTIONAL</em>, <em class="rfc2119">RECOMMENDED</em>, and <em class="rfc2119">REQUIRED</em> in this document
        are to be interpreted as described in
        <a href="https://datatracker.ietf.org/doc/html/bcp14">BCP 14</a>
        [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc2119" title="Key words for use in RFCs to Indicate Requirement Levels">RFC2119</a></cite>] [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc8174" title="Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words">RFC8174</a></cite>]
        when, and only when, they appear in all capitals, as shown here.
      </p>
</section>
<section id="authentication-and-authorization-with-verifiable-credentials"><div class="header-wrapper"><h2 id="x2-authentication-and-authorization-with-verifiable-credentials"><bdi class="secno">2. </bdi>Authentication and Authorization with Verifiable Credentials</h2><a class="self-link" href="#authentication-and-authorization-with-verifiable-credentials" aria-label="Permalink for Section 2."></a></div>

    <section id="introduction"><div class="header-wrapper"><h3 id="x2-1-introduction"><bdi class="secno">2.1 </bdi>Introduction</h3><a class="self-link" href="#introduction" aria-label="Permalink for Section 2.1"></a></div>

        <p>In a typical B2B ecosystem, the agreements between a product/service provider and the consumer are formalised among legal persons (also known in this document as 'organisations').
        </p>
        <p>However, when interacting in the context of execution of the agreement, typically other entities are acting on behalf of the legal persons both for the consumer organisation and for the service provider organisation.
        </p>
        <p>For example an employee of the consumer organisation may start, on behalf of his employer, an interaction with the provider organisation to perform a process needed for the provision of a service. In this case, the provider organisation should authenticate the natural person and apply appropriate access control policies to ensure that the natural person is really entitled by the consumer organisation to perform the intended process.
        </p>
        <p>In the context of authentication and access management, the legal entity acting as consumer organisation will be named <code>Participant</code>. The digital representation of a natural person, acting on behalf of a Participant, is referred to as a <code>Principal</code>. When the context is clear and we need to refer to eIDAS legal terms, we will use the term <code>user</code> (defined in the Glossary) to denote a natural or legal person, or a natural person representing a legal person using a wallet to authenticate.
        </p>
        <p>The legal entity acting as service provider and performing authentication and access management will be called <code>Relying Party</code>.
        </p>
        <p>We describe here a mechanism to use Verifiable Credentials to perform Authentication and Access Control leveraging the eIDAS trust framework and using advanced or qualified signatures and seals to provide a high level of legal certainty and specially enjoying the presumption of non-repudiation provided by those eIDAS signatures.
        </p>
        <table style="width:100%;"><tbody><tr><td class="xwarnt"><aside class="xwarna">

            <p>We focus here on <code>legal persons</code>. It is out of scope the identification and authentication of <code>natural persons</code> (except when acting as representatives of the legal person, see below). Whenever eIDAS2 and the EUDIW (European Digital Identity Wallet) are ready, we will support that mechanism for identification and access control.
            </p>
        </aside></td></tr></tbody></table>
        <p>The mechanism described here allows a Relying Party receiving a Verifiable Credential from a principal engaging in an authentication process to perform the following verifications:
        </p>
        <ul class="plain">
            <li id="160.Authentication"><a href="#160.Authentication" class="selfref"><b>Authentication</b></a>

                <div>
                <ul>
                    <li><b>Non-tampering</b>. The Relying Party can verify that the credential was not tampered with since it was generated, thanks to the digital signature of the credential.
                    </li>
                    <li><b>Binding the Principal with the subject inside the credential</b>. The Relying Party can verify that the principal presenting the credential is the same principal identified as the subject inside the credential by using the cryptographic material inside the credential that was embedded in a secure and private way during the credential issuance process. See section <a href="#verifiableid" class="xref">Authentication requires a VerifiableID</a> for more details.
                        <div>
                        <p>The degree of trust in this verification depends on the degree of trust that the Relying Party puts on the processes that the Participant uses to issue the credentials.
                        </p>
                        </div>
                        <div>
                        <p>However, as described below, the usage of eIDAS signatures to sign the credential makes the Participant legally liable for any problems in the binding of the identities of the holder and subject of the credential. Specifically, compliance to the eIDAS specifications and regulation for electronic seals and signatures provides <b>presumption of non-repudiation and the burden of proof in the courts rests on the Participant, not on the Relying Party</b>.
                        </p>
                        </div>
                        <div>
                        <p>This is important because it provides the incentives in the proper places: the Participant is incentivised to create the credential in the proper way, and the Relying Party is incentivised to perform its due diligence in verifying the credential. By using the eIDAS signatures, no party has to assume the burden if the technical validity of the signature is disputed in court. Only the contents of the credential can be under discussion. See section <a href="#signature_benefits" class="xref">Signature of the Verifiable Credentials</a> for more details.
                        </p>
                        </div>
                        <div>
                        <p>In the proposal of this document, the verification is enabled by embedding inside the credential a public key corresponding to a private key that was generated by the principal during the issuance process. See below for the details, including an optional mechanism by embedding an existing eIDAS certificate issued by a QTSP when the principal is a natural person or a legal person (different from the Participant).
                        </p>
                        </div>
                    </li>
                    <li><b> Binding of issuer with a real-world identity</b>. The Relying Party can verify that the credential was issued by somebody controlling a private key associated to a given real-world identity.
                        <div>
                        <p>The verification is enabled because the Verifiable Credential is sealed with an eIDAS qualified certificate for electronic seals issued to the Participant by an EU Qualified Trusted Services Provider (QTSP), and the signature of the credential is an advanced or qualified electronic signature using the format JAdES (JSON Advanced Electronic Signature) as defined in the eIDAS regulation.
                        </p>
                        </div>
                        <div>
                        <p>Of course, we also support electronic signatures with qualified certificates for electronic signatures issued by QTSPs to <b>natural persons acting as representatives of legal persons</b>.
                        </p>
                        </div>
                        <div>
                        <p>This verification ensures that an organisation with a real-world legal identity under the eIDAS Trust Framework has signed the credential being presented by a natural person identified as the subject of the credential.
                        </p>
                        </div>
                        <div>
                        <p>This verification <b>does not say anything about whether the organisation is a participant</b> in a given Data Space or not. See next point for such verification.
                        </p>
                        </div>
                    </li>
                    <li><b>Verify that the real-world identity is a Participant</b>. The Relying Party, using the unique identifier associated to the eIDAS certificate used to sign the credential, can check if the issuer of the credential is a participant in a given Data Space by looking for that unique identifier in the Trusted Participant List managed by that Data Space.
                        <div>
                        <p>This unique number is the unique <code>organizationIdentifier</code> inside the certificates for legal persons and certificates for natural persons acting as representatives of legal persons, defined in <cite><a data-matched-text="[[[ETSI-LEGALPERSON]]]" href="https://www.etsi.org/deliver/etsi_en/319400_319499/31941203/01.02.01_60/en_31941203v010201p.pdf">ETSI EN 319 412-3 V1.2.1 (2020-07) - Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 3: Certificate profile for certificates issued to legal persons</a></cite>.
                        </p>
                        </div>
                        <div>
                        <p>Any legal person that can already engage in electronic transactions in the internal market has an eIDAS certificate including such a unique identifier, which is used in all types of legally-binding signatures like invoices, contracts, etc.
                        </p>
                        </div>
                        <div>
                        <p>We assume here that the onboarding process of each Data Space / Ecosystem does not invent a new "local-only" identifier but uses the one that is already valid for electronic transactions in the internal market. Or at least, that the global eIDAS unique identifier is associated with whatever private identifier is invented by the Data Space.
                        </p>
                        </div>
                        <div>
                        <p>We assume that the eIDAS unique identifier is used during onboarding to update a given Trusted Participant List with the identity of the new participant. That identity is composed of the unique identifier in the eIDAS framework and any additional attributes that may be relevant for the ecosystem. See below for the structure of the unique eIDAS identifier.
                        </p>
                        </div>
                    </li>
                </ul>
                </div>
                <div>
                </div></li><li id="194.Access_Control"><a href="#194.Access_Control" class="selfref"><b>Access Control</b></a>

                    <div>
                    <ul>
                        <li><b>Binding the Participant to the delegated powers to the Principal</b>. The Relying Party can verify that the legal person (the Participant) or a representative of the legal person (in eIDAS terms) has delegated a specific set of powers to the subject identified inside the credential (who is the same person holding and presenting the credential, as described above in 'authentication').
                            <div>
                            <p>This is enabled because the credential includes a <b>set of claims that state in a formal language the delegated powers</b>, and the credential has been sealed/signed using an eIDAS certificate using the eIDAS advanced/qualified electronic signature format, described in more detail later in this document.
                            </p>
                            </div>
                            <div>
                            <p>Alternatively, the credential can include a pointer to an external document (which could be another credential) describing in detail the delegated powers.
                            </p>
                            </div>
                            <div>
                            <p>Thanks to the usage of eIDAS signatures, the credential is effectively a legal document with the same legal validity as any other document in any format supported by the eIDAS signature scheme. The Relying Party can verify (and prove in court if needed) with a high level of legal certainty that the legal person issuing the credential (the Participant) has declared that the holder/subject of the credential has the powers stated inside the credential (or linked by the credential).
                            </p>
                            </div>
                            <div>
                            <p>Actually, the entity identified as a subject in the credential, and that is receiving the delegated powers, is not restricted to be a natural person and can be of different types. Anything that can be expressed in paper or PDF format can be also expressed in the Verifiable Credential format. For example, it can be an employee, a customer or a machine or device under the responsibility of the legal person signing the credential.
                            </p>
                            </div>
                        </li>
                        <li>The Relying Party can use the claims mentioned above, expressed as a formal language (e.g. ODRL), to perform access control. The specific mechanism is not yet detailed in this document.
                            <div>
                            <p>For example, the credential can just specify the role(s) of the entity identified in the credential (e.g. 'Finance Administrator') and the Relying Party can evaluate a set of arbitrarily complex policy rules associated to the role(s) for access control.
                            </p>
                            </div>
                            <div>
                            <p>Alternatively, the credential could specify more complex rules which the Relying Party can combine if needed with additional policy rules to make the final decision.
                            </p>
                            </div>
                        </li>
                    </ul>
                    </div>
                </li>
                
            
        </ul>
        <p>To achieve all of the above, we define specific types of Verifiable Credentials with a format and a mechanism which specify:
        </p>
        <ol>
            <li>a way to sign the credentials;
            </li>
            <li>a way to bind the identity of the holder of a credential to the identity of the subject inside the credential;
            </li>
            <li>and a way to embed authorisation information in the credential describing the powers that the legal entity has delegated to the subject inside the credential.
            </li>
        </ol>
        <p>The mechanisms described here can be used to generate credentials to employees, contractors, customers and even to machines and devices acting on behalf of an organisation. The schema is identical, except the issuance process is probably a little bit different and the roles and duties embedded in the credentials have different legal implications (but always in line with the legal framework, for example with the Consumer Protection Directive).
        </p>
        <section id="signature_benefits"><div class="header-wrapper"><h4 id="x2-1-1-signature-of-the-verifiable-credentials"><bdi class="secno">2.1.1 </bdi>Signature of the Verifiable Credentials</h4><a class="self-link" href="#signature_benefits" aria-label="Permalink for Section 2.1.1"></a></div>

            <p>We use <code>qualified certificates for electronic seals</code> provided by eIDAS Qualified Trust Services Providers (QTSPs) to seal credentials with advanced electronic seals (AdESeal) or with qualified electronic seals (QESeal) with the JSON Advanced Electronic Signature format (JAdES).
            </p>
            <p>We also use <code>qualified certificates for electronic signatures</code> issued by a QTSP to authorised representatives of the legal person, to sign credentials with advanced electronic signatures (AdES) or with qualified electronic signatures (QES) with the JSON Advanced Electronic Signature format (JAdES).
            </p>
            <p>This mechanism for sealing/signing the Verifiable Credentials has the following properties:
            </p>
            <ul class="plain">
                <li><b>Provides high assurance of the identity of the creator of the credential.</b>
                    <div>
                    <p>The seals/signatures provide <b>high assurance of the identity of the creator of the seal</b>. For example, it will be difficult for a malicious user to get a qualified seal certificate in the name of a company, because the QTSP will be responsible to check that such seal is issued to the persons representing the company and not to unauthorised persons.
                    </p>
                    </div>
                </li>
                <li><b>Enables authorised representative of the legal person to act on behalf of the legal person.</b>
                    <div>
                    <p>The mechanism provides <b>high legal predictability</b>, including for the qualified electronic signature the benefits of its <b>legal equivalence to handwritten signatures</b>.
                    </p>
                    </div>
                    <div>
                    <p>As stated by the eIDAS Regulation, when a transaction requires a qualified electronic seal from a legal person, a qualified electronic signature from the authorised representative of the legal person should be equally acceptable.
                    </p>
                    </div>
                    <div>
                    <p>It is possible to certify elements that are bound to the signatory such as a title (e.g. Director), a link with its employer, etc. Because the QTSP is trusted for verifying the information it certifies, the Relying Party can get a high level of confidence in such information conveyed with the signature through the signatory's certificate.
                    </p>
                    </div>
                    <div>
                    <p>In this way, the Relying Party receiving Verifiable Credentials can have the same legal certainty than with any other document in other formats (e.g. PDF) signed with AdES or QES signatures or with handwritten signatures (in the case of QES).
                    </p>
                    </div>
                </li>
                <li><b>Provides high level of legal certainty and interoperability.</b>
                    <div>
                    <p>Any basic signature benefits from the non-discrimination rule, which means that a Court in an EU Member State cannot reject it automatically as being invalid simply because they are in electronic form.
                    </p>
                    </div>
                    <div>
                    <p>However, their dependability is lower than that of an AdES/AdESeal or QES/QESeal because the signatory may be required to prove the security of the technology being used if the validity of the signature is disputed before a court. This requires significant costs and efforts that could be avoided with relative ease by opting for the more established and standardised advanced and qualified signature solutions. It may also be the case that the relying parties have no applications or tools to validate such signature, when not based on standards; in such a scenario, the signature may be legally valid and technologically robust, but of limited use (see [<cite><a class="bibref" data-link-type="biblio" href="#bib-enisa-qes" title="Security guidelines on the appropriate use of qualified electronic signatures">ENISA-QES</a></cite>] and [<cite><a class="bibref" data-link-type="biblio" href="#bib-enisa-qseal" title="Security guidelines on the appropriate use of qualified electronic seals">ENISA-QSEAL</a></cite>]).
                    </p>
                    </div>
                    <div>
                    <p>For these interoperability reasons, QES/QESeal that are based on recognised EU standards are preferable unless the parties operate purely in a local context where the acceptance and usability of the chosen signature solution is sufficiently certain.
                    </p>
                    </div>
                    <div>
                    <p>Beyond the technical interoperability, the eIDAS Regulation also ensures the international recognition of electronic signatures, and not limited to the EU.
                    </p>
                    </div>
                </li>
            </ul>
        </section>
        <section id="a-taxonomy-of-verifiable-credentials"><div class="header-wrapper"><h4 id="x2-1-2-a-taxonomy-of-verifiable-credentials"><bdi class="secno">2.1.2 </bdi>A taxonomy of Verifiable Credentials</h4><a class="self-link" href="#a-taxonomy-of-verifiable-credentials" aria-label="Permalink for Section 2.1.2"></a></div>

            <p>The objectives defined in the introduction can be achieved in different ways. We define here an approach that standardises the detailed mechanisms so it can be adopted easily by anyone who wants to obtain the associated benefits. If the approach is adopted in an ecosystem, it provides a high level of interoperability among the participants in the ecosystem, reducing also the risks associated to mistakes in the implementation.
            </p>
            <p>To describe precisely the approach, we define a taxonomy of the relevant classes of Verifiable Credentials that we need.
            </p>
            <p>For the purpose of this discussion we use a diagram derived from the taxonomy <a href="https://ec.europa.eu/digital-building-blocks/wikis/display/EBSIDOC/Data+Models+and+Schemas">defined in EBSI</a>:
            </p>
            <figure id="fig-classes-of-credentials"><img src="builtassets/plantuml_47747c7c84b49ce4c8b0f3159b566ffc.png" alt="" />
            <figcaption><a class="self-link" href="#fig-classes-of-credentials">Figure <bdi class="figno">1</bdi></a> <span class="fig-title">Classes of credentials</span></figcaption></figure>

            <p>The sections below refer to this diagram for each type of credential discussed.
            </p>
        </section>
        <section id="verifiableid"><div class="header-wrapper"><h4 id="x2-1-3-authentication-requires-a-verifiableid"><bdi class="secno">2.1.3 </bdi>Authentication requires a VerifiableID</h4><a class="self-link" href="#verifiableid" aria-label="Permalink for Section 2.1.3"></a></div>

            <p>Not all types of Verifiable Credentials can be used as a mechanism for online authentication, because the Relying Party (the entity receiving the Verifiable Credential in an authentication process) needs to bind the identity of the user sending the credential to the claims attested about the subject inside the credential.
            </p>
            <p>For example, in the case of a Diploma as a Verifiable Credential (a Verifiable Diploma), the credential is a Verifiable Attestation which indicates that the subject has certain skills or has achieved certain learning outcomes through formal or non-formal learning context. However, as in the case with normal Diplomas in paper of PDF format, this credential can be presented by anyone that holds the credential. In other words, the credential binds the identity of the subject with the claims inside the credential, but does not bind the identity of the holder of the credential with the identity of the subject of the credential, which requires a special mechanism in the issuance process.
            </p>
            <p>Most Verifiable Credentials will be issued as Verifiable Attestations, acting as efficient machine-processable and verifiable equivalent to their analog counterparts. Their purpose is to attest some attributes about the subject of the credential and not act as a mechanism for online authentication.
            </p>
            <p>Instead, <b>a <code>VerifiableID</code> is a special form of a Verifiable Credential that a natural or legal person can use in an electronic identification process as evidence of whom he/she/it is</b> (comparable with a passport, physical IDcard, driving licence, social security card, member-card…).
            </p>
            <p>VerifiableIDs can be of different types and be issued by different entities with different levels of assurance (in eIDAS terminology). They are issued with the purpose of serving as authentication mechanisms in online processes. In the near future, VerifiableIDs of the highest level of assurance (LoA High) will be issued to citizens and businesses by their governments under eIDAS2.
            </p>
            <p>We describe in this document a way to issue VerifiableID credentials and how a Relying Party can perform authentication by accepting that credential.
            </p>
        </section>
        <section id="access-control-requires-a-verifiable-authorisation"><div class="header-wrapper"><h4 id="x2-1-4-access-control-requires-a-verifiable-authorisation"><bdi class="secno">2.1.4 </bdi>Access Control requires a Verifiable Authorisation</h4><a class="self-link" href="#access-control-requires-a-verifiable-authorisation" aria-label="Permalink for Section 2.1.4"></a></div>

            <p>Once the user is authenticated, the system should make a decision to grant or reject an access request to a protected resource from an already authenticated subject, based on what the subject is authorised to access.
            </p>
            <p>Let's take the example of when a Service Provider signs an agreement with a Service Consumer organisation (a legal person), and the Service Provider wants to allow access to some services to employees of the Consumer organisation under the conditions of the agreement.
            </p>
            <p>In most cases, granting access is not an all-or-nothing decision. In general, the agreement between the Service Provider and Service Consumer specifies that only a subset of the employees of the Consumer organisation can access the services, and even in that subset not all employees have the same powers when accessing the services. For example, some employees have access to the administration of the service, some can perform some create/update/delete operations in a subset of the services, and some employees can only have read access to a subset of the services.
            </p>
            <p>To allow for this granularity in an authentication and access control process, in general the entity willing to perform an action on a protected resource has to present (in a Verifiable Presentation) a VerifiableID and possibly one or more additional Verifiable Attestations.
            </p>
            <p>At least one of the credentials should include claims identifying the employee (or any other subject) and a formal description of the concrete powers that have been delegated by the legal representative of the organisation, enabling the determination by the Service Provider whether the user is entitled to access a service and the operations that the user can perform on that service.
            </p>
            <p>We define later a standard mechanism and format for a Verifiable Credential that enables this functionality in a simple, secure and with high degree of legal certainty compatible with eIDAS.
            </p>
            <p>Such a credential is called a Verifiable Authorization, represented in the figure above.
            </p>
        </section>
        <section id="combining-verifiableid-and-verifiable-authorisation-in-the-learcredential"><div class="header-wrapper"><h4 id="x2-1-5-combining-verifiableid-and-verifiable-authorisation-in-the-learcredential"><bdi class="secno">2.1.5 </bdi>Combining VerifiableID and Verifiable Authorisation in the LEARCredential</h4><a class="self-link" href="#combining-verifiableid-and-verifiable-authorisation-in-the-learcredential" aria-label="Permalink for Section 2.1.5"></a></div>

            <p>In many use cases, it is possible to simplify the authentication and access control by combining in a single credential both a VerifiableID (authentication) and a Verifiable Authorisation (for access control).
            </p>
            <p>The resulting credential is called LEARCredential and it is very useful when the holder/subject wants to use decentralised IAM mechanisms implemented by Relying Parties which are federated in a decentralised way using a common Trust Anchor Framework.
            </p>
            <p>The concept of LEARCredential is described in the diagram above.
            </p>
            <p>The appointed employee will perform the process by using a special type of Verifiable Credential called <code>LEARCredential</code> (from <b>L</b>egal <b>E</b>ntity <b>A</b>ppointed <b>R</b>epresentative).
            </p>
            <p>To achieve a high level of legal certainty under eIDAS, the LEARCredential is:
            </p>
            <ul>
                <li>signed or sealed with an eIDAS certificate which is either:
                    <div>
                    <ul>
                        <li>a <b>certificate for electronic seals</b> issued to a legal person by a Qualified Trust Service Provider, or
                        </li>
                        <li>a <b>certificate for electronic signatures</b>, issued to a <b>legal representative of the legal person</b> by a Qualified Trust Service Provider.
                        </li>
                    </ul>
                    </div>
                </li>
                <li>signed using the <b>JSON Advanced Electronic Signature</b> format described in <cite><a data-matched-text="[[[ETSI-JADES]]]" href="https://www.etsi.org/deliver/etsi_ts/119100_119199/11918201/01.01.01_60/ts_11918201v010101p.pdf">ETSI TS 119 182-1 V1.1.1 (2021-03) - Electronic Signatures and Infrastructures (ESI); JAdES digital signatures; Part 1: Building blocks and JAdES baseline signatures</a></cite>
                </li>
            </ul>
            <p>The LEARCredential includes claims identifying the employee and a description of the concrete powers that have been delegated by the legal representative of the organisation.
            </p>
            <p>By signing/sealing the credential with an eIDAS certificate, the legal representative attests that the powers described in the credential have been delegated to the employee (maybe under some conditions, also described in the credential).
            </p>
            <p>In this way, the LEARCredential has the same legal status as any other document in other formats (e.g., PDF) signed in an eIDAS-compliant way, but with all the advantages provided by the Verifiable Credential format.
            </p>
            <p>In addition, the LEARCredential includes cryptographic material that allows the appointed employee to <b>use the credential as an online authentication mechanism</b> in a portal, by proving that the holder of the credential is the same person identified in the credential.
            </p>
            <p>Any Verifier that trusts the eIDAS Trust Framework will be able to verify that:
            </p>
            <ul>
                <li><b>The person presenting the LEARCredential is the same as the one identified in the credential</b>
                </li>
                <li><b>A legal representative of the organisation has attested that the person has the powers described in the credential</b>
                </li>
            </ul>
            <p>This enables the person presenting the LEARCredential to start the process and to provide any additional required documentation, preferably as additional Verifiable Credentials to enable automatic verification of compliance with the process requirements (including Gaia-X credentials issued by the Compliance Service of Gaia-X).
            </p>
            <p>Both types of eIDAS certificates mentioned above are an electronic attestation <b>that links electronic seal/signature validation data to a legal person and confirms the name of that person</b>. This way, the certificate, usually linked to the sealed/signed document, can be used to verify the identity of the creator of the seal/signature and whether the document has been sealed/signed using the corresponding private key.
            </p>
            <p>Before issuing a certificate like the above, the Qualified Trust Service Provider (QTSP) performs validations against <code>Authentic Sources</code> to authenticate the identity of the organisation:
            </p>
            <ul>
                <li>The data concerning the business name or corporate name of the organisation.
                </li>
                <li>The data relating to the constitution and legal status of the subscriber.
                </li>
                <li>The data concerning the extent and validity of the powers of representation of the applicant.
                </li>
                <li>The data concerning the tax identification code of the organisation or equivalent code used in the country to whose legislation the subscriber is subject.
                </li>
            </ul>
            <p>The person controlling the above certificates will appoint a legal entity representative (LEAR) by generating and signing a Verifiable Credential which:
            </p>
            <ul>
                <li>Includes identification data of an employee of the organisation
                </li>
                <li>Includes claims stating the delegation of specific powers to perform a set of specific processes on behalf of the organisation
                </li>
                <li>Includes a public key where the corresponding private key is controlled by the employee, enabling him to prove that he is the holder of the credential when it is being used in an authentication process like the ones used as examples in this document.
                </li>
            </ul>
            <p>The LEARCredential uses the <code>did:elsi</code> method for the identifiers of legal persons involved in the process, to facilitate the DID resolution and linkage with the eIDAS certificates. The <code>did:elsi</code> method is specified in <cite><a data-matched-text="[[[DID-ELSI]]]" href="https://alastria.github.io/did-method-elsi/">DID ETSI Legal person Semantic Identifier Method Specification (did:elsi)</a></cite>.
            </p>
            <p>The high-level view of the process is described in the following diagram, when a COO (Chief Operating Officer) appoints an employee to perform some processes:
            </p>
            <figure id="fig-high-level-view-of-issuance-of-learcredential"><img src="builtassets/plantuml_53418b3092cb323db978af09dc064024.png" alt="" />
            <figcaption><a class="self-link" href="#fig-high-level-view-of-issuance-of-learcredential">Figure <bdi class="figno">2</bdi></a> <span class="fig-title">High level view of issuance of LEARCredential</span></figcaption></figure>

        </section>
        <section id="the-learcredential-for-some-identification-processes"><div class="header-wrapper"><h4 id="x2-1-6-the-learcredential-for-some-identification-processes"><bdi class="secno">2.1.6 </bdi>The LEARCredential for some identification processes</h4><a class="self-link" href="#the-learcredential-for-some-identification-processes" aria-label="Permalink for Section 2.1.6"></a></div>

            <p>But <b>any entity can issue VerifiableIDs</b>, though the acceptance by Relying Parties can not be ensured because it is the Relying Party the only one deciding if it trusts on the issuer and its process for generating the VerifiableID.
            </p>
            <p>DOME will make use of the future eIDAS2 VerifiableIDs when they are available and when they make sense in the context of DOME. But DOME defines some specific types of VerifiableIDs that are derived from eIDAS certificates for signatures/seals using the regulated standards for signatures, achieving a level of assurance that provides an acceptable level of legal certainty and reduced risk of repudiation.
            </p>
            <p>An example is the LEARCredential described in a section above, which has the same level of legal certainty as any document signed with the same certificates (like a contract or an invoice).
            </p>
            <p>Similarly, a Product provider (like GoodAir) who decides to use the DOME Trust and IAM framework or a compatible one for managing access to associated services by customers of their products will typically define specific types of VerifiableIDs if the standard ones in DOME or the existing and widely accepted ones are not suitable for the provider. In general, if a provider can use an existing and already used VerifiableID then it will facilitate potential customers access to its product because issuers of the VerifiableID do not have to modify or adapt their existing issuing processes.
            </p>
        </section>
    </section>
    <section id="the-learcredential-through-an-example"><div class="header-wrapper"><h3 id="x2-2-the-learcredential-through-an-example"><bdi class="secno">2.2 </bdi>The LEARCredential through an example</h3><a class="self-link" href="#the-learcredential-through-an-example" aria-label="Permalink for Section 2.2"></a></div>

        <p>In this section we describe in detail the LEARCredential and for illustrative purpose we use example attributes from a fictitious ecosystem whose participants are described in Appendix <a href="#participants" class="xref">Example scenario: Participants in the ecosystem</a>.
        </p>
        <p>In this example the LEARCredential will be generated using the eIDAS certificate of the COO (Chief Operation Officer) of the organisation that will be issuing the credential.
        </p>
        <p>The credential will be generated with an application that the COO will use as Issuer of the LEARCredential and that allows the employee to receive the credential using his credential wallet, using [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vci" title="OpenID for Verifiable Credential Issuance">OpenID.VCI</a></cite>] to achieve compliance with the EUDI Wallet ARF.
        </p>
        <p>This application enables the COO to attest the information required to create the LEARCredential, specifying the employee information and the specific type of LEARCredential. In general, there may be different instances of LEARCredentials for different purposes. One employee can have more than one LEARCredential, each having a different delegation of powers for different environments.
        </p>
        <p>The specific detailed use case here is the issuance of a LEARCredential to an employee to enable that employee to perform the onboarding process in an ecosystem. But exactly the same process with different attested attributes can be used by any organisation to issue credentials that can be accepted by other organisations for authentication and access control to any protected resources that they manage.
        </p>
        <p>The essential components of a LEARCredential are the following:
        </p>
        <ul>
            <li><b>Claims identifying the employee</b>
            </li>
            <li><b>DID of the employee to enable authentication</b>
            </li>
            <li><b>Claims identifying the legal representative</b>
            </li>
            <li><b>The roles and duties of the LEAR</b>
            </li>
            <li><b>Advanced/Qualified signature of the credential</b>
            </li>
        </ul>
        <p>These concepts are elaborated in the following sections.
        </p>
        <section id="claims-identifying-the-employee"><div class="header-wrapper"><h4 id="x2-2-1-claims-identifying-the-employee"><bdi class="secno">2.2.1 </bdi>Claims identifying the employee</h4><a class="self-link" href="#claims-identifying-the-employee" aria-label="Permalink for Section 2.2.1"></a></div>

            <p>These are claims identifying the subject of the credential, the person who will act as LEAR. Each ecosystem can define their own depending on their specific requirements.
            </p>
            <p>In addition, each organisation can specify their own for enabling access to its products/services. However, it is recommended to use a set of claims that are agreed upon by all participants in the ecosystem unless there are specific requirements for not doing so. This includes not only the amount of claims but also their syntax and semantics.
            </p>
            <p>For our example, we use the same that are used for accessing the European Commission portal. The claims in the credential are the digital equivalent of their analog counterparts, displayed here for illustration.
            </p>
            <figure id="lear-appointment-letter-1">
                <p><img src="images/lear-appointment-letter-1.png" alt="" />
                </p>
                <figcaption><a class="self-link" href="#lear-appointment-letter-1">Figure <bdi class="figno">3</bdi></a> <span class="fig-title">LEAR subject identification data.
                </span></figcaption>
            </figure>
            <p>From the above form we can derive the following claims using the example data:
            </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"title"</span>: <span style="color:#d14">"Mr."</span>,
    <span style="color:#000080">"first_name"</span>: <span style="color:#d14">"John"</span>,
    <span style="color:#000080">"last_name"</span>: <span style="color:#d14">"Doe"</span>,
    <span style="color:#000080">"gender"</span>: <span style="color:#d14">"M"</span>,
    <span style="color:#000080">"postal_address"</span>: <span style="color:#d14">""</span>,
    <span style="color:#000080">"email"</span>: <span style="color:#d14">"johndoe@goodair.com"</span>,
    <span style="color:#000080">"telephone"</span>: <span style="color:#d14">""</span>,
    <span style="color:#000080">"fax"</span>: <span style="color:#d14">""</span>,
    <span style="color:#000080">"mobile_phone"</span>: <span style="color:#d14">"+34787426623"</span>
}</pre></td></tr></tbody></table>

        </section>
        <section id="did-of-the-employee"><div class="header-wrapper"><h4 id="x2-2-2-did-of-the-employee"><bdi class="secno">2.2.2 </bdi>DID of the employee</h4><a class="self-link" href="#did-of-the-employee" aria-label="Permalink for Section 2.2.2"></a></div>

            <p>In this example we use the <code>did:key</code> method for the DID of the employee, which provides a very high level of privacy and given the way the LEARCredential is generated it supports the verification of the chain of responsibility with a proper level of guarantee.
            </p>
            <p>If the highest levels of assurance and legal compliance is desired and the employee has an eIDAS certificate for signatures (in this case a personal one, not one like the COO), we could use the <code>elsi:did</code> method for identification of the employee. However, the organisation (GoodAir in our example) should make sure that the employee is aware of and agree to the possible privacy implications of doing so, given the personal details leaked from the eIDAS certificate.
            </p>
            <p>Those personal details are exactly the same as if the employee signs any document with a digital certificate, but care should be taken by the organisation because in this case the signature would be done "on behalf of" his employer and not as an individual personal action.
            </p>
            <p>Even though this is not unique to the <code>did:elsi</code> method, this also implies that the onboarding service has to handle those personal details in the same way as if it would be accepting any other document signed with a certificate for signatures, and ensure compliance with GDPR. This is "business as usual" when using digital signatures, but we want to make sure that this is taken care of when implementing the authentication and access control mechanisms described here.
            </p>
            <p>In this example we assume the usage of the <code>did:key</code> method for the employee to protect his privacy as much as possible.
            </p>
            <p>This DID for the employee is an additional claim to the ones presented above, using the <code>id</code> field in the <code>credentialSubject</code> object.
            </p>
            <p>Using this DID method has an additional advantage: the DID identifier corresponds to a keypair that is generated during the LEARCredential issuance process, where the private key is generated by the wallet of the employee and it is always under his control.
            </p>
            <p>This private key controlled by the employee can be used to sign challenges from Relying Parties that receive the credential to prove that the person sending the credential is the same person that is identified in the <code>credentialSubject</code> object of the LEARCredential.
            </p>
            <p>It is this property that makes this credential a VerifiableID that can be used for online authentication.
            </p>
            <p>An example DID for the employee could be:
            </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"id"</span>: <span style="color:#d14">"did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"</span>
}</pre></td></tr></tbody></table>

            <p>In this example, the signatures performed with the private key can not be JAdES-compliant ([<cite><a class="bibref" data-link-type="biblio" href="#bib-etsi-jades" title="ETSI TS 119 182-1 V1.1.1 (2021-03) - Electronic Signatures and Infrastructures (ESI); JAdES digital signatures; Part 1: Building blocks and JAdES baseline signatures">ETSI-JADES</a></cite>]), but if the LEARCredential is attached to any other credential that is signed with this private key, then they can be traced up to the eIDAS certificate of the COO and so the chain of responsibility can be determined..
            </p>
            <p>With the DID for the employee, the set of claims identifying him would be then:
            </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"id"</span>: <span style="color:#d14">"did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"</span>,
    <span style="color:#000080">"title"</span>: <span style="color:#d14">"Mr."</span>,
    <span style="color:#000080">"first_name"</span>: <span style="color:#d14">"John"</span>,
    <span style="color:#000080">"last_name"</span>: <span style="color:#d14">"Doe"</span>,
    <span style="color:#000080">"gender"</span>: <span style="color:#d14">"M"</span>,
    <span style="color:#000080">"postal_address"</span>: <span style="color:#d14">""</span>,
    <span style="color:#000080">"email"</span>: <span style="color:#d14">"johndoe@goodair.com"</span>,
    <span style="color:#000080">"telephone"</span>: <span style="color:#d14">""</span>,
    <span style="color:#000080">"fax"</span>: <span style="color:#d14">""</span>,
    <span style="color:#000080">"mobile_phone"</span>: <span style="color:#d14">"+34787426623"</span>
}</pre></td></tr></tbody></table>

        </section>
        <section id="legalrepresentative"><div class="header-wrapper"><h4 id="x2-2-3-legalrepresentative"><bdi class="secno">2.2.3 </bdi><code>legalRepresentative</code></h4><a class="self-link" href="#legalrepresentative" aria-label="Permalink for Section 2.2.3"></a></div>

            <p>This section identifies the natural person (the COO) who is a legal representative of the legal person (GoodAir) and that is nominating the employee identified in the credential.
            </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#d14">"legalRepresentative"</span><span style="color:#a61717;background-color:#e3d2d2">:</span> {
    <span style="color:#000080">"cn"</span>: <span style="color:#d14">"56565656V Jesus Ruiz"</span>,
    <span style="color:#000080">"serialNumber"</span>: <span style="color:#d14">"56565656V"</span>,
    <span style="color:#000080">"organizationIdentifier"</span>: <span style="color:#d14">"VATES-12345678"</span>,
    <span style="color:#000080">"o"</span>: <span style="color:#d14">"GoodAir"</span>,
    <span style="color:#000080">"c"</span>: <span style="color:#d14">"ES"</span>
}</pre></td></tr></tbody></table>

            <table style="width:100%;"><tbody><tr><td class="xnotet"><aside class="xnotea"><p class="xnotep">NOTE: Attributes for natural and legal persons</p>
                <p>The attributes for natural persons and legal persons are derived from the <a href="https://ec.europa.eu/digital-building-blocks/wikis/download/attachments/467109280/eidas_saml_attribute_profile_v1.0_2.pdf?version=1&amp;modificationDate=1639417533738&amp;api=v2">eIDAS SAML Attribute Profile (eIDAS Technical Sub-group, 22 June 2015)</a>.
                </p>
                <p>All attributes for the eIDAS minimum data sets can be derived from the <a href="https://ec.europa.eu/isa2/solutions/core-vocabularies_en/">ISA Core Vocabulary</a> and <a href="https://joinup.ec.europa.eu/collection/semic-support-centre/specifications">https://joinup.ec.europa.eu/collection/semic-support-centre/specifications</a>.
                </p>
                <p>In the case of natural persons refer to the <a href="https://joinup.ec.europa.eu/asset/core_person/asset_release/core-person-vocabulary">Core Person Vocabulary</a> and in the case of legal persons refer to definitions for <a href="https://joinup.ec.europa.eu/asset/core_business/asset_release/core-business-vocabulary">Core Business Vocabulary</a>.
                </p>
            </aside></td></tr></tbody></table>
        </section>
        <section id="rolesandduties-of-the-lear"><div class="header-wrapper"><h4 id="x2-2-4-rolesandduties-of-the-lear"><bdi class="secno">2.2.4 </bdi><code>rolesAndDuties</code> of the LEAR</h4><a class="self-link" href="#rolesandduties-of-the-lear" aria-label="Permalink for Section 2.2.4"></a></div>

            <p>The LEARCredential should include a formal description with the roles and duties of the LEAR. This is the digital equivalent to the analog description in our example, which uses natural language:
            </p>
            <figure id="lear-appointment-letter-2">
                <p><img src="images/lear-appointment-letter-2.png" alt="" />
                </p>
                <figcaption><a class="self-link" href="#lear-appointment-letter-2">Figure <bdi class="figno">4</bdi></a> <span class="fig-title">LEAR roles and duties.
                </span></figcaption>
            </figure>
            <table style="width:100%;"><tbody><tr><td class="xnotet"><aside class="xnotea">

                <p>We do not yet have defined the actual mechanism that will be used for describing formally the roles and duties of the LEAR. The way we specify them below is just an example. There is work ongoing to define the detailed mechanism formally (e.g. with ODRL), and it is expected to change. This example is intended only to describe the concepts in detail.
                </p>
            </aside></td></tr></tbody></table>
            <p>The <code>rolesAndDuties</code> object points to an externally hosted object with the roles and duties of the LEAR. This external object can be either a machine-interpretable definition of the roles and duties in the credential, or just an external definition of the roles and duties in natural language. The ideal approach is the first option, expressing the semantics with a proper machine-readable language, because this will allow automatic access control at the granularity of the individual sentences of that expression language. The <code>rolesAndDuties</code> object can also have the definition embedded into it, instead of having a pointer to an external object.
            </p>
            <p>A simplistic implementation of the object inside the credential could be:
            </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#d14">"rolesAndDuties"</span><span style="color:#a61717;background-color:#e3d2d2">:</span> [
    {
        <span style="color:#000080">"type"</span>: <span style="color:#d14">"LEARCredential"</span>,
        <span style="color:#000080">"id"</span>: <span style="color:#d14">"https://dome-marketplace.eu//lear/v1/6484994n4r9e990494"</span>
    }
]</pre></td></tr></tbody></table>

            <p>Where the last part of the url can correspond to the hash of the external linked document to ensure that any modification or tampering can be detected. The contents of that object ata that url could be:
            </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">[
    {
        <span style="color:#000080">"id"</span>: <span style="color:#d14">"https://dome-marketplace.eu//lear/v1/6484994n4r9e990494"</span>,
        <span style="color:#000080">"target"</span>:<span style="color:#d14">"https://bae.dome-marketplace.eu/"</span>
        <span style="color:#d14">"roleNames"</span>: [<span style="color:#d14">"seller"</span>, <span style="color:#d14">"customer"</span>]
    }
]</pre></td></tr></tbody></table>

            <p>In the above example, we have specified that the roles object referenced in the credential with <code>id: https://dome-marketplace.eu//lear/v1/6484994n4r9e990494</code> is granting the employee of GoodAir (in our example) to access services in the DOME marketplace (specified with the field <code>target</code>) with the roles <code>seller</code> and <code>customer</code> (which are the roles of the <a href="https://business-api-ecosystem.readthedocs.io/en/latest/index.html">FIWARE BAE component</a>).
            </p>
            <p>If <code>target</code> is omitted, the roles would apply to any target organisation. If we need to specify more than one target organisation, the array should include as many objects as required.
            </p>
        </section>
        <section id="assembling-the-pieces-together"><div class="header-wrapper"><h4 id="x2-2-5-assembling-the-pieces-together"><bdi class="secno">2.2.5 </bdi>Assembling the pieces together</h4><a class="self-link" href="#assembling-the-pieces-together" aria-label="Permalink for Section 2.2.5"></a></div>

            <p>With the above values for the example, the complete LEARCredential would become something like this:
            </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"@context"</span>: [
        <span style="color:#d14">"https://www.w3.org/2018/credentials/v1"</span>,
        <span style="color:#d14">"https://dome-marketplace.eu//2022/credentials/learcredential/v1"</span>
    ],
    <span style="color:#000080">"id"</span>: <span style="color:#d14">"urn:did:elsi:25159389-8dd17b796ac0"</span>,
    <span style="color:#000080">"type"</span>: [<span style="color:#d14">"VerifiableCredential"</span>, <span style="color:#d14">"LEARCredential"</span>],
    <span style="color:#000080">"issuer"</span>: {
        <span style="color:#000080">"id"</span>: <span style="color:#d14">"did:elsi:VATES-12345678"</span>
    },
    <span style="color:#000080">"issuanceDate"</span>: <span style="color:#d14">"2022-03-22T14:00:00Z"</span>,
    <span style="color:#000080">"validFrom"</span>: <span style="color:#d14">"2022-03-22T14:00:00Z"</span>,
    <span style="color:#000080">"expirationDate"</span>: <span style="color:#d14">"2023-03-22T14:00:00Z"</span>,
    <span style="color:#000080">"credentialSubject"</span>: {
        <span style="color:#000080">"id"</span>: <span style="color:#d14">"did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"</span>,
        <span style="color:#000080">"title"</span>: <span style="color:#d14">"Mr."</span>,
        <span style="color:#000080">"first_name"</span>: <span style="color:#d14">"John"</span>,
        <span style="color:#000080">"last_name"</span>: <span style="color:#d14">"Doe"</span>,
        <span style="color:#000080">"gender"</span>: <span style="color:#d14">"M"</span>,
        <span style="color:#000080">"postal_address"</span>: <span style="color:#d14">""</span>,
        <span style="color:#000080">"email"</span>: <span style="color:#d14">"johndoe@goodair.com"</span>,
        <span style="color:#000080">"telephone"</span>: <span style="color:#d14">""</span>,
        <span style="color:#000080">"fax"</span>: <span style="color:#d14">""</span>,
        <span style="color:#000080">"mobile_phone"</span>: <span style="color:#d14">"+34787426623"</span>,
        <span style="color:#000080">"legalRepresentative"</span>: {
            <span style="color:#000080">"cn"</span>: <span style="color:#d14">"56565656V Jesus Ruiz"</span>,
            <span style="color:#000080">"serialNumber"</span>: <span style="color:#d14">"56565656V"</span>,
            <span style="color:#000080">"organizationIdentifier"</span>: <span style="color:#d14">"VATES-12345678"</span>,
            <span style="color:#000080">"o"</span>: <span style="color:#d14">"GoodAir"</span>,
            <span style="color:#000080">"c"</span>: <span style="color:#d14">"ES"</span>
        },
        <span style="color:#000080">"rolesAndDuties"</span>: [
            {
                <span style="color:#000080">"type"</span>: <span style="color:#d14">"LEARCredential"</span>,
                <span style="color:#000080">"id"</span>: <span style="color:#d14">"https://dome-marketplace.eu//lear/v1/6484994n4r9e990494"</span>
            }
        ]
    }
}</pre></td></tr></tbody></table>

        </section>
    </section>
    <section id="issuing-the-learcredential"><div class="header-wrapper"><h3 id="x2-3-issuing-the-learcredential"><bdi class="secno">2.3 </bdi>Issuing the LEARCredential</h3><a class="self-link" href="#issuing-the-learcredential" aria-label="Permalink for Section 2.3"></a></div>

        <section id="overview"><div class="header-wrapper"><h4 id="x2-3-1-overview"><bdi class="secno">2.3.1 </bdi>Overview</h4><a class="self-link" href="#overview" aria-label="Permalink for Section 2.3.1"></a></div>

            <p>In this example we use what we call a <i>profile</i> of the [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vci" title="OpenID for Verifiable Credential Issuance">OpenID.VCI</a></cite>] protocol. The standard is very flexible, and we restrict the different options available in the standard and implement a set of the options with given values that are adequate for our use case, without impacting flexibility in practice.
            </p>
            <p>The following figure describes the main components that interact in the issuance of a credential in this profile.
            </p>
            <p>The description of the issuance process is general enough to be used for many types of credentials, but the text includes notes describing the concrete application of the process to the case of the LEARCredential.
            </p>
            <figure id="iss-overview">
                <p><img src="images/issuance/issuance_background.svg" alt="" />
                </p>
                <figcaption><a class="self-link" href="#iss-overview">Figure <bdi class="figno">5</bdi></a> <span class="fig-title">Overview of participants.
                </span></figcaption>
            </figure>
            <p><b>End user</b>
            </p>
            <p>This profile is valid for both natural and juridical persons, but because we are focusing on the issuance of the LEARCredential, in the detailed examples below we assume a natural person as the user.
            </p>
            <p><b>Wallet</b>
            </p>
            <p>The wallet is assumed to be a Web application with a wallet backend, maybe implemented as a PWA so it has some offline capabilities and can be installed in the device, providing a user experience similar to a native application. Private key management and most sensitive operations are performed in a backend server, operated by an entity trusted by the end user. Other profiles can support native and completely offline PWA mobile applications, for end users.
            </p>
            <p>This type of wallet supports natural persons, juridical persons and natural persons who are legal entity representatives of juridical persons. For juridical persons the wallet is usually called an <code>enterprise wallet</code> but we will use here just the term <code>wallet</code> unless the distinction is required.
            </p>
            <p>In this profile we assume that the wallet is not previously registered with the Issuer and that the wallet does not expose public endpoints that are called by the Issuer, even if the wallet has a backend server that could implement those endpoints. That makes the wallet implementations in this profile to be very similar in interactions to a full mobile implementation, making migration to a full mobile implementation easier.
            </p>
            <p>In other words, from the point of view of the Issuer, the wallet in this profile is almost indistinguishable from a full mobile wallet.
            </p>
            <p><b>User Laptop</b>
            </p>
            <p>For clarity of exposition, we assume in this profile that the End User starts the interactions with the Issuer with an internet browser (user agent) in her laptop. However, there is nothing in the interactions which limits those interactions to a laptop form factor and the End User can interact with any internet browser in any device (mobile, tablet, kiosk).
            </p>
            <p><b>Issuer</b>
            </p>
            <p>In this profile we assume that the Issuer is composed of two components:
            </p>
            <ul>
                <li><b>Authorization server</b>: the backend component implementing the existing authentication/authorization functionalities for the Issuer entity.
                </li>
                <li><b>Issuer backend</b>: the main server implementing the business logic as a web application and additional backend APIs required for issuance of credentials.
                </li>
            </ul>
            <p>The Issuer backend and the Authorization server could be implemented as a single component in an actual deployment, but we assume here that they are separated to make the profile more general, especially for big entities and also when using Trust Service Providers for cloud signature and credential issuance, for example.
            </p>
            <p><b>Authentication of End User and previous Issuer-End User relationship</b>
            </p>
            <p>We assume that the Issuer and End User have a previous relationship and that the Issuer has performed the KYC required by regulation and needed to be able to issue Verifiable Credentials attesting some attributes about the End User. We assume that there is an existing trusted authentication mechanism (not necessarily related to Verifiable Credentials) that the End User employs to access protected resources from the Issuer. For example, the user is an employee or a customer of the Issuer, or the Issuer is a Local Administration and the End User is a citizen living in that city.
            </p>
        </section>
        <section id="authentication"><div class="header-wrapper"><h4 id="x2-3-2-authentication"><bdi class="secno">2.3.2 </bdi>Authentication</h4><a class="self-link" href="#authentication" aria-label="Permalink for Section 2.3.2"></a></div>

            <figure id="iss-authentication">
                <p><img src="images/issuance/issuance_authentication.svg" alt="" />
                </p>
                <figcaption><a class="self-link" href="#iss-authentication">Figure <bdi class="figno">6</bdi></a> <span class="fig-title">Issuance authentication.
                </span></figcaption>
            </figure>
            <p>Before requesting a new credential, the End User has to authenticate with the Issuer with whatever mechanism is already implemented by the Issuer. This profile does not require that it is based on OIDC, Verifiable Credentials or any other specific mechanism.
            </p>
            <p>The level of assurance (LoA) of this authentication mechanism is one of the factors that will determine the confidence that the Verifiers can have on the credentials received by them from a given Issuer.
            </p>
            <table style="width:100%;"><tbody><tr><td class="xnotet"><aside class="xnotea"><p class="xnotep">NOTE: LEARCredential</p>
                <p>In the case of the LEARCredential, the End User (John Doe) is an employee of GoodAir and in order to receive the credential John first has to authenticate into the company systems using whatever mechanism GoodAir uses for employee authentication.
                </p>
                <p>Being a modern company, GoodAir uses Verifiable Credentials IAM but this is not a requirement for the issuance of the LEARCredential.
                </p>
            </aside></td></tr></tbody></table>
        </section>
        <section id="credential-offer"><div class="header-wrapper"><h4 id="x2-3-3-credential-offer"><bdi class="secno">2.3.3 </bdi>Credential Offer</h4><a class="self-link" href="#credential-offer" aria-label="Permalink for Section 2.3.3"></a></div>

            <figure id="iss-credentialoffer">
                <p><img src="images/issuance/issuance_credentialoffer.svg" alt="" />
                </p>
                <figcaption><a class="self-link" href="#iss-credentialoffer">Figure <bdi class="figno">7</bdi></a> <span class="fig-title">Credential offer.
                </span></figcaption>
            </figure>
            <p>In this profile the wallet does not have to implement the Credential Offer Endpoint described in section 4 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vci" title="OpenID for Verifiable Credential Issuance">OpenID.VCI</a></cite>].
            </p>
            <p>Instead, the Credential Issuer renders a QR code containing a reference to the Credential Offer that can be scanned by the End-User using a Wallet, as described in section 4.1 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vci" title="OpenID for Verifiable Credential Issuance">OpenID.VCI</a></cite>].
            </p>
            <p>According to the spec, the Credential Offer object is a JSON object containing the Credential Offer parameters and can be sent by value or by reference. To avoid problems with the size of the QR travelling in the URL, this profile requires that the QR contains the <code>credential_offer_uri</code>, which is a URL using the <code>https</code> scheme referencing a resource containing a JSON object with the Credential Offer parameters. The <code>credential_offer_uri</code> endpoint should be implemented by the Issuer backend.
            </p>
            <section id="credential-offer-parameters"><div class="header-wrapper"><h5 id="x2-3-3-1-credential-offer-parameters"><bdi class="secno">2.3.3.1 </bdi>Credential Offer Parameters</h5><a class="self-link" href="#credential-offer-parameters" aria-label="Permalink for Section 2.3.3.1"></a></div>

                <p>This profile restricts the options available in section 4.1.1 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vci" title="OpenID for Verifiable Credential Issuance">OpenID.VCI</a></cite>]. The profile defines a Credential Offer object containing the following parameters:
                </p>
                <ul>
                    <li><code>credential_issuer</code>: <em class="rfc2119">REQUIRED</em>. The URL of the Credential Issuer that will be used by the Wallet to obtain one or more Credentials.
                    </li>
                    <li><code>credentials</code>: <em class="rfc2119">REQUIRED</em>. A JSON array, where every entry is a JSON string. To achieve interoperability faster, this profile defines a global Trusted Credential Schemas List where well-known credential schemas are defined, in addition to the individual credentials that each Issuer can define themselves. The string value <em class="rfc2119">MUST</em> be one of the id values in one of the objects in the <code>credentials_supported</code> metadata parameter of the Trusted Credential Schemas List (described later), or one of the id values in one of the objects in the <code>credentials_supported</code> Credential Issuer metadata parameter provided by the Credential Issuer. When processing, the Wallet <em class="rfc2119">MUST</em> resolve this string value to the respective object. The credentials defined in the global Trusted Credential Schema List have precedence over the ones defined by the Credential Issuer.
                        <div>
                        <table style="width:100%;"><tbody><tr><td class="xnotet"><aside class="xnotea"><p class="xnotep">NOTE: LEARCredential</p>
                            <p>The only credential being offered in our case is the LEARCredential, so this is the credential schema that should be specified here. The LEARCredential is a credential known globally to the DOME ecosystem, so its schema should be published and be available in the Trusted Credential Schemas List.
                            </p>
                        </aside></td></tr></tbody></table>
                        </div>
                    </li>
                    <li><code>grants</code>: <em class="rfc2119">REQUIRED</em>. A JSON object indicating to the Wallet the Grant Type <code>pre-authorized_code</code>. This grant is represented by a key and an object, where the key is <code>urn:ietf:params:oauth:grant-type:pre-authorized_code</code>. In this profile the credential issuance flow requires initial authentication of the End User by the Credential Issuer, so the Pre-Authorized Code Flow achieves a good level of security and we do not need the more general Authorization Code Flow.
                        <div>
                        <p>In other scenarios like when the wallet is a native mobile application and the user interacts with the Issuer exclusively with the mobile (without the laptop), then the Authorization Code Flow has to be used. This can be described in detail in a different profile.
                        </p>
                        </div>
                    </li>
                </ul>
                <p>The grant object contains the following values:
                </p>
                <ul>
                    <li><code>pre-authorized_code</code>: <em class="rfc2119">REQUIRED</em>. The code representing the Credential Issuer's authorization for the Wallet to obtain Credentials of a certain type. This code <em class="rfc2119">MUST</em> be short lived and single-use. This parameter value <em class="rfc2119">MUST</em> be included in the subsequent Token Request with the Pre-Authorized Code Flow.
                    </li>
                    <li><code>user_pin_required</code>: <em class="rfc2119">REQUIRED</em>. The [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vci" title="OpenID for Verifiable Credential Issuance">OpenID.VCI</a></cite>] standard says it is <em class="rfc2119">RECOMMENDED</em>, but this profile specifies the user pin to achieve a greater level of security. This field is a boolean value specifying whether the Credential Issuer expects presentation of a user PIN along with the Token Request in a Pre-Authorized Code Flow. Default is false. This PIN is intended to bind the Pre-Authorized Code to a certain transaction in order to prevent replay of this code by an attacker that, for example, scanned the QR code while standing behind the legit user. It is <em class="rfc2119">RECOMMENDED</em> to send a PIN via a separate channel. The PIN value <em class="rfc2119">MUST</em> be sent in the <code>user_pin</code> parameter with the respective Token Request.
                    </li>
                </ul>
                <p>The following non-normative example shows a Credential Offer object where the Credential Issuer offers the issuance of one Credential ("LEARCredential"):
                </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"credential_issuer"</span>: <span style="color:#d14">"https://www.goodair.com"</span>,
    <span style="color:#000080">"credentials"</span>: [
        <span style="color:#d14">"LEARCredential"</span>
    ],
    <span style="color:#000080">"grants"</span>: {
        <span style="color:#000080">"urn:ietf:params:oauth:grant-type:pre-authorized_code"</span>: {
            <span style="color:#000080">"pre-authorized_code"</span>: <span style="color:#d14">"asju68jgtyk9ikkew"</span>,
            <span style="color:#000080">"user_pin_required"</span>: <span style="color:#000;font-weight:bold">true</span>
        }
    }
}</pre></td></tr></tbody></table>

            </section>
            <section id="contents-of-the-qr-code"><div class="header-wrapper"><h5 id="x2-3-3-2-contents-of-the-qr-code"><bdi class="secno">2.3.3.2 </bdi>Contents of the QR code</h5><a class="self-link" href="#contents-of-the-qr-code" aria-label="Permalink for Section 2.3.3.2"></a></div>

                <p>Below is a non-normative example of the Credential Offer displayed by the Credential Issuer as a QR code when the Credential Offer is passed by reference, as required in this profile:
                </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#008080">https://www.goodair.com/credential-offer?</span>
<span style="color:#008080">credential_offer_uri</span><span style="color:#000;font-weight:bold">=</span><span style="color:#d14">https%3A%2F%2Fserver%2Eexample%2Ecom%2Fcredential-offer%2F5j349k3e3n23j</span></pre></td></tr></tbody></table>

                <p>Which in plain text would be:
                </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#008080">https://www.goodair.com/credential-offer?</span>
<span style="color:#008080">credential_offer_uri</span><span style="color:#000;font-weight:bold">=</span><span style="color:#d14">https://www.goodair.com/credential-offer/5j349k3e3n23j</span></pre></td></tr></tbody></table>

                <p>To increase security, the Issuer <em class="rfc2119">MUST</em> make sure that every Credential Offer URI is unique for all credential offers created. This is the purpose of the nonce (<code>5j349k3e3n23j</code>) at the end of the url in the example. Issuers can implement whatever mechanism they wish, as far as it is transparent to the wallet.
                </p>
            </section>
        </section>
        <section id="credential-issuer-metadata"><div class="header-wrapper"><h4 id="x2-3-4-credential-issuer-metadata"><bdi class="secno">2.3.4 </bdi>Credential Issuer Metadata</h4><a class="self-link" href="#credential-issuer-metadata" aria-label="Permalink for Section 2.3.4"></a></div>

            <p>The Wallet backend retrieves the Credential Issuer's configuration using the Credential Issuer Identifier that was received in the Credential Offer.
            </p>
            <p>A Credential Issuer is identified in this context by a case sensitive URL using the https scheme that contains scheme, host and, optionally, port number and path components, but no query or fragment components. No DID is used in this context.
            </p>
            <p>Credential Issuers <em class="rfc2119">MUST</em> make a JSON document available at the path formed by concatenating the string <code>/.well-known/openid-credential-issuer</code> to the Credential Issuer Identifier. If the Credential Issuer value contains a path component, any terminating / <em class="rfc2119">MUST</em> be removed before appending <code>/.well-known/openid-credential-issuer</code>.
            </p>
            <p><code>openid-credential-issuer</code> <em class="rfc2119">MUST</em> point to a JSON document compliant with this specification and <em class="rfc2119">MUST</em> be returned using the <code>application/json</code> content type.
            </p>
            <p>The retrieval of the Credential Issuer configuration is illustrated below.
            </p>
            <figure id="iss-issuermetadata">
                <p><img src="images/issuance/issuance_issuermetadata.svg" alt="" />
                </p>
                <figcaption><a class="self-link" href="#iss-issuermetadata">Figure <bdi class="figno">8</bdi></a> <span class="fig-title">Issuer metadata.
                </span></figcaption>
            </figure>
            <section id="credential-issuer-metadata-parameters"><div class="header-wrapper"><h5 id="x2-3-4-1-credential-issuer-metadata-parameters"><bdi class="secno">2.3.4.1 </bdi>Credential Issuer Metadata Parameters</h5><a class="self-link" href="#credential-issuer-metadata-parameters" aria-label="Permalink for Section 2.3.4.1"></a></div>

                <p>The object contained in <code>openid-credential-issuer</code> contains the following:
                </p>
                <ul>
                    <li><code>credential_issuer</code>: <em class="rfc2119">REQUIRED</em>. The Credential Issuer's identifier.
                    </li>
                    <li><code>credential_endpoint</code>: <em class="rfc2119">REQUIRED</em>. URL of the Credential Issuer's Credential Endpoint. This URL <em class="rfc2119">MUST</em> use the https scheme and <em class="rfc2119">MAY</em> contain port, path and query parameter components.
                    </li>
                    <li><code>credentials_supported</code>: <em class="rfc2119">REQUIRED</em>. A JSON array containing a list of JSON objects, each of them representing metadata about a separate credential type that the Credential Issuer can issue. The JSON objects in the array <em class="rfc2119">MUST</em> conform to the structure of the Section XXXX.
                    </li>
                </ul>
                <p>TODO: define a global directory of credentials supported to eliminate requirement for each individual Issuer to publish its own list.
                </p>
                <p>This profile does not make use of the following parameters:
                </p>
                <ul>
                    <li><code>authorization_server</code> parameter, because it uses the <code>pre-authorized_code</code> Grant type.
                    </li>
                    <li><code>batch_credential_endpoint</code> parameter. It indicates that the Credential Issuer does not support the Batch Credential Endpoint.
                    </li>
                    <li><code>display</code> parameter.
                    </li>
                </ul>
            </section>
        </section>
        <section id="oauth-2-0-authorization-server-metadata"><div class="header-wrapper"><h4 id="x2-3-5-oauth-2-0-authorization-server-metadata"><bdi class="secno">2.3.5 </bdi>OAuth 2.0 Authorization Server Metadata</h4><a class="self-link" href="#oauth-2-0-authorization-server-metadata" aria-label="Permalink for Section 2.3.5"></a></div>

            <p>This specification also defines a new OAuth 2.0 Authorization Server metadata [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc8414" title="OAuth 2.0 Authorization Server Metadata">RFC8414</a></cite>] parameter to publish whether the AS that the Credential Issuer relies on for authorization, supports anonymous Token Requests with the Pre-authorized Grant Type. It is defined as follows:
            </p>
            <ul>
                <li><code>pre-authorized_grant_anonymous_access_supported</code>: <em class="rfc2119">OPTIONAL</em>. A JSON Boolean indicating whether the issuer accepts a Token Request with a Pre-Authorized Code but without a client id. The default is false.
                </li>
            </ul>
        </section>
        <section id="access-token"><div class="header-wrapper"><h4 id="x2-3-6-access-token"><bdi class="secno">2.3.6 </bdi>Access Token</h4><a class="self-link" href="#access-token" aria-label="Permalink for Section 2.3.6"></a></div>

            <figure id="issuance_accesstoken">
                <p><img src="images/issuance/issuance_accesstoken.svg" alt="" />
                </p>
                <figcaption><a class="self-link" href="#issuance_accesstoken">Figure <bdi class="figno">9</bdi></a> <span class="fig-title">Access Token.
                </span></figcaption>
            </figure>
            <p>The Wallet invokes the Token Endpoint implemented by the Authorization Server, which issues an Access Token and, optionally, a Refresh Token in exchange for the Pre-authorized Code that the wallet obtained in the Credential Offer.
            </p>
            <section id="token-request"><div class="header-wrapper"><h5 id="x2-3-6-1-token-request"><bdi class="secno">2.3.6.1 </bdi>Token Request</h5><a class="self-link" href="#token-request" aria-label="Permalink for Section 2.3.6.1"></a></div>

                <p>After the wallet receives the Credential Issuer Metadata, a Token Request is made as defined in Section 4.1.3 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc6749" title="The OAuth 2.0 Authorization Framework">RFC6749</a></cite>].
                </p>
                <p>The following are the extension parameters to the Token Request used in a Pre-Authorized Code Flow as used in this profile:
                </p>
                <ul>
                    <li><code>pre-authorized_code</code>: <em class="rfc2119">REQUIRED</em>. The code representing the authorization to obtain Credentials of a certain type.
                    </li>
                    <li><code>user_pin</code>: <em class="rfc2119">OPTIONAL</em>. String value containing a user PIN. This value <em class="rfc2119">MUST</em> be present if user_pin_required was set to true in the Credential Offer. The string value <em class="rfc2119">MUST</em> consist of a maximum of 8 numeric characters (the numbers 0 - 9).
                    </li>
                </ul>
                <p>In this profile the Wallet does not have to authenticate when using the Token Endpoint, because we are using the Pre-Authorized Code Grant Type, given the level of trust between the Issuer and the End User and that authentication was already performed at the beginning of the flow.
                </p>
                <p>Below is a non-normative example of a Token Request:
                </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#900;font-weight:bold">POST</span> <span style="color:#555">/token</span> <span style="color:#000;font-weight:bold">HTTP</span><span style="color:#000;font-weight:bold">/</span><span style="color:#099">1.1</span>
Host<span style="color:#000;font-weight:bold">:</span> server.example.com
Content-Type<span style="color:#000;font-weight:bold">:</span> application/x-www-form-urlencoded

grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Apre-authorized_code
&amp;pre-authorized_code=SplxlOBeZQQYbYS6WxSbIA
&amp;user_pin=493536</pre></td></tr></tbody></table>

            </section>
            <section id="successful-token-response"><div class="header-wrapper"><h5 id="x2-3-6-2-successful-token-response"><bdi class="secno">2.3.6.2 </bdi>Successful Token Response</h5><a class="self-link" href="#successful-token-response" aria-label="Permalink for Section 2.3.6.2"></a></div>

                <p>Token Responses are made as defined in [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc6749" title="The OAuth 2.0 Authorization Framework">RFC6749</a></cite>].
                </p>
                <p>In addition to the response parameters defined in [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc6749" title="The OAuth 2.0 Authorization Framework">RFC6749</a></cite>], the Authorization Server returns the following parameters:
                </p>
                <ul>
                    <li><code>c_nonce</code>: <em class="rfc2119">REQUIRED</em>. JSON string containing a nonce to be used to create a proof of possession of key material when requesting a Credential. The Wallet <em class="rfc2119">MUST</em> use this nonce value for its subsequent credential requests until the Credential Issuer provides a fresh nonce.
                    </li>
                    <li><code>c_nonce_expires_in</code>: <em class="rfc2119">REQUIRED</em>. JSON integer denoting the lifetime in seconds of the c_nonce.
                    </li>
                </ul>
                <p>Below is a non-normative example of a Token Response:
                </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#000;font-weight:bold">HTTP</span><span style="color:#000;font-weight:bold">/</span><span style="color:#099">1.1</span> <span style="color:#099">200</span> <span style="color:#900;font-weight:bold">OK</span>
Content-Type<span style="color:#000;font-weight:bold">:</span> application/json
Cache-Control<span style="color:#000;font-weight:bold">:</span> no-store

{
    <span style="color:#000080">"access_token"</span>: <span style="color:#d14">"eyJhbGciOiJSUzI1NiIsInR5cCI6Ikp..sHQ"</span>,
    <span style="color:#000080">"token_type"</span>: <span style="color:#d14">"bearer"</span>,
    <span style="color:#000080">"expires_in"</span>: <span style="color:#099">86400</span>,
    <span style="color:#000080">"c_nonce"</span>: <span style="color:#d14">"tZignsnFbp"</span>,
    <span style="color:#000080">"c_nonce_expires_in"</span>: <span style="color:#099">86400</span>
}</pre></td></tr></tbody></table>

            </section>
            <section id="token-error-response"><div class="header-wrapper"><h5 id="x2-3-6-3-token-error-response"><bdi class="secno">2.3.6.3 </bdi>Token Error Response</h5><a class="self-link" href="#token-error-response" aria-label="Permalink for Section 2.3.6.3"></a></div>

                <p>If the Token Request is invalid or unauthorised, the Authorization Server constructs the error response as defined in section 6.3 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vci" title="OpenID for Verifiable Credential Issuance">OpenID.VCI</a></cite>].
                </p>
            </section>
        </section>
        <section id="request-and-receive-credential"><div class="header-wrapper"><h4 id="x2-3-7-request-and-receive-credential"><bdi class="secno">2.3.7 </bdi>Request and receive Credential</h4><a class="self-link" href="#request-and-receive-credential" aria-label="Permalink for Section 2.3.7"></a></div>

            <figure id="issuance_requestcredential">
                <p><img src="images/issuance/issuance_requestcredential.svg" alt="" />
                </p>
                <figcaption><a class="self-link" href="#issuance_requestcredential">Figure <bdi class="figno">10</bdi></a> <span class="fig-title">Request and receive Credential.
                </span></figcaption>
            </figure>
            <p>The Wallet backend invokes the Credential Endpoint, which issues a Credential as approved by the End-User upon presentation of a valid Access Token representing this approval.
            </p>
            <p>Communication with the Credential Endpoint <em class="rfc2119">MUST</em> utilise TLS.
            </p>
            <p>The client can request issuance of a Credential of a certain type multiple times, e.g., to associate the Credential with different public keys/Decentralised Identifiers (DIDs) or to refresh a certain Credential.
            </p>
            <p>If the Access Token is valid for requesting issuance of multiple Credentials, it is at the client's discretion to decide the order in which to request issuance of multiple Credentials requested in the Authorization Request.
            </p>
            <section id="binding-the-issued-credential-to-the-identifier-of-the-end-user-possessing-that-credential"><div class="header-wrapper"><h5 id="x2-3-7-1-binding-the-issued-credential-to-the-identifier-of-the-end-user-possessing-that-credential"><bdi class="secno">2.3.7.1 </bdi>Binding the Issued Credential to the identifier of the End-User possessing that Credential</h5><a class="self-link" href="#binding-the-issued-credential-to-the-identifier-of-the-end-user-possessing-that-credential" aria-label="Permalink for Section 2.3.7.1"></a></div>

                <p>The Issued Credential <em class="rfc2119">MUST</em> be cryptographically bound to the identifier of the End-User who possesses the Credential. Cryptographic binding allows the Verifier to verify during the presentation of a Credential that the End-User presenting a Credential is the same End-User to whom that Credential was issued.
                </p>
                <p>The Wallet has to provide proof of control alongside key material using the mechanism described below.
                </p>
            </section>
            <section id="credential-request"><div class="header-wrapper"><h5 id="x2-3-7-2-credential-request"><bdi class="secno">2.3.7.2 </bdi>Credential Request</h5><a class="self-link" href="#credential-request" aria-label="Permalink for Section 2.3.7.2"></a></div>

                <p>The Wallet backend makes a Credential Request to the Credential Endpoint by sending the following parameters in the entity-body of an HTTP POST request using the <code>application/json</code> media type.
                </p>
                <ul>
                    <li><code>format</code>: <em class="rfc2119">REQUIRED</em>. This profile uses the Credential format identifier <code>jwt_vc_json</code>.
                    </li>
                    <li><code>proof</code>: <em class="rfc2119">OPTIONAL</em>. JSON object containing proof of possession of the key material the issued Credential shall be bound to. The specification envisions use of different types of proofs for different cryptographic schemes. The proof object <em class="rfc2119">MUST</em> contain a <code>proof_type</code> claim of type JSON string denoting the concrete proof type. This type determines the further claims in the proof object and its respective processing rules. Proof types are defined in Section <a href="#proof_type" data-matched-text="[[[#proof_type]]]" class="sec-ref"><bdi class="secno">2.3.7.2.1 </bdi>Proof Type</a>.
                    </li>
                </ul>
                <p>The proof element <em class="rfc2119">MUST</em> incorporate a <code>c_nonce</code> value generated by the Credential Issuer and the Credential Issuer Identifier (audience) to allow the Credential Issuer to detect replay. The way that data is incorporated depends on the proof type. In a JWT, for example, the <code>c_nonce</code> is conveyed in the <code>nonce</code> claim whereas the audience is conveyed in the <code>aud</code> claim. In a Linked Data proof, for example, the <code>c_nonce</code> is included as the challenge element in the proof object and the Credential Issuer (the intended audience) is included as the domain element.
                </p>
                <section id="proof_type"><div class="header-wrapper"><h6 id="x2-3-7-2-1-proof-type"><bdi class="secno">2.3.7.2.1 </bdi>Proof Type</h6><a class="self-link" href="#proof_type" aria-label="Permalink for Section 2.3.7.2.1"></a></div>

                    <p>This specification defines only one value for <code>proof_type</code>:
                    </p>
                    <p><code>jwt</code>: objects of this type contain a single jwt element with a JWS [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc7515" title="JSON Web Signature (JWS)">RFC7515</a></cite>] as proof of possession. The JWT <em class="rfc2119">MUST</em> contain the following elements:
                        </p><ul>
                            <li>in the JOSE Header,
                                <div>
                                <ul>
                                    <li><code>typ</code>: <em class="rfc2119">REQUIRED</em>. <em class="rfc2119">MUST</em> be <code>openid4vci-proof+jwt</code>, which explicitly types the proof JWT as recommended in Section 3.11 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc8725" title="JSON Web Token Best Current Practices">RFC8725</a></cite>].
                                    </li>
                                    <li><code>alg</code>: <em class="rfc2119">REQUIRED</em>. A digital signature algorithm identifier such as per IANA "JSON Web Signature and Encryption Algorithms" registry. <em class="rfc2119">MUST NOT</em> be none or an identifier for a symmetric algorithm (MAC).
                                    </li>
                                    <li><code>kid</code>: <em class="rfc2119">REQUIRED</em>. JOSE Header containing the key ID. The Credential will be bound to a DID, so the kid refers to a DID URL which identifies a particular key in the DID Document that the Credential will be bound to.
                                    </li>
                                </ul>
                                </div>
                            </li>
                            <li>in the JWT body,
                                <div>
                                <ul>
                                    <li><code>aud</code>: <em class="rfc2119">REQUIRED</em> (string). The value of this claim <em class="rfc2119">MUST</em> be the Credential Issuer URL of the Credential Issuer.
                                    </li>
                                    <li><code>iat</code>: <em class="rfc2119">REQUIRED</em> (number). The value of this claim <em class="rfc2119">MUST</em> be the time at which the proof was issued using the syntax defined in [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc7519" title="JSON Web Token (JWT)">RFC7519</a></cite>].
                                    </li>
                                    <li><code>nonce</code>: <em class="rfc2119">REQUIRED</em> (string). The value type of this claim <em class="rfc2119">MUST</em> be a string, where the value is the <code>c_nonce</code> provided by the Credential Issuer.
                                    </li>
                                </ul>
                                </div>
                            </li>
                        </ul>
                    <p></p>
                    <p>The Credential Issuer <em class="rfc2119">MUST</em> validate that the proof is actually signed by a key identified in the JOSE Header.
                    </p>
                    <p>Below is a non-normative example of a proof parameter (dots in the middle of jwt for display purposes only), for the example of issuing a LEARCredential:
                    </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"proof_type"</span>: <span style="color:#d14">"jwt"</span>,
    <span style="color:#000080">"jwt"</span>: <span style="color:#d14">"eyJraWQiOiJkaWQ6ZXhhb....aZKPxgihac0aW9EkL1nOzM"</span>
}</pre></td></tr></tbody></table>

                    <p>where the JWT looks like this:
                    </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"typ"</span>: <span style="color:#d14">"openid4vci-proof+jwt"</span>,
    <span style="color:#000080">"alg"</span>: <span style="color:#d14">"ES256"</span>,
    <span style="color:#000080">"kid"</span>:<span style="color:#d14">"did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"</span>
}

{
    <span style="color:#000080">"iss"</span>: <span style="color:#d14">"s6BhdRkqt3"</span>,
    <span style="color:#000080">"aud"</span>: <span style="color:#d14">"https://www.goodair.com"</span>,
    <span style="color:#000080">"iat"</span>: <span style="color:#099">1659145924</span>,
    <span style="color:#000080">"nonce"</span>: <span style="color:#d14">"tZignsnFbp"</span>
}</pre></td></tr></tbody></table>

                    <p>In the example of a LEARCredential, the wallet generates a pair of public/private keys and a <code>did:key</code> identifier which is univocally related to the public key. This is the reason why the <code>kid</code> field above is exactly the DID identifier under this DID method. The <code>did:key</code> method is very simple and achieves a very high degree of privacy, allowing the creation of many different identifiers which can be one-use only if so desired.
                    </p>
                    <p>The <code>did:key</code> method is perfect for the requirements of our usage of the LEARCredential. Any other suitable DID method can be used if it is required, but this is out of scope for this profile.
                    </p>
                </section>
            </section>
            <section id="credential-response"><div class="header-wrapper"><h5 id="x2-3-7-3-credential-response"><bdi class="secno">2.3.7.3 </bdi>Credential Response</h5><a class="self-link" href="#credential-response" aria-label="Permalink for Section 2.3.7.3"></a></div>

                <p>This profile restricts Credential Response to be Synchronous and Deferred response is not used. The Credential Issuer <em class="rfc2119">MUST</em> be able to immediately issue a requested Credential and send it to the Client.
                </p>
                <p>The following claims are used in the Credential Response:
                </p>
                <ul>
                    <li><code>format</code>: <em class="rfc2119">REQUIRED</em>. JSON string denoting the format of the issued Credential. This profile uses the format identifier <code>jwt_vc_json</code>.
                    </li>
                    <li><code>credential</code>: <em class="rfc2119">REQUIRED</em>. Contains issued Credential. <em class="rfc2119">MUST</em> be a JSON string.
                    </li>
                    <li><code>c_nonce</code>: <em class="rfc2119">OPTIONAL</em>. JSON string containing a nonce to be used to create a proof of possession of key material when requesting a Credential. When received, the Wallet <em class="rfc2119">MUST</em> use this nonce value for its subsequent credential requests until the Credential Issuer provides a fresh nonce.
                    </li>
                    <li><code>c_nonce_expires_in</code>: <em class="rfc2119">OPTIONAL</em>. JSON integer denoting the lifetime in seconds of the c_nonce.
                    </li>
                </ul>
                <p>Below is a non-normative example of a Credential Response:
                </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#000;font-weight:bold">HTTP</span><span style="color:#000;font-weight:bold">/</span><span style="color:#099">1.1</span> <span style="color:#099">200</span> <span style="color:#900;font-weight:bold">OK</span>
Content-Type<span style="color:#000;font-weight:bold">:</span> application/json
Cache-Control<span style="color:#000;font-weight:bold">:</span> no-store

{
    <span style="color:#000080">"format"</span>: <span style="color:#d14">"jwt_vc_json"</span>,
    <span style="color:#000080">"credential"</span> : <span style="color:#d14">"LUpixVCWJk0eOt4CXQe1NXK....WZwmhmn9OQp6YxX0a2L"</span>,
    <span style="color:#000080">"c_nonce"</span>: <span style="color:#d14">"fGFF7UkhLa"</span>,
    <span style="color:#000080">"c_nonce_expires_in"</span>: <span style="color:#099">86400</span>
}</pre></td></tr></tbody></table>

            </section>
            <section id="credential-error-response"><div class="header-wrapper"><h5 id="x2-3-7-4-credential-error-response"><bdi class="secno">2.3.7.4 </bdi>Credential Error Response</h5><a class="self-link" href="#credential-error-response" aria-label="Permalink for Section 2.3.7.4"></a></div>

                <p>When the Credential Request is invalid or unauthorised, the Credential Issuer constructs the error response as defined in section 7.3.1 of OIDCVCI.
                </p>
            </section>
            <section id="credential-issuer-provided-nonce"><div class="header-wrapper"><h5 id="x2-3-7-5-credential-issuer-provided-nonce"><bdi class="secno">2.3.7.5 </bdi>Credential Issuer Provided Nonce</h5><a class="self-link" href="#credential-issuer-provided-nonce" aria-label="Permalink for Section 2.3.7.5"></a></div>

                <p>Upon receiving a Credential Request, the Credential Issuer <em class="rfc2119">MUST</em> require the Wallet to send a proof of possession of the key material it wants a Credential to be bound to. This proof <em class="rfc2119">MUST</em> incorporate a nonce generated by the Credential Issuer. The Credential Issuer will provide the client with a nonce in an error response to any Credential Request not including such a proof or including an invalid proof.
                </p>
                <p>Below is a non-normative example of a Credential Response with the Credential Issuer requesting a Wallet to provide in a subsequent Credential Request a proof that is bound to a <code>c_nonce</code>:
                </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#000;font-weight:bold">HTTP</span><span style="color:#000;font-weight:bold">/</span><span style="color:#099">1.1</span> <span style="color:#099">400</span> <span style="color:#900;font-weight:bold">Bad Request</span>
Content-Type<span style="color:#000;font-weight:bold">:</span> application/json
Cache-Control<span style="color:#000;font-weight:bold">:</span> no-store

{
    <span style="color:#000080">"error"</span>: <span style="color:#d14">"invalid_or_missing_proof"</span>,
    <span style="color:#000080">"error_description"</span>:
        <span style="color:#d14">"Credential Issuer requires proof to be bound to a Credential Issuer provided nonce."</span>,
    <span style="color:#000080">"c_nonce"</span>: <span style="color:#d14">"8YE9hCnyV2"</span>,
    <span style="color:#000080">"c_nonce_expires_in"</span>: <span style="color:#099">86400</span>
}</pre></td></tr></tbody></table>

            </section>
        </section>
    </section>
    <section id="authenticating-with-verifiable-credentials"><div class="header-wrapper"><h3 id="x2-4-authenticating-with-verifiable-credentials"><bdi class="secno">2.4 </bdi>Authenticating with Verifiable Credentials</h3><a class="self-link" href="#authenticating-with-verifiable-credentials" aria-label="Permalink for Section 2.4"></a></div>

        <section id="overview-0"><div class="header-wrapper"><h4 id="x2-4-1-overview"><bdi class="secno">2.4.1 </bdi>Overview</h4><a class="self-link" href="#overview-0" aria-label="Permalink for Section 2.4.1"></a></div>

            <p>Authentication requires a special type of Verifiable Credential called a VerifiableID. For the examples illustrating the mechanism we will use a LEARCredential, which is at the same time a VerifiableId and a Verifiable Authorization.
            </p>
            <p>For the explanation we will use the following figure which is based on <cite><a data-matched-text="[[[NIST-AUTH]]]" href="https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-178.pdf">NIST Special Publication 800-178: A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications</a></cite> which describes a reference architecture with necessary functional components to achieve authentication and enforcement of the authorization policies. The authorization process depends on four layers of functionality: <b>Enforcement</b>, <b>Decision</b>, <b>Access Control Data</b>, and <b>Administration</b>.
            </p>
            <p>The diagram uses the logical concepts also used in the XACML reference architecture, but the description is agnostic to the actual policy language used in a concrete implementation.
            </p>
            <p>In this description we assume that the user is a natural person who wants to access a protected resource. However, the architecture supports machine-to-machine (M2M) interactions. The differences will be described in the description when they are relevant.
            </p>
            <figure id="fig-architecture-overview"><img src="images/login_in_DOME/authn_architecture_numbered.drawio.png" />
            <figcaption><a class="self-link" href="#fig-architecture-overview">Figure <bdi class="figno">11</bdi></a> <span class="fig-title">Architecture overview</span></figcaption></figure>
            <p>The high level flow is the following:
            </p>
            <ul class="plain">
                <li id="1038.1"><a href="#1038.1" class="selfref"><b>1</b></a> The user sends a request to access a protected resource managed by the Relying Party.

                </li>
                <li id="1040.2"><a href="#1040.2" class="selfref"><b>2</b></a> Every request to a protected resource is intercepted by the PEP (Policy Enforcement Point). The PEP is normally implemented as a reverse proxy or API gateway, so all calls to protected resources entering the organisation are intercepted and forwarded only if they are accepted. If the request does not come with authentication information, there are several high level scenarios which are possible:

                    <div>
                    <ul>
                        <li>If the user is a machine using an API, the request is rejected with an error. The caller is responsible for authenticating before retrying, which can be done using the metadata about the Relying Party available at the standard OpenID endpoints.
                        </li>
                        <li>If the user is a natural person using a browser for navigating the portal of the Relying Party, the typical approach is to redirect the browser to the authentication component using an HTTP Status of 302. The redirection includes enough information so the authentication component can send back the user to the original request if the user completes authentication successfully.
                        </li>
                    </ul>
                    </div>
                    <div>
                    <p>Alternatively, the request can include authentication information which has been obtained before via an authentication process. If this is the case, the PEP goes directly into the authentication phase, described later in section <a href="#accesscontrol" class="xref">Access control with Verifiable Credentials</a>.
                    </p>
                    </div>
                </li>
                <li id="1049.3"><a href="#1049.3" class="selfref"><b>3</b></a> The user is redirected to the authentication component. As mentioned before, alternatively the authorization component can be accessed directly by the user before trying to access the protected resource. This would be the expected behaviour of a user who knows that authentication is required. The mechanism described here supports all possible scenarios both for natural persons and machines.

                    <div>
                    <p>An example flow with a natural person would be: The user navigates first to a general Login page in the portal of the Relying Party and authenticates. After authentication the portal presents a collection of services that the user can access. The user selects one of the services/operations and the Relying Party executes the operation if the user is authorised to do so.
                    </p>
                    </div>
                </li>
                <li id="1053.4"><a href="#1053.4" class="selfref"><b>4</b></a> The Verifiable Credentials verifier component of the Relying Party retrieves the credentials that are required for authentication. If the user has been redirected when trying to access a protected resource, the redirection provides information about the operation and protected resource that was trying to access, so there may be more credentials required than just a VerifiableID.

                    <div>
                    <p>If the user accessed the Login page directly, the VC Verifier component does not have information about the resource that the user intends to access, so it can request just a VerifiableID.
                    </p>
                    </div>
                </li>
                <li id="1057.5"><a href="#1057.5" class="selfref"><b>5</b></a> The VC Verifier component of the Relying Party and the Wallet of the user engage in a Verifiable Presentation Exchange flow, where the result is that the VC Verifier receives a VerifiableID and possibly additional Verifiable Credentials as determined in step 4.

                </li>
                <li id="1059.6"><a href="#1059.6" class="selfref"><b>6</b></a> The authorization mechanism uses the Trust Framework to query different Trusted Lists that are needed to evaluate the policy rules applicable to the request and compute a decision.

                    <div>
                    <p>The Trust Framework is composed of one or more Trusted Lists where each list is specialised in some specific domain of trust.
                    </p>
                    </div>
                    <div>
                    <p>For example, the Trust Framework contains Trusted Lists with the schema definitions used for the well-known types of Verifiable Credentials in the ecosystem. In this way, if the Verifiable Registry used for the Trust Framework is based on a Blockchain network (or several federated networks), the schemas can be published in a trusted and resilient manner reducing the risk of malicious tampering and keeping a record of the history of modifications.
                    </p>
                    </div>
                    <div>
                    <p>But the most interesting Trusted Lists in the Trust Framework are the Trusted Issuers Lists, which provide the mechanism to efficiently and securely verify that the issuer of a given credential is a Trusted Issuer of that type of credentials.
                    </p>
                    </div>
                    <div>
                    <p>It has to be noticed that even though most Trusted Issuer Lists are global (used by all participants in the ecosystem) and have essentially public information, there may be some specialised lists that are private to one or more organisations and specialised in some specific requirement.
                    </p>
                    </div>
                    <div>
                    <p>In this way, there may be some lists that are specific to the products that one organisation provides to other participants in the ecosystem. For example, there may be a Trusted Issuer List private to one organisation which is updated with the identity of a participant when that participant acquires access to some product provided by that organisation.
                    </p>
                    </div>
                    <div>
                    <p>For example, this "product-specific" Trusted Issuer List is queried when performing authorization if the related policy rules specify that the issuer of the Verifiable Credential received in the request should have acquired the product that the request is trying to access.
                    </p>
                    </div>
                    <div>
                    <p>However, as mentioned before, the set of "internal" and "external" Trusted Lists to query is not hardcoded but it depends on the specific policy rules that should be applied to the request when computing the decision to grant access or not.
                    </p>
                    </div>
                    <div>
                    <p>In this way, the system provides a great deal of flexibility on how access control is performed.
                    </p>
                    </div>
                    <div>
                    <p>For simplicity, the diagram below shows the query of the Trusted Issuer Lists as a single interaction to a single box, but the actual interactions can be very complex if required. In addition, the diagram does not specify whether the list is "private" or "global".
                    </p>
                    </div>
                </li>
            </ul>
            <p>The following sections elaborate in more detail in each of the interactions.
            </p>
        </section>
        <section id="starting-the-openid-for-verifiable-presentations-flow"><div class="header-wrapper"><h4 id="x2-4-2-starting-the-openid-for-verifiable-presentations-flow"><bdi class="secno">2.4.2 </bdi>Starting the OpenID for Verifiable Presentations flow</h4><a class="self-link" href="#starting-the-openid-for-verifiable-presentations-flow" aria-label="Permalink for Section 2.4.2"></a></div>

            <p>In this section we assume that the user tries to access a protected resource and that the user is not authenticated. The flow when the user is already authenticated is the same, just skipping the authentication phase (steps 1 to 6).
            </p>
            <p>The authentication process starts an OpenID for Verifiable Presentations flow combined with the Self-Issued OP v2 specification [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.siop2" title="Self-Issued OpenID Provider v2">OpenID.SIOP2</a></cite>], where the VC Verifier component of the portal plays the role of a Relying Party (RP in Open ID Connect terminology) and the wallet of the user is a Self-Issued IdP.
            </p>
            <p>In this step, the Verifier has to send an Authorization Request to the wallet. But as a Self-Issued OP may be running locally as a native application or progressive web application (PWA), the RP may not have a network-addressable endpoint to communicate directly with the OP. We have to leverage the implicit flow of OpenID Connect to communicate with such locally-running Ops, as described in [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.siop2" title="Self-Issued OpenID Provider v2">OpenID.SIOP2</a></cite>].
            </p>
            <p>We use a QR code to start the process and allow the wallet to receive the Authorization Request from the Verifier, and respond with an Authorization Response, sent to the Verifier in the body of an HTTP <code>POST</code> request.
            </p>
            <figure id="fig-starting-the-authentication-phase"><img src="builtassets/plantuml_51a6d72099c0f633c0a0905d9fcd4b0b.png" alt="" />
            <figcaption><a class="self-link" href="#fig-starting-the-authentication-phase">Figure <bdi class="figno">12</bdi></a> <span class="fig-title">Starting the authentication phase</span></figcaption></figure>



            <ul class="plain">
                <li id="1104.1"><a href="#1104.1" class="selfref"><b>1</b></a> The user (GoodAir employee) uses his Laptop browser to access the DOME portal to perform the onboarding process.

<div>
                    <p>We assume in this scenario a cross-device interaction, that is, the user accesses the portal services with a PC browser, but authentication is performed with a mobile using Verifiable Credentials, as in typical 2-factor authentication.
                    </p>
</div>
                </li>
                <li id="1109.2"><a href="#1109.2" class="selfref"><b>2</b></a> The browser sends a request to the Packet Delivery portal server.

<div>
</div>
                </li>
                <li id="1113.3"><a href="#1113.3" class="selfref"><b>3</b></a> The portal redirects the user to the login page of the Verifier component of DOME Onboarding. The page shows a button labelled “Login with Verifiable Credentials” or something similar.

<div>
</div>
                </li>
                <li id="1116.4"><a href="#1116.4" class="selfref"><b>4</b></a> The Verifier generates a QR code, containing inside the URL of the <code>/authentication-requests</code> endpoint of the Verifier component which will be used to start the [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vp" title="OpenID for Verifiable Presentations">OpenID.VP</a></cite>] process.

<div>
                    <p>A QR code is used because a Self-Issued OP may be running locally as a native application or progressive web application (PWA), the RP may not have a network-addressable endpoint to communicate directly with the OP. We have to leverage the implicit flow of OpenID Connect to communicate with such locally-running Ops, as described in [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.siop2" title="Self-Issued OpenID Provider v2">OpenID.SIOP2</a></cite>].
                    </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#008080">https://verifier.dome-marketplace.eu/authorization-requests?state</span><span style="color:#000;font-weight:bold">=</span><span style="color:#d14">af0ifjsldkj</span></pre></td></tr></tbody></table>

</div>
                </li>
                <li id="1123.5"><a href="#1123.5" class="selfref"><b>5</b></a> The QR code is displayed in the user browser with instructions to scan it and go to the URL inside it.

<div>
                    <figure id="qr_code_authreq">
                        <p><img src="images/qrcode-authreq.png" alt="" />
                        </p>
                        <figcaption><a class="self-link" href="#qr_code_authreq">Figure <bdi class="figno">13</bdi></a> <span class="fig-title">QR code with the example Authorization Request endpoint inside
                        </span></figcaption>
                    </figure>
</div>
                </li>
                <li id="1132.6"><a href="#1132.6" class="selfref"><b>6</b></a> The user scans the QR with his wallet and tells the wallet to go to the URL in the QR.

<div>
</div>
                </li>
                <li id="1137.7"><a href="#1137.7" class="selfref"><b>7</b></a> After confirmation by the user, the wallet performs a <code>GET /authentication-requests</code> to the endpoint that was inside the QR code. The reply to the GET request is an Authorization Request

<div>
</div>
                </li>
                <li id="1141.8"><a href="#1141.8" class="selfref"><b>8</b></a> The VC Verifier creates a SIOP Authentication Request. The parameters comprising a request for verifiable presentations are described in detail in the next section

<div>
</div>
                </li>
                <li id="1144.9"><a href="#1144.9" class="selfref"><b>9</b></a> The Verifier replies to the wallet with the Authorization Request

<div>
</div>
                </li>
            </ul>
        </section>
        <section id="generating-the-authorization-request"><div class="header-wrapper"><h4 id="x2-4-3-generating-the-authorization-request"><bdi class="secno">2.4.3 </bdi>Generating the Authorization Request</h4><a class="self-link" href="#generating-the-authorization-request" aria-label="Permalink for Section 2.4.3"></a></div>

            <p>The Authorization Request travels in the response body of the HTTP GET request performed in the previous point, as a JWT signed by the DOME onboarding service, using the eIDAS certificate for seals that corresponds to the legal person operating the service and with the JAdES signature format.
            </p>
            <p>The parameters comprising a request for verifiable presentations are given in section 5 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vp" title="OpenID for Verifiable Presentations">OpenID.VP</a></cite>] and in section 10.1 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.siop2" title="Self-Issued OpenID Provider v2">OpenID.SIOP2</a></cite>] and are reproduced here with the particularities of this use case, in particular taking into account that this is a cross-device interaction:
            </p>
            <ul>
                <li id="1155.response_type"><a href="#1155.response_type" class="selfref"><b>response_type</b></a> (<em class="rfc2119">REQUIRED</em>). Must be <code>vp_token</code>. This parameter is defined in [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc6749" title="The OAuth 2.0 Authorization Framework">RFC6749</a></cite>]. The possible values are determined by the response type registry established by [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc6749" title="The OAuth 2.0 Authorization Framework">RFC6749</a></cite>]. The [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vp" title="OpenID for Verifiable Presentations">OpenID.VP</a></cite>] specification introduces the response type <code>vp_token</code>. This response type asks the Wallet to return only a VP Token in the Authorization Response, which is what we want in our case.

                </li>
                <li id="1157.scope"><a href="#1157.scope" class="selfref"><b>scope</b></a> (<em class="rfc2119">REQUIRED</em>). This parameter is defined in [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc6749" title="The OAuth 2.0 Authorization Framework">RFC6749</a></cite>] which allows it to be used by verifiers to request presentation of credentials by utilizing a pre-defined scope value designating the type of credential. See section <a href="#request_scope" class="xref">Request Scope</a> for more details. We use in this instance the value <code>dome.credentials.presentation.LEARCredential</code> which means that the RP (DOME onboarding service) is asking the SIOP (user wallet) to send a credential of type <code>LEARCredential</code>.

                </li>
                <li id="1159.response_mode"><a href="#1159.response_mode" class="selfref"><b>response_mode</b></a> <em class="rfc2119">REQUIRED</em>. <em class="rfc2119">MUST</em> be <code>direct_post</code>. As this is a cross-device scenario, this response mode is used to instruct the Self-Issued OP to deliver the result of the authentication process to a certain endpoint using the HTTP POST method. This endpoint to which the SIOP shall deliver the authentication result is conveyed in the parameter <code>redirect_uri</code> described below.

                </li>
                <li id="1161.redirect_uri"><a href="#1161.redirect_uri" class="selfref"><b>redirect_uri</b></a> (<em class="rfc2119">REQUIRED</em>). <em class="rfc2119">MUST</em> be a valid RP endpoint. The Authentication Response is sent to this endpoint using <code>POST</code> and encoding <code>application/json</code>).

                </li>
                <li id="1163.client_id"><a href="#1163.client_id" class="selfref"><b>client_id</b></a> <em class="rfc2119">REQUIRED</em>. <em class="rfc2119">MUST</em> be the DID of the RP (DOM onboarding entity) so it can be resolved by the SIOP and checked against a Trusted List, or rejected if it does not pass validation. This provides a high level of assurance to the SIOP that the RP is really who it claims.

                </li>
                <li id="1165.client_id_scheme"><a href="#1165.client_id_scheme" class="selfref"><b>client_id_scheme</b></a> <em class="rfc2119">REQUIRED</em>. <em class="rfc2119">MUST</em> have the value <code>did</code>. This value indicates that the Client Identifier is a DID defined in [<cite><a class="bibref" data-link-type="biblio" href="#bib-did-core" title="Decentralized Identifiers (DIDs) v1.0">DID-Core</a></cite>]. The request <em class="rfc2119">MUST</em> be signed with a private key associated with the DID. To obtain the corresponding private key, the Wallet <em class="rfc2119">MUST</em> use DID Resolution defined by the DID method used by the Verifier. For most DID methods and since the associated DID Document may include multiple public keys, a particular public key used to sign the request in question <em class="rfc2119">MUST</em> be identified by the kid in the JOSE Header. However, in our case the Verifier uses <code>did:elsi</code> and so the request <em class="rfc2119">MUST</em> be signed with the eIDAS certificate according to the [<cite><a class="bibref" data-link-type="biblio" href="#bib-etsi-jades" title="ETSI TS 119 182-1 V1.1.1 (2021-03) - Electronic Signatures and Infrastructures (ESI); JAdES digital signatures; Part 1: Building blocks and JAdES baseline signatures">ETSI-JADES</a></cite>] format, which defines the mechanism to identify the public key.

                    <div>
                    <p>All Verifier metadata other than the public key <em class="rfc2119">MUST</em> be obtained from the client_metadata or the <code>client_metadata_uri parameter</code> as defined in Section 5 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vp" title="OpenID for Verifiable Presentations">OpenID.VP</a></cite>].
                    </p>
                    </div>
                </li>
                <li id="1169.nonce"><a href="#1169.nonce" class="selfref"><b>nonce</b></a> <em class="rfc2119">REQUIRED</em>. This parameter follows the definition given in [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.core" title="OpenID Connect Core 1.0 incorporating errata set 1">OpenID.Core</a></cite>]. It is used to securely bind the verifiable presentation(s) provided by the wallet (SIOP) to the particular transaction managed by the RP.

                </li>
                <li id="1171.state"><a href="#1171.state" class="selfref"><b>state</b></a> <em class="rfc2119">REQUIRED</em>. Used by the portal component of DOM onboarding to associate the start of an authentication session with the end of that session when the RP Verifier component notifies to the portal.

                </li>
                <li id="1173.presentation_definition"><a href="#1173.presentation_definition" class="selfref"><b>presentation_definition</b></a> CONDITIONAL. A string containing a <code>presentation_definition</code> JSON object as defined in Section 4 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-dif.presentationexchange" title="Presentation Exchange 2.0.0">DIF.PresentationExchange</a></cite>]. We do not use this parameter because <code>scope</code> already specifies the credential type.

                </li>
                <li id="1175.presentation_definition_uri"><a href="#1175.presentation_definition_uri" class="selfref"><b>presentation_definition_uri</b></a> CONDITIONAL. A string containing a URL pointing to a resource where a <code>presentation_definition</code> JSON object as defined in Section 4 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-dif.presentationexchange" title="Presentation Exchange 2.0.0">DIF.PresentationExchange</a></cite>] can be retrieved. We do not use this parameter because <code>scope</code> already specifies the credential type.

                </li>
            </ul>
            <p>Note: A request <em class="rfc2119">MUST</em> contain either a <code>presentation_definition</code> or a <code>presentation_definition_uri</code> or a single <code>scope</code> value representing a presentation definition, those three ways to request credential presentation are mutually exclusive. We use here the <code>scope</code> mechanism, which is simpler and fits our use case.
            </p>
            <p>This is an example request object using the definitions above:
            </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#008080">openid://?</span>
<span style="color:#008080">scope</span><span style="color:#000;font-weight:bold">=</span><span style="color:#d14">dome.credentials.presentation.LEARCredential&amp;</span>
<span style="color:#008080">response_type</span><span style="color:#000;font-weight:bold">=</span><span style="color:#d14">vp_token&amp;</span>
<span style="color:#008080">response_mode</span><span style="color:#000;font-weight:bold">=</span><span style="color:#d14">direct_post&amp;</span>
<span style="color:#008080">client_id</span><span style="color:#000;font-weight:bold">=</span><span style="color:#d14">did:elsi:VATFR-99999999&amp;</span>
<span style="color:#008080">redirect_uri</span><span style="color:#000;font-weight:bold">=</span><span style="color:#d14">https://verifier.dome-marketplace.eu/api/authentication_response&amp;</span>
<span style="color:#008080">state</span><span style="color:#000;font-weight:bold">=</span><span style="color:#d14">af0ifjsldkj&amp;</span>
<span style="color:#008080">nonce</span><span style="color:#000;font-weight:bold">=</span><span style="color:#d14">n-0S6_WzA2Mj</span></pre></td></tr></tbody></table>

            <p>(URL encoding removed, line breaks and leading spaces added for readability).
            </p>
            <p>As mentioned above, the Authentication Request is returned to the wallet in the reply body of the GET request, as a JWT in JWS form [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc7515" title="JSON Web Signature (JWS)">RFC7515</a></cite>]), signed with eIDAS certificate of the DOM onboarding legal person.
            </p>
            <p>This is an example of the unencoded contents of the payload of the JWT:
            </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"iss"</span>: <span style="color:#d14">"did:elsi:VATFR-99999999"</span>,   <span style="color:#998;font-style:italic">// Should correspond with the client_id in the AR
</span><span style="color:#998;font-style:italic"></span>    <span style="color:#000080">"sub"</span>: <span style="color:#d14">"did:elsi:VATFR-99999999"</span>,   <span style="color:#998;font-style:italic">// Should correspond with the client_id in the AR
</span><span style="color:#998;font-style:italic"></span>    <span style="color:#000080">"aud"</span>: <span style="color:#d14">"https://self-issued.me/v2"</span>, <span style="color:#998;font-style:italic">// As specified in section 5.5 of OIDC4VP
</span><span style="color:#998;font-style:italic"></span>    <span style="color:#000080">"iat"</span>: <span style="color:#099">1667194901</span>,
    <span style="color:#000080">"exp"</span>: <span style="color:#099">1667194961</span>,                  <span style="color:#998;font-style:italic">// To avoid replays, here it expires in 60 secs
</span><span style="color:#998;font-style:italic"></span>    <span style="color:#000080">"auth_request"</span>: <span style="color:#d14">"openid://?scope=...&amp;amp;response_type=vp_token&amp;amp;..."</span>,
}</pre></td></tr></tbody></table>

            <p>Where the claims <code>iss</code> and <code>sub</code> <em class="rfc2119">MUST</em> be the DID of the RP (in this case DOME onboarding) and <em class="rfc2119">MUST</em> correspond exactly with the <code>client_id</code> parameter in the Authorization Request. The claim <code>auth_request</code> contains the Authentication Request as a string. The expiration time in claim <code>exp</code> avoids replays and can be very short because it is used by the Wallet just on reception of the Authentication Request. The expiration time should be enough for the user to review the Authorization Request, decide the credential(s) to send to the RP and instruct the Wallet to send the Authorization Reply to the RP.
            </p>
        </section>
        <section id="verification-of-the-authorization-request"><div class="header-wrapper"><h4 id="x2-4-4-verification-of-the-authorization-request"><bdi class="secno">2.4.4 </bdi>Verification of the Authorization Request</h4><a class="self-link" href="#verification-of-the-authorization-request" aria-label="Permalink for Section 2.4.4"></a></div>

            <p>Before sending the Authentication Response, the wallet should verify that the Authorization Request is correct. The most important verifications are described here:
            </p>
            <figure id="fig-starting-the-authentication-phase-0"><img src="builtassets/plantuml_7d3dc5e7b6f4ba49b913e048dd96c2be.png" alt="" />
            <figcaption><a class="self-link" href="#fig-starting-the-authentication-phase-0">Figure <bdi class="figno">14</bdi></a> <span class="fig-title">Starting the authentication phase</span></figcaption></figure>



            <ul class="plain">
                <li id="1231.10"><a href="#1231.10" class="selfref"><b>10</b></a> Verification of the signature. As mentioned in the previous section, the Authorization Request is received as a JWT signed by the DOME onboarding service, using the eIDAS certificate for seals that corresponds to the legal person operating the service. This allows the wallet to verify that the signature corresponds to a real-world entity.

<div>
</div>
                </li>
                <li id="1234.11"><a href="#1234.11" class="selfref"><b>11</b></a> Verification that the DID in the <code>client_id</code> field of the Authorization Request corresponds to the entity that signed the Authorization Request. This is easy in our case because we use the <code>did:elsi</code> method.

<div>
</div>
                </li>
                <li id="1237.12"><a href="#1237.12" class="selfref"><b>12</b></a> Verification that the entity identified in the <code>client_id</code> field of the Authorization Request is a trusted entity belonging to the ecosystem, by resolving the DID in the <code>client_id</code> field.

<div>
                    <p>The actual mechanism may vary depending on the DID method used and the ecosystem where the client wants to onboard.
                    </p>
                    <p>If the Relying Party is a well known entity (like the DOME onboarding service in the case of DOME), it is easy to verify that the DID corresponds to the Relying Party.
                    </p>
                    <p>In most other cases, for example when the Relying Party is a participant in the ecosystem, we assume that the ecosystem provides a Trusted Participants Registry with an API compatible with the EBSI Trusted Issuers Registry, and that the participants registry is managed in a trusted way by the onboarding service (meaning that the Wallet user trusts on the onboarding service, in the same way as all other participants).
                    </p>
                    <p>In this case, to check if the DID is a participant on the ecosystem, the wallet sends a <code>GET /api/did/v1/identifiers/{did-to-verify}</code> request to the endpoint of one of several trusted servers implementing the functionality to query the Trusted Participant Registry, where <code>{did-to-verify}</code> is the actual DID the Wallet wants to check (in our example it would be <code>did:elsi:VATFR-99999999</code>, corresponding to the RP) . The API returns a JSON document as a DID Document. The DID Document (as per W3C) contains relevant information about the entity owner of the DID. It contains its Public Key, used to verify the digital signature of the entity. It also contains the status of the entity in the ecosystem. It is extensible and can contain any public information which may be relevant for the use case. The API must be operated by a trusted entity for the Wallet user. There may be as many servers implementing the API as needed and operated by different entities. At least one of those trusted entities has to be configured in the Wallet of the user, to facilitate the use of the wallet.
                    </p>
</div>
                </li>
            </ul>
        </section>
        <section id="creating-and-sending-the-authorization-response"><div class="header-wrapper"><h4 id="x2-4-5-creating-and-sending-the-authorization-response"><bdi class="secno">2.4.5 </bdi>Creating and sending the Authorization Response</h4><a class="self-link" href="#creating-and-sending-the-authorization-response" aria-label="Permalink for Section 2.4.5"></a></div>

            <p>Once the Authorization Request has been validated, the Wallet creates an Authorization Response to be posted in the <code>redirect_uri</code> specified by teh RP in the Authorization Request. For completeness, we describe in the following figure the complete process from reception of Authorization Request until sending the Authorization Response.
            </p>
            <figure id="fig-starting-the-authentication-phase-1"><img src="builtassets/plantuml_089aed180d78fe7872d1120fafc45855.png" alt="" />
            <figcaption><a class="self-link" href="#fig-starting-the-authentication-phase-1">Figure <bdi class="figno">15</bdi></a> <span class="fig-title">Starting the authentication phase</span></figcaption></figure>



            <ul class="plain">
                <li id="1271.13"><a href="#1271.13" class="selfref"><b>13</b></a> The wallet creates an Authorization Response to be posted in the <code>redirect_uri</code> specified by GoodAir in the Authorization Request that was sent to the wallet. The contents of the Authorization Response are described below.

<div>
                    <p>The response is constructed as defined in section 6.1 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vp" title="OpenID for Verifiable Presentations">OpenID.VP</a></cite>]. In particular, because the Authorization Request included only <code>vp_token</code> as the <code>response_type</code>, the VP Token is provided directly in the Authorization Response and a separate <code>id_token</code> is not needed.
                    </p>
                    <p>The contents of the Authorization Response in our specific use case are:
                    </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#008080">presentation_submission</span><span style="color:#000;font-weight:bold">=</span><span style="color:#d14">[see definition below]</span>
<span style="color:#008080">&amp;vp_token</span><span style="color:#000;font-weight:bold">=</span><span style="color:#d14">[see definition below]</span></pre></td></tr></tbody></table>

                    <p>The content of the <code>presentation_submission</code> parameter in the above Authorization Response is:
                    </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"definition_id"</span>: <span style="color:#d14">"OnboardingPresentationDefinition"</span>,
    <span style="color:#000080">"id"</span>: <span style="color:#d14">"OnboardingPresentationSubmission"</span>,
    <span style="color:#000080">"descriptor_map"</span>: [
    {
        <span style="color:#000080">"id"</span>: <span style="color:#d14">"id_credential"</span>,
        <span style="color:#000080">"path"</span>: <span style="color:#d14">"$"</span>,
        <span style="color:#000080">"format"</span>: <span style="color:#d14">"ldp_vp"</span>,
        <span style="color:#000080">"path_nested"</span>: {
            <span style="color:#000080">"format"</span>: <span style="color:#d14">"ldp_vc"</span>,
            <span style="color:#000080">"path"</span>: <span style="color:#d14">"$.verifiableCredential[0]"</span>
        }
    }
    ]
}</pre></td></tr></tbody></table>

                    <p>Which complies with [<cite><a class="bibref" data-link-type="biblio" href="#bib-dif.presentationexchange" title="Presentation Exchange 2.0.0">DIF.PresentationExchange</a></cite>] and refers to the Verifiable Presentation in the <code>vp_token</code> parameter provided in the same response. In our example, the Verifiable Presentation includes the LEARCredential that was described in the previous sections.
                    </p>
</div>
                </li>
                <li id="1303.14"><a href="#1303.14" class="selfref"><b>14</b></a> The wallet sends the Authorization Response to the endpoint received in the <code>redirect_uri</code> parameter of the Authorization Request, sending an HTTP <code>POST</code> request using the encoding <code>application/x-www-form-urlencoded</code>.

<div>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#900;font-weight:bold">POST</span> <span style="color:#555">/api/siop/authorization_response</span> <span style="color:#000;font-weight:bold">HTTP</span><span style="color:#000;font-weight:bold">/</span><span style="color:#099">1.1</span>
Host<span style="color:#000;font-weight:bold">:</span> verifier.dome-onboarding.org
Content-Type<span style="color:#000;font-weight:bold">:</span> application/x-www-form-urlencoded

presentation_submission=[see definition below]
&amp;vp_token=[see definition below]</pre></td></tr></tbody></table>

</div>
                </li>
            </ul>
        </section>
        <section id="authenticating-the-user-with-the-learcredential"><div class="header-wrapper"><h4 id="x2-4-6-authenticating-the-user-with-the-learcredential"><bdi class="secno">2.4.6 </bdi>Authenticating the user with the LEARCredential</h4><a class="self-link" href="#authenticating-the-user-with-the-learcredential" aria-label="Permalink for Section 2.4.6"></a></div>

            <p>We should remember that inside the LEARCredential the <code>credentialSubject</code> object has an <code>id</code> field with value <code>did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK</code> which is the DID of the user. It was generated during the creation of the LEARCredential, and the Relying Party should trust that the credential was generated in the proper way binding cryptographically the DID with the LEARCredential, as described in a previous section. It is the same trust that should be put in the generation of any other signed document, like a contract or invoice.
            </p>
            <p>The process of verifying the Authorization Response and authenticating the user with the LEARCredential is the following:
            </p>
            <figure id="fig-starting-the-authentication-phase-2"><img src="builtassets/plantuml_5e65e6b64889e67cad7ed8a938eee406.png" alt="" />
            <figcaption><a class="self-link" href="#fig-starting-the-authentication-phase-2">Figure <bdi class="figno">16</bdi></a> <span class="fig-title">Starting the authentication phase</span></figcaption></figure>



            <ul class="plain">
                <li id="1334.15_and_16"><a href="#1334.15_and_16" class="selfref"><b>15 and 16</b></a> The Verifier receives the Authorization Request and has to perform verifications, the standard ones being defined in [<cite><a class="bibref" data-link-type="biblio" href="#bib-dif.presentationexchange" title="Presentation Exchange 2.0.0">DIF.PresentationExchange</a></cite>]. In order to verify that the Verifiable Credential has been issued by a trusted entity, the Relying Party has to verify:

<div>
                    <ol>
                        <li>That the DID of the entity which is the issuer of the VC is a trusted entity.
                        </li>
                        <li>That the VC was signed by that participant.
                        </li>
                    </ol>
                    <p>Both verifications can be done by performing DID resolution, checking that the resulting DID Document contains the public key corresponding to the one specified in the Verifiable Credential, and by verifying the digital signature of the credential against that public key.
                    </p>
                    <p>In our case the LEARCredential was issued using the <code>did:elsi</code> method, so resolution is very simple and is specified in [<cite><a class="bibref" data-link-type="biblio" href="#bib-did-elsi" title="DID ETSI Legal person Semantic Identifier Method Specification (did:elsi)">DID-ELSI</a></cite>].
                    </p>
</div>
                </li>
                <li id="1345.17"><a href="#1345.17" class="selfref"><b>17</b></a> After verifying the credential, the Relying Party can also verify that the Verifiable Presentation including the Verifiable Credential is sent by the user and not by a malicious agent. To do so, it uses the public key associated to the <code>did:key</code> identifier <code>id</code> field inside the <code>credentialSubject</code> structure. That public key is cryptographically bound to the customer DID during the onboarding process that GoodAir performed with its employee.

<div>
</div>
                </li>
                <li id="1348.18"><a href="#1348.18" class="selfref"><b>18</b></a> The Verifier creates an Access Token for the user so it can be used later for access services provided by the Relying Party (in the case of onboarding, those services would be the ones related to the onboarding process implemented by the Onboarding portal). The Access Token is generated in JWT format and signed by the VC Verifier. The access token is intended for use as bearer token over HTTP [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc2616" title="Hypertext Transfer Protocol -- HTTP/1.1">RFC2616</a></cite>] using Transport Layer Security (TLS) [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc5246" title="The Transport Layer Security (TLS) Protocol Version 1.2">RFC5246</a></cite>] to access protected resources, and it should use the JWT Profile profile described in [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc9068" title="JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens">RFC9068</a></cite>].

<div>
                    <p>For our use case, the payload of the JWT access token looks like:
                    </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"iss"</span>: <span style="color:#d14">"did:elsi:VATFR-99999999"</span>,
    <span style="color:#000080">"sub"</span>: <span style="color:#d14">"did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"</span>,
    <span style="color:#000080">"aud"</span>:   <span style="color:#d14">"https://dome-marketplace.eu/onboarding"</span>,
    <span style="color:#000080">"exp"</span>: <span style="color:#099">1639528912</span>,
    <span style="color:#000080">"iat"</span>: <span style="color:#099">1618354090</span>,
    <span style="color:#000080">"jti"</span> : <span style="color:#d14">"dbe39bf3a3ba4238a513f51d6e1691c4"</span>,
    <span style="color:#000080">"client_id"</span>: <span style="color:#d14">"did:elsi:VATFR-99999999"</span>,
    <span style="color:#000080">"scope"</span>: <span style="color:#d14">"vp_token"</span>,
    <span style="color:#000080">"verifiableCredential"</span>: [<span style="color:#d14">"the VC that was received inside the Verifiable Presentation"</span>]
}</pre></td></tr></tbody></table>

                    <p>Where, according to [<cite><a class="bibref" data-link-type="biblio" href="#bib-rfc9068" title="JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens">RFC9068</a></cite>]:
                    </p>
                    <ul>
                        <li><code>iss</code> and <code>client_id</code> have the same value because the access token has been generated by the Verifier component of the DOME onboarding service, acting as the DOME legal person.
                        </li>
                        <li><code>sub</code> identifies the user (employee of GoodAir acting as LEAR of the company) using the DID inside the Verifiable Credential received
                        </li>
                        <li><code>aud</code> identifies the RS (Resource Server) component in Packet Delivery. In this case we assume that it is internal and does not have a DID assigned, so we use the URI of the component.
                        </li>
                        <li><code>kid</code> in the header identifies the key that is used to sign the JWT and which must be configured up-front and known by the RS (Resource Server.
                        </li>
                        <li><code>scope</code> has the same value as the equivalent <code>scope</code> parameter in the initial Authorization Request.
                        </li>
                        <li><code>verifiableCredential</code> contains the Verifiable Credential that was received, specifically the value of the first element of the field <code>verifiableCredential</code> of the Verifiable Presentation.
                        </li>
                    </ul>
</div>
                </li>
                <li id="1381.19"><a href="#1381.19" class="selfref"><b>19</b></a> The Verifier sends a successful response to the POST request from the wallet. The wallet receives the response to the POST indicating the success or failure of the process. The Verifier continues processing because the web portal of Packet Delivery has to be refreshed with the services that this specific user can access, based on the information received in the Verifiable Credential and the access control policies implemented by the DOME portal.

<div>
</div>
                </li>
                <li id="1384.20"><a href="#1384.20" class="selfref"><b>20</b></a> The Verifier notifies the DOME portal to refresh the login page so it can present the services to the user. The notification includes the following:

<div>
                    <ul>
                        <li>The <code>state</code> nonce that was generated by the portal when it generated the QR code. The portal uses the <code>state</code> nonce to know what login session is being notified.
                        </li>
                        <li>The access token generated before.
                        </li>
                    </ul>
                    <p>The notification is a simple POST request with both parameters in the body:
                    </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#900;font-weight:bold">POST</span> <span style="color:#555">/api/notify</span> <span style="color:#000;font-weight:bold">HTTP</span><span style="color:#000;font-weight:bold">/</span><span style="color:#099">1.1</span>
Host<span style="color:#000;font-weight:bold">:</span> dome-marketplace.eu
Content-Type<span style="color:#000;font-weight:bold">:</span> application/x-www-form-urlencoded

access_token=[the access token]
&amp;state=af0ifjsldkj</pre></td></tr></tbody></table>

                    <p>The portal component replies immediately and continues processing.
                    </p>
</div>
                </li>
                <li id="1404.21"><a href="#1404.21" class="selfref"><b>21</b></a> The portal of the Relying Party refreshes the screen and displays the services available to users, sending the Access Token to the browser of the user. The Access Token will be sent back by the browser to the portal whenever the user tries to access a protected resource of the portal, and so access control can be performed using the data inside the token, in the same way as with any other access token in other authentication mechanisms.

<div>
</div>
                </li>
            </ul>
        </section>
    </section>
    <section id="accesscontrol"><div class="header-wrapper"><h3 id="x2-5-access-control-with-verifiable-credentials"><bdi class="secno">2.5 </bdi>Access control with Verifiable Credentials</h3><a class="self-link" href="#accesscontrol" aria-label="Permalink for Section 2.5"></a></div>

        <section id="overview-1"><div class="header-wrapper"><h4 id="x2-5-1-overview"><bdi class="secno">2.5.1 </bdi>Overview</h4><a class="self-link" href="#overview-1" aria-label="Permalink for Section 2.5.1"></a></div>

            <p>This section assumes that authentication has already been performed and that the Relying Party receives a request to a protected resource, with a proper access token inside the request. If the request does not come with an access token, the request is rejected immediately (or the user is redirected to the Authentication service of the Relying Party, depending on the use case).
            </p>
            <p>The Access Control mechanism described here is the same independently of whether the request comes from a user or a machine, so the M2M use case is supported without any modification. In the following description we will use the term <b>user</b> interchangeably for both the user as a natural person or the user as a machine.
            </p>
            <p>However, the assumption is that all machines have an identity (they are assigned an identifier), and that they are acting <code>on behalf of</code> a legally valid identity in the sense of eIDAS2. In other words, we require that the identities of users and machines can be cryptographically bound to the real-world identity of either a natural person or a legal person in a way that provides legal certainty to the Relying Party regarding the chain of responsibility.
            </p>
            <p>If the user is a natural person using the portal of the Relying Party, the request to the protected resource will come from the browser that the user employs to navigate the portal, and the access token will be included automatically by the browser in every request that is sent to the Relying Party, for example when the user clicks a button or fills a form.
            </p>
            <p>If the user is a server or device, it is assumed that it has obtained an access token previously as the result of an authentication process described above. The server or device is responsible for including the access token in every request that is sent to the Relying Party to access a protected resource.
            </p>
            <p>If the portal of the Relying Party is an onboarding process (eg., the portal of the DOME Onboarding service), the protected resource could be the onboarding service itself, or a service to upload additional information for a partially completed onboarding process.
            </p>
            <p>If the portal is a Marketplace and the organisation using the portal wants to offer products in it, these services could be to register the organisation as a <i>Seller</i>, or to create a Product specification and offering.
            </p>
            <p>If the portal is the Marketplace and the organisation wants to contract products in it, these services could be to register the organisation as a <i>Customer</i>, or to launch a procurement order of a product.
            </p>
            <p>The same mechanism can be used by any participant in the ecosystem, if they want to use an advanced IAM mechanism which is aligned with the EU strategy on digital identity based on Verifiable Credential and eIDAS2.
            </p>
            <p>For the explanation we will use the following figure which is based on <cite><a data-matched-text="[[[NIST-AUTH]]]" href="https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-178.pdf">NIST Special Publication 800-178: A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications</a></cite> which describes a reference architecture with necessary functional components to achieve enforcement the authorization policies. The authorization process depends on four layers of functionality: <b>Enforcement</b>, <b>Decision</b>, <b>Access Control Data</b>, and <b>Administration</b>.
            </p>
            <figure id="authn-reference">
                <p><img src="images/login_in_DOME/authn_architecture_authorization.drawio.png" alt="" />
                </p>
                <figcaption><a class="self-link" href="#authn-reference">Figure <bdi class="figno">17</bdi></a> <span class="fig-title">High level Authentication logical architecture
                </span></figcaption>
            </figure>
        </section>
        <section id="determine-the-authorization-policies-which-apply-to-the-request"><div class="header-wrapper"><h4 id="x2-5-2-determine-the-authorization-policies-which-apply-to-the-request"><bdi class="secno">2.5.2 </bdi>Determine the Authorization Policies which apply to the request</h4><a class="self-link" href="#determine-the-authorization-policies-which-apply-to-the-request" aria-label="Permalink for Section 2.5.2"></a></div>

            <p>Every request to a protected resource is intercepted by the PEP (Policy Enforcement Point), and to know if the request should be authorised or not, the PEP asks to the PDP (Policy Decision Point) for a decision. The PDP needs to know what are the policy rules that should be applied to the request, and it uses the PRP (Policy Retrieval Point) to retrieve those policies.
            </p>
            <figure id="fig-determine-the-authorization-policies"><img src="builtassets/plantuml_48aaffcb8cecf468dbf62950e963e714.png" alt="" />
            <figcaption><a class="self-link" href="#fig-determine-the-authorization-policies">Figure <bdi class="figno">18</bdi></a> <span class="fig-title">Determine the Authorization Policies</span></figcaption></figure>



            <ul class="plain">
                <li id="1456.1"><a href="#1456.1" class="selfref"><b>1</b></a> The user (natural person or machine) sends a request to access a protected resource, and the PEP (Policy Enforcement Point) component intercepts the call. The PEP is normally implemented as a reverse proxy or API gateway, so all calls to protected resources entering the organisation are intercepted and forwarded if they are accepted.

<div>
</div>
                </li>
                <li id="1459.2"><a href="#1459.2" class="selfref"><b>2</b></a> If the request is not authenticated it is rejected with an error. Depending on the use case, the error returned can contain additional information that enables the user agent to be redirected to perform authentication.

<div>
                    <p>After inspecting the request, the PEP requests a decision from the PDP passing a series of attributes. In general, the request from the PEP to the PDP consists of <b>subject</b> attributes (typically for the user who issued the request), <b>resource</b> attributes (the resource for which access is sought), <b>action</b> attributes (the operations to be performed on the resource), and <b>environment</b> attributes.
                    </p>
                    <p>Some of the above attributes are obtained by the PEP from the original request received from the user. For example, the HTTP verb (GET, POST, PUT, PATCH, DELETE) and the URL and possibly the body of the request provide action attributes. Specifically, in the case of an NGSI-LD request those attributes are formally specified in the NGSI-LD standard.
                    </p>
                    <p>The subject attributes most relevant for access control are located in the access token received with the request. In particular, the access token includes the Verifiable Credentials that were employed for authentication, and the claims in those credentials can be used to evaluate access control policies. This includes (but is not limited to) the roles object that may be included in the VerifiableID credential used for authentication.
                    </p>
                    <p>An example access token would be:
                    </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"token_type"</span>: <span style="color:#d14">"Bearer"</span>,
    <span style="color:#000080">"expires_in"</span>: <span style="color:#099">3600</span>,
    <span style="color:#000080">"access_token"</span>: <span style="color:#d14">"ewogICJhbGciOiAiR...ERBIgogIH0KfQ"</span>
}</pre></td></tr></tbody></table>

                    <p>Decoding the <code>access_token</code> field we could see a Verifiable Presentation including the LEARCredential that the user presented when authenticating:
                    </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"@context"</span>: [
        <span style="color:#d14">"https://www.w3.org/2018/credentials/v1"</span>,
        <span style="color:#d14">"https://dome-marketplace.eu//2022/credentials/learcredential/v1"</span>
    ],
    <span style="color:#000080">"id"</span>: <span style="color:#d14">"urn:did:elsi:25159389-8dd17b796ac0"</span>,
    <span style="color:#000080">"type"</span>: [<span style="color:#d14">"VerifiableCredential"</span>, <span style="color:#d14">"LEARCredential"</span>],
    <span style="color:#000080">"issuer"</span>: {
        <span style="color:#000080">"id"</span>: <span style="color:#d14">"did:elsi:VATES-12345678"</span>
    },
    <span style="color:#000080">"issuanceDate"</span>: <span style="color:#d14">"2022-03-22T14:00:00Z"</span>,
    <span style="color:#000080">"validFrom"</span>: <span style="color:#d14">"2022-03-22T14:00:00Z"</span>,
    <span style="color:#000080">"expirationDate"</span>: <span style="color:#d14">"2023-03-22T14:00:00Z"</span>,
    <span style="color:#000080">"credentialSubject"</span>: {
        <span style="color:#000080">"id"</span>: <span style="color:#d14">"did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"</span>,
        <span style="color:#000080">"title"</span>: <span style="color:#d14">"Mr."</span>,
        <span style="color:#000080">"first_name"</span>: <span style="color:#d14">"John"</span>,
        <span style="color:#000080">"last_name"</span>: <span style="color:#d14">"Doe"</span>,
        <span style="color:#000080">"gender"</span>: <span style="color:#d14">"M"</span>,
        <span style="color:#000080">"postal_address"</span>: <span style="color:#d14">""</span>,
        <span style="color:#000080">"email"</span>: <span style="color:#d14">"johndoe@goodair.com"</span>,
        <span style="color:#000080">"telephone"</span>: <span style="color:#d14">""</span>,
        <span style="color:#000080">"fax"</span>: <span style="color:#d14">""</span>,
        <span style="color:#000080">"mobile_phone"</span>: <span style="color:#d14">"+34787426623"</span>,
        <span style="color:#000080">"legalRepresentative"</span>: {
            <span style="color:#000080">"cn"</span>: <span style="color:#d14">"56565656V Jesus Ruiz"</span>,
            <span style="color:#000080">"serialNumber"</span>: <span style="color:#d14">"56565656V"</span>,
            <span style="color:#000080">"organizationIdentifier"</span>: <span style="color:#d14">"VATES-12345678"</span>,
            <span style="color:#000080">"o"</span>: <span style="color:#d14">"GoodAir"</span>,
            <span style="color:#000080">"c"</span>: <span style="color:#d14">"ES"</span>
        },
        <span style="color:#000080">"rolesAndDuties"</span>: [
            {
                <span style="color:#000080">"type"</span>: <span style="color:#d14">"LEARCredential"</span>,
                <span style="color:#000080">"id"</span>: <span style="color:#d14">"https://dome-marketplace.eu//lear/v1/6484994n4r9e990494"</span>
            }
        ]
    }
}</pre></td></tr></tbody></table>

                    <p>Environmental attributes, which depend on the availability of system sensors that can detect and report values, are somewhat different from subject and resource attributes, which are administratively created. Environmental attributes are not properties of the subject or resources, but are measurable characteristics that pertain to the operational or situational context in which access requests occur. These environmental characteristics are subject and resource independent, and may include the current time, day of the week, or threat level.
                    </p>
                    <p>The PDP computes decisions to permit or deny subject requests to perform actions on resources. In computing a decision, the PDP queries policies stored in a PRP (Policy Retrieval Point).
                    </p>
                    <p>If the attributes of the request are not sufficient for rule and policy evaluation, the PDP may need to search the PIP for additional attributes. The PIP is shown as one logical store, but in fact may comprise multiple physical stores of different types.
                    </p>
                    <p>In addition to the PIP, the PDP uses one or more Trusted Issuers Lists (to check if the issuer of the credential is included in them as a trusted issuer of that type of credential), and also the Authorization Registry (AR), which can check for finer granularity authorisation records which may be very dynamic in nature (e.g. if some resource usage by employees and machines owned by the issuer have exceeded some quota this month).
                    </p>
                    <p>The actual Trusted Issuers Lists that the PDP needs to check is determined by the policy rules retrieved from the PRP. Those policy rules also determine the additional queries performed to the PIP data stores.
                    </p>
                    <p>The set of information and data stored in the PIP and PRP comprise the access control data and collectively define the current authorization state, which the PDP will use to compute its decision.
                    </p>
</div>
                </li>
                <li id="1534.3"><a href="#1534.3" class="selfref"><b>3</b></a> The PDP asks the PRP for the policy rules applicable to this request. The policy rules may be specified using different policy languages, like ODRL, XACML or Rego. It is very difficult to make the interface between the PDP and the PRP completely transparent and independent from the concrete policy language used in an implementation. However, The PDP can be modularised in order to minimise the dependency and reduce the cost of migration to other policy language in the future.

<div>
</div>
                </li>
                <li id="1537.4"><a href="#1537.4" class="selfref"><b>4</b></a> The PDP receives the policy rules to apply for the current request.

<div>
</div>
                </li>
            </ul>
        </section>
        <section id="determine-which-trusted-issuer-lists-should-be-queried"><div class="header-wrapper"><h4 id="x2-5-3-determine-which-trusted-issuer-lists-should-be-queried"><bdi class="secno">2.5.3 </bdi>Determine which Trusted Issuer Lists should be queried</h4><a class="self-link" href="#determine-which-trusted-issuer-lists-should-be-queried" aria-label="Permalink for Section 2.5.3"></a></div>

            <p>After retrieving the policies from the PRP, the PDP determines what are the attributes needed by the policy rules to perform its evaluation. Some of those attributes can be determined from the request received (e.g., claims inside the Verifiable Credential(s) in the access token). But in general, the policy rules require additional attributes that have to be retrieved from other sources.
            </p>
            <p>The two logical sources of those attributes are the PIP and the Trusted Issuers Lists in the Trust Anchor Framework.
            </p>
            <p>The concept of the PIP is the same as in the standard XACML logical architecture, essentially enabling the PDP to retrieve environmental attributes required for policy evaluation.
            </p>
            <p>In our approach using Verifiable Credentials for authentication and authorization, we use a Trust Framework to determine if the credentials received in the request are issued by authorised issuers of those credentials.
            </p>
            <p>The PDP does not have hardcoded the actual Trusted Lists to query, but they are determined dynamically from the policies retrieved from the PRP. In simple use cases there may be one or two lists to query which are the same for all requests. But the mechanism described here can cater for very complex scenarios where the lists may be different depending on the requests and also from the dynamic environmental information retrieved from the PIP.
            </p>
            <figure id="fig-determine-trusted-issuer-lists-to-query"><img src="builtassets/plantuml_e9b5fd10a95e7efdd99361a716fd9818.png" alt="" />
            <figcaption><a class="self-link" href="#fig-determine-trusted-issuer-lists-to-query">Figure <bdi class="figno">19</bdi></a> <span class="fig-title">Determine Trusted Issuer Lists to query</span></figcaption></figure>



            <ul class="plain">
                <li id="1566.4"><a href="#1566.4" class="selfref"><b>4</b></a> The PDP receives the policy rules to apply for the current request.

<div>
</div>
                </li>
                <li id="1569.5"><a href="#1569.5" class="selfref"><b>5</b></a> The PDP performs an initial evaluation of the policy rules and if the attributes of the request are not sufficient for rule and policy evaluation, it determines the PIP stores to query, and also the set of Trusted Issuers Lists to query. The concrete Trusted Lists to query are dynamic and depend on the specific policies associated to the request.

<div>
</div>
                </li>
                <li id="1573.6"><a href="#1573.6" class="selfref"><b>6</b></a> Based on the policies and the attributes of the request, the PDP queries the PIP for additional attributes needed for the policy evaluation.

<div>
                    <p>Now that the PDP has the policy rules to apply and the attributes from the request and the ones retrieved from the PIP, the PDP can determine the actual Trusted Lists that have to be queried in order to be able to evaluate the policies.
                    </p>
</div>
                </li>
            </ul>
        </section>
        <section id="query-the-trusted-issuer-lists"><div class="header-wrapper"><h4 id="x2-5-4-query-the-trusted-issuer-lists"><bdi class="secno">2.5.4 </bdi>Query the Trusted Issuer Lists</h4><a class="self-link" href="#query-the-trusted-issuer-lists" aria-label="Permalink for Section 2.5.4"></a></div>

            <p>The authorization mechanism uses the Trust Framework to query different Trusted Lists that are needed to evaluate the policy rules applicable to the request and compute a decision.
            </p>
            <p>The Trust Framework is composed of one or more Trusted Lists where each list is specialised in some specific domain of trust.
            </p>
            <p>For example, the Trust Framework contains Trusted Lists with the schema definitions used for the well-known types of Verifiable Credentials in the ecosystem. In this way, if the Verifiable Registry used for the Trust Framework is based on a Blockchain network (or several federated networks), the schemas can be published in a trusted and resilient manner reducing the risk of malicious tampering and keeping a record of the history of modifications.
            </p>
            <p>But the most interesting Trusted Lists in the Trust Framework are the Trusted Issuers Lists, which provide the mechanism to efficiently and securely verify that the issuer of a given credential is a Trusted Issuer of that type of credentials.
            </p>
            <p>It has to be noticed that even though most Trusted Issuer Lists are global (used by all participants in the ecosystem) and have essentially public information, there may be some specialised lists that are private to one or more organisations and specialised in some specific requirement.
            </p>
            <p>In this way, there may be some lists that are specific to the products that one organisation provides to other participants in the ecosystem. For example, there may be a Trusted Issuer List private to one organisation which is updated with the identity of a participant when that participant acquires access to some product provided by that organisation.
            </p>
            <p>For example, this "product-specific" Trusted Issuer List is queried when performing authorization if the related policy rules specify that the issuer of the Verifiable Credential received in the request should have acquired the product that the request is trying to access.
            </p>
            <p>However, as mentioned before, the set of "internal" and "external" Trusted Lists to query is not hardcoded but it depends on the specific policy rules that should be applied to the request when computing the decision to grant access or not.
            </p>
            <p>In this way, the system provides a great deal of flexibility on how access control is performed.
            </p>
            <p>For simplicity, the diagram below shows the query of the Trusted Issuer Lists as a single interaction to a single box, but the actual interactions can be very complex if required. In addition, the diagram does not specify whether the list is "private" or "global".
            </p>
            <figure id="fig-query-the-trusted-issuer-lists"><img src="builtassets/plantuml_4e81c481b979246d42f8eac88fc5bb50.png" alt="" />
            <figcaption><a class="self-link" href="#fig-query-the-trusted-issuer-lists">Figure <bdi class="figno">20</bdi></a> <span class="fig-title">Query the Trusted Issuer Lists</span></figcaption></figure>



            <ul class="plain">
                <li id="1617.6"><a href="#1617.6" class="selfref"><b>6</b></a> Based on the policies and the attributes of the request, the PDP queries the PIP for additional attributes needed for the policy evaluation.

<div>
</div>
                </li>
                <li id="1621.7"><a href="#1621.7" class="selfref"><b>7</b></a> Based on the policies and the attributes of the request, the PDP queries one or more Trusted Issuer Lists to check that the credentials received comply with the requirements specified in the policies.

<div>
</div>
                </li>
            </ul>
        </section>
        <section id="compute-the-decision-and-allow-or-not-access"><div class="header-wrapper"><h4 id="x2-5-5-compute-the-decision-and-allow-or-not-access"><bdi class="secno">2.5.5 </bdi>Compute the decision and allow (or not) access</h4><a class="self-link" href="#compute-the-decision-and-allow-or-not-access" aria-label="Permalink for Section 2.5.5"></a></div>

            <p>Once the PDP has all the attributes required for policy evaluation, it computes a decision and returns that decision to the PEP which will enforce it.
            </p>
            <figure id="fig-compute-the-decision"><img src="builtassets/plantuml_be3b0ee126e5440e3c75eb214242be0d.png" alt="" />
            <figcaption><a class="self-link" href="#fig-compute-the-decision">Figure <bdi class="figno">21</bdi></a> <span class="fig-title">Compute the decision</span></figcaption></figure>



            <ul class="plain">
                <li id="1644.8"><a href="#1644.8" class="selfref"><b>8</b></a> The PDP performs a final evaluation of the policy rules, taking into consideration the attributes received from the PEP, the attributes received from the PIP, and the Trusted Issuers Lists queried. After the evaluation the PDP computes a decision, either to accept or to reject the request.

<div>
</div>
                </li>
                <li id="1647.9"><a href="#1647.9" class="selfref"><b>9</b></a> The PDP returns the decision to the PEP, which will enforce it.

<div>
</div>
                </li>
                <li id="1650.10"><a href="#1650.10" class="selfref"><b>10</b></a> If the decision from the PDP is to reject the request, the PEP returns an error to the user. Otherwise, it forwards the original request to the Resource for execution.

<div>
</div>
                </li>
                <li id="1653.11"><a href="#1653.11" class="selfref"><b>11</b></a> The resource executes the request and returns the result.

<div>
</div>
                </li>
                <li id="1656.12"><a href="#1656.12" class="selfref"><b>12</b></a> The PEP returns the result to the user.

<div>
</div>
                </li>
            </ul>
        </section>
        <section id="summary-of-the-authorization-process"><div class="header-wrapper"><h4 id="x2-5-6-summary-of-the-authorization-process"><bdi class="secno">2.5.6 </bdi>Summary of the authorization process</h4><a class="self-link" href="#summary-of-the-authorization-process" aria-label="Permalink for Section 2.5.6"></a></div>

            <p>The following diagram combines all the steps in a single one to provide an overall view of the authorization process.
            </p>
            <figure id="fig-summary-of-the-authorization-process"><img src="builtassets/plantuml_c8e7f45dfb37b5dfb38c586a43f43ac2.png" alt="" />
            <figcaption><a class="self-link" href="#fig-summary-of-the-authorization-process">Figure <bdi class="figno">22</bdi></a> <span class="fig-title">Summary of the Authorization process</span></figcaption></figure>

        </section>
    </section>
</section>
<section id="participants" class="appendix"><div class="header-wrapper"><h2 id="a-example-scenario-participants-in-the-ecosystem"><bdi class="secno">A. </bdi>Example scenario: Participants in the ecosystem</h2><a class="self-link" href="#participants" aria-label="Permalink for Appendix A."></a></div>

    <p>Here we introduce the actors of the reference use case we are going to use. The main actors are marked in yellow in the following diagram.
    </p>
    <p>RealTruth is a Trust Service Provider operating under the eIDAS Trust Framework, which issues a certificate for seals to the company GoodAir. GoodAir is a business that provides some services using an Air Quality application operated by GoodAir.
    </p>
    <p>RealTruth also provides a certificate for signatures to the COO of the GoodAir company, so the COO can use the certificate to sign documents on behalf of GoodAir (like contracts, invoices, financial reports, ...) in a way that is compliant with eIDAS.
    </p>
    <p>The COO of GoodAir will issue a verifiable credential of type LEARCredential to an employee of GoodAir, signing the credential with his certificate for signatures.
    </p>
    <figure id="fig-generatedID"><img src="builtassets/d2_36c71184cf20e51b32d23a987b6a6750.svg" alt="" />
    <figcaption><a class="self-link" href="#fig-generatedID">Figure <bdi class="figno">23</bdi></a> <span class="fig-title"></span></figcaption></figure>

    <section id="participant"><div class="header-wrapper"><h3 id="a-1-goodair-the-company-that-wants-to-perform-the-process"><bdi class="secno">A.1 </bdi>GoodAir: the company that wants to perform the process</h3><a class="self-link" href="#participant" aria-label="Permalink for Appendix A.1"></a></div>

        <p>The new participant is a business providing an Air Quality Monitoring application as a service. The business is called GoodAir and it operates the application, which receives data from a set of sensors that may or may not be the property of GoodAir. The sensors must have received a certification to be able to operate and send data to the GoodAir application.
        </p>
        <p>The company is registered in the tax agency and business registry of Spain with VAT number <b>VATES-12345678</b>.
        </p>
    </section>
    <section id="coo-chief-operating-officer-of-goodair"><div class="header-wrapper"><h3 id="a-2-coo-chief-operating-officer-of-goodair"><bdi class="secno">A.2 </bdi>COO (Chief Operating Officer) of GoodAir</h3><a class="self-link" href="#coo-chief-operating-officer-of-goodair" aria-label="Permalink for Appendix A.2"></a></div>

        <p>The GoodAir company is small and the only person that can sign contracts on behalf of the company is the COO (Chief Operating Officer). The COO is a legal representative of the company and she is registered as so in the business registry of Spain.
        </p>
        <p>The COO has a certificate for electronic signatures issued by one of the TSPs in Spain enabling the COO to perform electronic qualified signatures as legal representative of GoodAir, instead of doing them manually.
        </p>
        <p>The X.509 certificate of the COO has the following contents in the <code>Subject</code> field (the example below is derived from a real certificate but with the identifiers modified to be an example):
        </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#008080">cn</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">56565656V Jesus Ruiz</span>
<span style="color:#008080">serialNumber</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">56565656V</span>
<span style="color:#008080">givenName</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">Jesus</span>
<span style="color:#008080">sn</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">Ruiz</span>
<span style="color:#008080">2.5.4.97</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">VATES-12345678</span>
<span style="color:#008080">o</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">GoodAir</span>
<span style="color:#008080">c</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">ES</span>
<span style="color:#008080">2.5.4.13</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">Notary:Juan Lopez/Protocol Num:7172/Date:07-06-2021</span></pre></td></tr></tbody></table>

        <p>The above set of fields bind the legal identity of the COO with the identity of the business:
        </p>
        <ul>
            <li><code>serialNumber</code> is the unique number recognized by the Spanish Government for spanish citizens (called NIF).
            </li>
            <li><code>2.5.4.97</code> is the <a href="https://oidref.com/2.5.4.97">official OID for <code>organizationIdentifier</code></a>. The contents of this field in the example certificate is the unique identifier for the legal person GoodAir.
            </li>
        </ul>
        <p>Before issuing a certificate like the above, the TSP has to perform some validations to ensure that in the official source of truth (the business registry of Spain in this case) there is already registered information that states that the COO has indeed powers to act on behalf of GoodAir as a legal representative.
        </p>
    </section>
    <section id="realtruth-a-trust-service-provider"><div class="header-wrapper"><h3 id="a-3-realtruth-a-trust-service-provider"><bdi class="secno">A.3 </bdi>RealTruth: a Trust Service Provider</h3><a class="self-link" href="#realtruth-a-trust-service-provider" aria-label="Permalink for Appendix A.3"></a></div>

        <p>RealTruth is an EU TSP, which appears in the TL (Trusted List) maintained by the <a href="https://tl.bundesnetzagentur.de/TL-DE.XML">German Government</a>.
        </p>
        <p>RealTruth is a TSP based in Germany but operates in most of the countries of the EU and so being able to provide Trust Services across many countries, including Spain.
        </p>
        <p>As all TSPs in the TLs of the Member States, its entry in the TL includes one or more "Services" entries which describe the Trust Services provided by the TSP.
        </p>
        <p>A TSP can have one Service issuing certificates for signatures, another service issuing certificates for seals, another service for timestamping, etc.
        </p>
        <p>The regulator approves or suspends each service from a TSP individually, and the services are the root anchor for a given trust environment.
        </p>
        <p>In our case, the entry for RealTruth in the TL includes a <code>&lt;TSPService&gt;</code> entry, and inside it the <code>&lt;ServiceDigitalIdentity&gt;</code> entry includes a DER-encoded certificate specifying the digital identity of the root anchor for that trust domain. The certificate for the Service has in the Subject field:
        </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor"><span style="color:#008080">2.5.4.97</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">VATDE-170173453</span>
<span style="color:#008080">CN</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">DRV QC 11 MA CA 2017ca</span>
<span style="color:#008080">OU</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">QC 11 Mitarbeiter CA</span>
<span style="color:#008080">O</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">Deutsche Rentenversicherung Westfalen</span>
<span style="color:#008080">C</span> <span style="color:#000;font-weight:bold">=</span> <span style="color:#d14">DE</span></pre></td></tr></tbody></table>

        <p>Which in the <code>organizationIdentifier</code> field (OID 2.5.4.97) specifies the unique organisation identifier assigned by the German regulatory authority to the TSP: VATDE-170173453.
        </p>
        <p>RealTruth provides <code>Legal Person Representative Certificates</code> which are qualified in accordance with Regulation (EU) No. 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market.
        </p>
        <p>The certification policies of RealTruth includes the following sentences:
        </p>
        <blockquote>
            <p>The Registration Authority must verify the following information in order to authenticate the identity of the organisation:
            </p>
            <ul>
                <li>The data concerning the business name or corporate name of the organisation.
                </li>
                <li>The data relating to the constitution and legal status of the subscriber.
                </li>
                <li><b>The data concerning the extent and validity of the powers of representation of the applicant.</b>
                </li>
                <li>The data concerning the tax identification code of the organisation or equivalent code used in the country to whose legislation the subscriber is subject.
                </li>
            </ul>
        </blockquote>
        <p>The TSP (RealTruth in this case) performs the verifications against <code>Authentic Sources</code>.
        </p>
        <blockquote>
            <p>Authentic Sources are the public or private repositories or systems recognised or required by law containing attributes about a natural or legal persons.
            </p>
            <p>The Authentic Sources in scope of Annex VI of the [eIDAS2] legislative proposal are sources for attributes on address, age, gender, civil status, family composition, nationality, education and training qualifications titles and licences, professional qualifications titles and licences, public permits and licences, financial and company data.
            </p>
            <p>Authentic Sources in scope of Annex VI are required to provide interfaces to Qualified Electronic Attestation of Attributes  (QEAA) Providers to verify the authenticity of the above attributes, either directly or via designated intermediaries recognised at national level.
            </p>
            <p>Authentic Sources may also issue (Q)EAA-s themselves if they meet the requirements of the eIDAS Regulation. It is up to the Member States to define terms and conditions for the provisioning of these services, but according to the minimum technical specifications, standards, and procedures applicable to the verification procedures for qualified electronic attestations of attributes.
            </p>
        </blockquote>
        <p>In accordance to the policies, RealTruth made those validations when issuing the certificate to the COO, in such a way that the Relying Parties verifying the certificate can have a high level of trust in the assertion that the natural person identified in the certificate (with Spanish ID of 56565656V) is a legal representative of he GoodAir company (organizationIdentifier VATES-12345678).
        </p>
    </section>
    <section id="john-doe-an-administrative-employee-of-goodair"><div class="header-wrapper"><h3 id="a-4-john-doe-an-administrative-employee-of-goodair"><bdi class="secno">A.4 </bdi>John Doe: an administrative employee of GoodAir</h3><a class="self-link" href="#john-doe-an-administrative-employee-of-goodair" aria-label="Permalink for Appendix A.4"></a></div>

        <p>This is an employee of the central administration department of GoodAir, who is going to be formally nominated to manage a specific set of processes on behalf of GoodAir in the Data Space. In particular, this employee is going to be nominated as a LEAR (Legal Entity Appointed Representative).
        </p>
        <p>As its name implies, the LEAR has to be nominated by a <b>legal representative</b> of the GoodAir organisation with the necessary legal authority to commit the organisation for this type of decision. In our case, the COO of GoodAir will nominate John Doe as the LEAR of GoodAir, delegating to him the capabilities to perform some processes in the DOME portal and some other tasks in other organisations. That means that John Doe will not be empowered to perform cation snot explicitly specified in the credential.
        </p>
        <p>To perform the nomination, the COO of GoodAir (a legal representative of GoodAir) will issue a special credential to John Doe and will sign the credential with his certificate for signatures as legal representative of GoodAir. The details are described later in this document.
        </p>
    </section>
    <section id="dome-an-instance-of-a-data-space-for-smart-cities"><div class="header-wrapper"><h3 id="a-5-dome-an-instance-of-a-data-space-for-smart-cities"><bdi class="secno">A.5 </bdi>DOME: an instance of a Data Space for Smart Cities</h3><a class="self-link" href="#dome-an-instance-of-a-data-space-for-smart-cities" aria-label="Permalink for Appendix A.5"></a></div>

        <p>DOME is a Data Space where local governments can procure data and services from other entities that act as service providers. At the same time, the local governments can also act as data and service providers for other entities in the Data Space.
        </p>
        <p>The DOME Data Space has an portal service that allows external entities to perform some processes in an automated fashion by using Verifiable Credentials that have been issued by trusted entities. The complete Trust Framework used by DOME is composed from a series of Trust Frameworks, some managed internally using a governance model of DOME and some others managed externally but by trusted entities. At the root of the Trust Framework of DOME is the eIDAS Trust Framework and the pan-european recognized list of Trust Service Providers issuing the eIDAS compliant digital identities, in the form of certificates for signatures/seals.
        </p>
        <p>In order to participate in DOME, every legal person requires a certificate for seals or that one of its legal representatives has a certificate for signatures (or both). The DOME entity is registered in France with VAT number <b>VATFR-99999999</b>.
        </p>
    </section>
</section>
<section id="request_scope"><div class="header-wrapper"><h2 id="b-request-scope"><bdi class="secno">B. </bdi>Request Scope</h2><a class="self-link" href="#request_scope" aria-label="Permalink for Section B."></a></div>

    <p>According to section 5.3 of [<cite><a class="bibref" data-link-type="biblio" href="#bib-openid.vp" title="OpenID for Verifiable Presentations">OpenID.VP</a></cite>], wallets <em class="rfc2119">MAY</em> support requesting presentation of credentials using OAuth 2.0 <code>scope</code> values. Such a scope value <em class="rfc2119">MUST</em> be an alias for a well-defined presentation definition as it will be referred to in the <code>presentation_submission</code> response parameter.
    </p>
    <p>In this specification we define concrete scope values and the mapping between a certain scope value and the respective presentation definition, in particular the mapping between scope values and specific types of Verifiable Credentials used for access control in the use case described in this document. In a production implementation of a Data Space ecosystem, the Trust Framework has to define the mappings used in the ecosysyem and the mechanisms and governance model used to update those mappings.
    </p>
    <p>In this example we only need the mapping for the LEARCredential, where the scope <code>dome.credentials.presentation.LEARCredential</code> represents the following presentation definition:
    </p>

<table style="width:100%;"><tbody><tr><td class="codecolor">
<pre class="nohighlight precolor">{
    <span style="color:#000080">"id"</span>: <span style="color:#d14">"dome.credentials.presentation.LEARCredential"</span>,
    <span style="color:#000080">"input_descriptors"</span>: [
        {
        <span style="color:#000080">"id"</span>: <span style="color:#d14">"LEARCredentialDefinitionv1.01"</span>,
        <span style="color:#000080">"format"</span>: {
            <span style="color:#000080">"ldp_vc"</span>: {
                <span style="color:#000080">"proof_type"</span>: [
                    <span style="color:#d14">"RsaSignature2018"</span>
                ]
            }
        },
        <span style="color:#000080">"constraints"</span>: {
            <span style="color:#000080">"fields"</span>: [
                {
                    <span style="color:#000080">"path"</span>: [
                        <span style="color:#d14">"$.type"</span>
                    ],
                    <span style="color:#000080">"filter"</span>: {
                        <span style="color:#000080">"type"</span>: <span style="color:#d14">"string"</span>,
                        <span style="color:#000080">"pattern"</span>: <span style="color:#d14">"LEARCredential"</span>
                    }
                }
            ]
        }
        }
    ]
}</pre></td></tr></tbody></table>

</section>
<section id="glossary"><div class="header-wrapper"><h2 id="c-glossary"><bdi class="secno">C. </bdi>Glossary</h2><a class="self-link" href="#glossary" aria-label="Permalink for Section C."></a></div>

    <p>As far as possible and in order to enhance consistency with the regulation, we use in this document the following definitions, which is essentially a replica of the definitions in Article 3 of the document <cite><a data-matched-text="[[[EIDAS2-REG]]]" href="https://www.europarl.europa.eu/doceo/document/A-9-2023-0038_EN.html">REPORT on the proposal for a regulation of the European Parliament and of the Council amending Regulation (EU) No 910/2014 as regards establishing a framework for a European Digital Identity</a></cite>.
    </p>
    <p>This is the reason why in some definitions below the description refers to an article or section that does not exist in this document. We have decided to keep the definitions like in the original, as we think it does not limit the understanding of the concept.
    </p>
    <dl>
        <dt>(1) 'electronic identification'
</dt><dd>means the process of using person identification data in electronic form uniquely representing either a natural or legal person, or a natural person representing a legal person;
        
        </dd><dt>(2) 'electronic identification means'
</dt><dd>means a material and/or immaterial unit, including European Digital Identity Wallets or ID cards following Regulation 2019/1157, containing person identification data and which is used for authentication for an online or offline service:
        
        </dd><dt>(3) 'person identification data'
</dt><dd>means a set of data, issued in accordance with national law, enabling the identity of a natural or legal person, or a natural person representing a legal person to be established;
        
        </dd><dt>(4) 'electronic identification scheme'
</dt><dd>means a system for electronic identification under which electronic identification means, are issued to natural or legal persons or natural persons representing legal or natural persons;
        
        </dd><dt>(4a) 'user'
</dt><dd>means a natural or legal person, or a natural person representing a legal person using trust services, notified electronic identification means or European Digital Identity Wallets;
        
        </dd><dt>(5) 'authentication'
</dt><dd>means an electronic process that enables the verification of the origin and integrity of data in electronic form;
        
        </dd><dt>(5a) 'identification'
</dt><dd>means an electronic process that establish an unequivocal relationship between a set of data and a natural or legal person;
        
        </dd><dt>(5b) 'validation'
</dt><dd>means the process of verifying that an electronic signature, an electronic seal, a European Digital Identity Wallet, an electronic identification mean, a relying party authorisation, person identification data, an electronic attestation of attributes or any electronic certificates for trust services is valid and has not been revoked;
        
        </dd><dt>(5c) 'zero knowledge proof'
</dt><dd>means cryptographic methods by which a relying party can validate that a given statement based on the electronic attestation of attributes held in a user's European Digital Identity Wallet is true, without conveying any data related to those electronic attestation of attributes to the relying party;
        
        </dd><dt>(6) 'relying party'
</dt><dd>means a natural or legal person that relies upon an electronic identification means, including European Digital Identity Wallets, or a trust service, directly or through an intermediary, in order to provide services;
        
        </dd><dt>(7) 'public sector body'
</dt><dd>means a state, regional or local authority, a body governed by public law or an association formed by one or several such authorities or one or several such bodies governed by public law, or  private entity mandated by at least one of those authorities, bodies or associations to provide public services, when acting under such a mandate;
        
        </dd><dt>(8) 'body governed by public law'
</dt><dd>means a body defined in point (4) of Article 2(1) of Directive 2014/24/EU of the European Parliament and of the Council (1);
        
        </dd><dt>(9) 'signatory'
</dt><dd>means a natural person who creates an electronic signature;
        
        </dd><dt>(10) 'electronic signature'
</dt><dd>means data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign;
        
        </dd><dt>(11) 'advanced electronic signature'
</dt><dd>means an electronic signature which meets the requirements set out in Article 26;
        
        </dd><dt>(12) 'qualified electronic signature'
</dt><dd>means an advanced electronic signature that is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures;
        
        </dd><dt>(13) 'electronic signature creation data'
</dt><dd>means unique data which is used by the signatory to create an electronic signature;
        
        </dd><dt>(14) 'certificate for electronic signature' 
</dt><dd>means an electronic attestation which links electronic signature validation data to a natural person and confirms at least the name or the pseudonym of that person;
        
        </dd><dt>(15) 'qualified certificate for electronic signature' 
</dt><dd>means a certificate for electronic signatures, that is issued by a qualified trust service provider and meets the requirements laid down in Annex I;
        
        </dd><dt>'(16) 'trust service'
</dt><dd>means an electronic service normally provided against payment which consists of:
            <ul>
                <li>(a) the creation, verification, and validation of electronic signatures, electronic seals or electronic time stamps, electronic registered delivery services, electronic attestation of attributes and certificates related to those services;
                </li>
                <li>(b) the creation, verification and validation of certificates for website authentication;
                </li>
                <li>(c) the preservation of electronic signatures, seals or certificates related to those services;
                </li>
                <li>(d) the electronic archiving of electronic documents;
                </li>
                <li>(e) the management of remote electronic signature and seal creation devices;
                </li>
            </ul>
        
        </dd><dt>(42) 'European Digital Identity Wallet' 
</dt><dd>means an electronic identification means which securely stores, manages and validates identity data and electronic attestations of attributes, to provide them to relying parties and other users of European Digital Identity Wallets on request, and which enables the creation of qualified electronic signatures and seals;
        
        </dd><dt>(43) 'attribute' 
</dt><dd>is a feature, characteristic or quality of a natural or legal person or of an entity;
        
        </dd><dt>(44) 'electronic attestation of attributes' 
</dt><dd>means an attestation in electronic form that allows the presentation and authentication of attributes;
        
        </dd><dt>(45) 'qualified electronic attestation of attributes' 
</dt><dd>means an electronic attestation of attributes, which is issued by a qualified trust service provider and meets the requirements laid down in Annex V;
        
        </dd><dt>(46) 'authentic source' 
</dt><dd>is a repository or system, held under the responsibility of a public sector body or private entity, that contains attributes about a natural or legal person and is considered to be the primary source of that information or recognised as authentic in Union or national law;
        
        </dd><dt>(47) 'electronic archiving' 
</dt><dd>means a service ensuring preservation of electronic data or documents in order to guarantee their integrity, the accuracy of their origin and legal features throughout the conservation period;
        
        </dd><dt>(48) 'qualified electronic archiving service' 
</dt><dd>means a service that meets the requirements laid down in Article 45g;
        
        </dd><dt>(49) 'EU Digital Identity Wallet Trust Mark' 
</dt><dd>means an indication in a simple, recognisable and clear manner that a Digital Identity Wallet has been issued in accordance with this Regulation;
        
        </dd><dt>(50) 'strong user authentication' 
</dt><dd>means an authentication based on the use of at least two authentication factors categorised as user knowledge , possession and inherence that are independent, in such a way that the breach of one does not compromise the reliability of the others, and is designed in such a way to protect the confidentiality of the authentication data;
        
        </dd><dt>(51) 'user account' 
</dt><dd>means a mechanism that allows a user to access public or private services on the terms and conditions established by the service provider;
        
        </dd><dt>(54) 'personal data' 
</dt><dd>means any information as defined in point 1 of Article 4 of Regulation (EU) 2016/679;
        
        </dd><dt>(55) 'identity matching' 
</dt><dd>means a process where person identification data or person identification means are matched with or linked to an existing account belonging to the same person;
        
        </dd><dt>(55a) 'offline service' 
</dt><dd>means the capability of a user to electronically identify and authenticate with a third party with close proximity technologies irrespective of whether the device is connected to the internet or not in order to access a wide range of public and private services;
        
    </dd></dl>
</section>





<section id="references" class="appendix"><div class="header-wrapper"><h2 id="d-references"><bdi class="secno">D. </bdi>References</h2><a class="self-link" href="#references" aria-label="Permalink for Appendix D."></a></div>
<section id="normative-references"><div class="header-wrapper"><h3 id="d-1-normative-references"><bdi class="secno">D.1 </bdi>Normative references</h3><a class="self-link" href="#normative-references" aria-label="Permalink for Appendix D.1"></a></div>
    
    <dl class="bibliography"><dt id="bib-did-core">[DID-Core]</dt><dd>
      <a href="https://www.w3.org/TR/did-core/"><cite>Decentralized Identifiers (DIDs) v1.0</cite></a>. Manu Sporny; Amy Guy; Markus Sabadello; Drummond Reed.  W3C. 19 July 2022. W3C Recommendation. URL: <a href="https://www.w3.org/TR/did-core/">https://www.w3.org/TR/did-core/</a>
    </dd><dt id="bib-did-elsi">[DID-ELSI]</dt><dd>
      <a href="https://alastria.github.io/did-method-elsi/"><cite>DID ETSI Legal person Semantic Identifier Method Specification (did:elsi)</cite></a>. 04 June 2023. URL: <a href="https://alastria.github.io/did-method-elsi/">https://alastria.github.io/did-method-elsi/</a>
    </dd><dt id="bib-dif.presentationexchange">[DIF.PresentationExchange]</dt><dd>
      <a href="https://identity.foundation/presentation-exchange/spec/v2.0.0/"><cite>Presentation Exchange 2.0.0</cite></a>. URL: <a href="https://identity.foundation/presentation-exchange/spec/v2.0.0/">https://identity.foundation/presentation-exchange/spec/v2.0.0/</a>
    </dd><dt id="bib-eidas2-reg">[EIDAS2-REG]</dt><dd>
      <a href="https://www.europarl.europa.eu/doceo/document/A-9-2023-0038_EN.html"><cite>REPORT on the proposal for a regulation of the European Parliament and of the Council amending Regulation (EU) No 910/2014 as regards establishing a framework for a European Digital Identity</cite></a>. March 2023. URL: <a href="https://www.europarl.europa.eu/doceo/document/A-9-2023-0038_EN.html">https://www.europarl.europa.eu/doceo/document/A-9-2023-0038_EN.html</a>
    </dd><dt id="bib-enisa-qes">[ENISA-QES]</dt><dd>
      <a href="https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-electronic-signatures"><cite>Security guidelines on the appropriate use of qualified electronic signatures</cite></a>. December 2016. URL: <a href="https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-electronic-signatures">https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-electronic-signatures</a>
    </dd><dt id="bib-enisa-qseal">[ENISA-QSEAL]</dt><dd>
      <a href="https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-electronic-seals"><cite>Security guidelines on the appropriate use of qualified electronic seals</cite></a>. June 2017. URL: <a href="https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-electronic-seals">https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-electronic-seals</a>
    </dd><dt id="bib-etsi-jades">[ETSI-JADES]</dt><dd>
      <a href="https://www.etsi.org/deliver/etsi_ts/119100_119199/11918201/01.01.01_60/ts_11918201v010101p.pdf"><cite>ETSI TS 119 182-1 V1.1.1 (2021-03) - Electronic Signatures and Infrastructures (ESI); JAdES digital signatures; Part 1: Building blocks and JAdES baseline signatures</cite></a>.  ETSI. 2021-03. URL: <a href="https://www.etsi.org/deliver/etsi_ts/119100_119199/11918201/01.01.01_60/ts_11918201v010101p.pdf">https://www.etsi.org/deliver/etsi_ts/119100_119199/11918201/01.01.01_60/ts_11918201v010101p.pdf</a>
    </dd><dt id="bib-etsi-legalperson">[ETSI-LEGALPERSON]</dt><dd>
      <a href="https://www.etsi.org/deliver/etsi_en/319400_319499/31941203/01.02.01_60/en_31941203v010201p.pdf"><cite>ETSI EN 319 412-3 V1.2.1 (2020-07) - Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 3: Certificate profile for certificates issued to legal persons</cite></a>.  ETSI. 2020-07. URL: <a href="https://www.etsi.org/deliver/etsi_en/319400_319499/31941203/01.02.01_60/en_31941203v010201p.pdf">https://www.etsi.org/deliver/etsi_en/319400_319499/31941203/01.02.01_60/en_31941203v010201p.pdf</a>
    </dd><dt id="bib-nist-auth">[NIST-AUTH]</dt><dd>
      <a href="https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-178.pdf"><cite>NIST Special Publication 800-178: A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications</cite></a>. October 2016. URL: <a href="https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-178.pdf">https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-178.pdf</a>
    </dd><dt id="bib-openid.core">[OpenID.Core]</dt><dd>
      <a href="http://openid.net/specs/openid-connect-core-1_0.html"><cite>OpenID Connect Core 1.0 incorporating errata set 1</cite></a>. 8 November 2014. URL: <a href="http://openid.net/specs/openid-connect-core-1_0.html">http://openid.net/specs/openid-connect-core-1_0.html</a>
    </dd><dt id="bib-openid.siop2">[OpenID.SIOP2]</dt><dd>
      <a href="https://openid.bitbucket.io/connect/openid-connect-self-issued-v2-1_0.html"><cite>Self-Issued OpenID Provider v2</cite></a>. 28 January 2022. URL: <a href="https://openid.bitbucket.io/connect/openid-connect-self-issued-v2-1_0.html">https://openid.bitbucket.io/connect/openid-connect-self-issued-v2-1_0.html</a>
    </dd><dt id="bib-openid.vci">[OpenID.VCI]</dt><dd>
      <a href="https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html"><cite>OpenID for Verifiable Credential Issuance</cite></a>. 3 February 2023. URL: <a href="https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html">https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html</a>
    </dd><dt id="bib-openid.vp">[OpenID.VP]</dt><dd>
      <a href="https://openid.net/specs/openid-4-verifiable-presentations-1_0.html"><cite>OpenID for Verifiable Presentations</cite></a>. 21 April 2023. URL: <a href="https://openid.net/specs/openid-4-verifiable-presentations-1_0.html">https://openid.net/specs/openid-4-verifiable-presentations-1_0.html</a>
    </dd><dt id="bib-rfc2119">[RFC2119]</dt><dd>
      <a href="https://www.rfc-editor.org/rfc/rfc2119"><cite>Key words for use in RFCs to Indicate Requirement Levels</cite></a>. S. Bradner.  IETF. March 1997. Best Current Practice. URL: <a href="https://www.rfc-editor.org/rfc/rfc2119">https://www.rfc-editor.org/rfc/rfc2119</a>
    </dd><dt id="bib-rfc2616">[RFC2616]</dt><dd>
      <a href="https://www.rfc-editor.org/rfc/rfc2616"><cite>Hypertext Transfer Protocol -- HTTP/1.1</cite></a>. R. Fielding; J. Gettys; J. Mogul; H. Frystyk; L. Masinter; P. Leach; T. Berners-Lee.  IETF. June 1999. Draft Standard. URL: <a href="https://www.rfc-editor.org/rfc/rfc2616">https://www.rfc-editor.org/rfc/rfc2616</a>
    </dd><dt id="bib-rfc5246">[RFC5246]</dt><dd>
      <a href="https://www.rfc-editor.org/rfc/rfc5246"><cite>The Transport Layer Security (TLS) Protocol Version 1.2</cite></a>. T. Dierks; E. Rescorla.  IETF. August 2008. Proposed Standard. URL: <a href="https://www.rfc-editor.org/rfc/rfc5246">https://www.rfc-editor.org/rfc/rfc5246</a>
    </dd><dt id="bib-rfc6749">[RFC6749]</dt><dd>
      <a href="https://www.rfc-editor.org/rfc/rfc6749.html"><cite>The OAuth 2.0 Authorization Framework</cite></a>. URL: <a href="https://www.rfc-editor.org/rfc/rfc6749.html">https://www.rfc-editor.org/rfc/rfc6749.html</a>
    </dd><dt id="bib-rfc7515">[RFC7515]</dt><dd>
      <a href="https://www.rfc-editor.org/rfc/rfc7515"><cite>JSON Web Signature (JWS)</cite></a>. URL: <a href="https://www.rfc-editor.org/rfc/rfc7515">https://www.rfc-editor.org/rfc/rfc7515</a>
    </dd><dt id="bib-rfc7519">[RFC7519]</dt><dd>
      <a href="https://www.rfc-editor.org/rfc/rfc7519"><cite>JSON Web Token (JWT)</cite></a>. URL: <a href="https://www.rfc-editor.org/rfc/rfc7519">https://www.rfc-editor.org/rfc/rfc7519</a>
    </dd><dt id="bib-rfc8174">[RFC8174]</dt><dd>
      <a href="https://www.rfc-editor.org/rfc/rfc8174"><cite>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</cite></a>. B. Leiba.  IETF. May 2017. Best Current Practice. URL: <a href="https://www.rfc-editor.org/rfc/rfc8174">https://www.rfc-editor.org/rfc/rfc8174</a>
    </dd><dt id="bib-rfc8414">[RFC8414]</dt><dd>
      <a href="https://www.rfc-editor.org/rfc/rfc8414"><cite>OAuth 2.0 Authorization Server Metadata</cite></a>. URL: <a href="https://www.rfc-editor.org/rfc/rfc8414">https://www.rfc-editor.org/rfc/rfc8414</a>
    </dd><dt id="bib-rfc8725">[RFC8725]</dt><dd>
      <a href="https://www.rfc-editor.org/rfc/rfc8725"><cite>JSON Web Token Best Current Practices</cite></a>. URL: <a href="https://www.rfc-editor.org/rfc/rfc8725">https://www.rfc-editor.org/rfc/rfc8725</a>
    </dd><dt id="bib-rfc9068">[RFC9068]</dt><dd>
      <a href="https://www.rfc-editor.org/rfc/rfc9068"><cite>JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens</cite></a>. V. Bertocci.  IETF. October 2021. Proposed Standard. URL: <a href="https://www.rfc-editor.org/rfc/rfc9068">https://www.rfc-editor.org/rfc/rfc9068</a>
    </dd></dl>
  </section></section><p role="navigation" id="back-to-top">
    <a href="#title"><abbr title="Back to Top">↑</abbr></a>
  </p><script id="respec-dfn-panel">(() =&gt; {
// @ts-check
if (document.respec) {
  document.respec.ready.then(setupPanel);
} else {
  setupPanel();
}

function setupPanel() {
  const listener = panelListener();
  document.body.addEventListener("keydown", listener);
  document.body.addEventListener("click", listener);
}

function panelListener() {
  /** @type {HTMLElement} */
  let panel = null;
  return event =&gt; {
    const { target, type } = event;

    if (!(target instanceof HTMLElement)) return;

    // For keys, we only care about Enter key to activate the panel
    // otherwise it's activated via a click.
    if (type === "keydown" &amp;&amp; event.key !== "Enter") return;

    const action = deriveAction(event);

    switch (action) {
      case "show": {
        hidePanel(panel);
        /** @type {HTMLElement} */
        const dfn = target.closest("dfn, .index-term");
        panel = document.getElementById(`dfn-panel-for-${dfn.id}`);
        const coords = deriveCoordinates(event);
        displayPanel(dfn, panel, coords);
        break;
      }
      case "dock": {
        panel.style.left = null;
        panel.style.top = null;
        panel.classList.add("docked");
        break;
      }
      case "hide": {
        hidePanel(panel);
        panel = null;
        break;
      }
    }
  };
}

/**
 * @param {MouseEvent|KeyboardEvent} event
 */
function deriveCoordinates(event) {
  const target = /** @type HTMLElement */ (event.target);

  // We prevent synthetic AT clicks from putting
  // the dialog in a weird place. The AT events sometimes
  // lack coordinates, so they have clientX/Y = 0
  const rect = target.getBoundingClientRect();
  if (
    event instanceof MouseEvent &amp;&amp;
    event.clientX &gt;= rect.left &amp;&amp;
    event.clientY &gt;= rect.top
  ) {
    // The event probably happened inside the bounding rect...
    return { x: event.clientX, y: event.clientY };
  }

  // Offset to the middle of the element
  const x = rect.x + rect.width / 2;
  // Placed at the bottom of the element
  const y = rect.y + rect.height;
  return { x, y };
}

/**
 * @param {Event} event
 */
function deriveAction(event) {
  const target = /** @type {HTMLElement} */ (event.target);
  const hitALink = !!target.closest("a");
  if (target.closest("dfn:not([data-cite]), .index-term")) {
    return hitALink ? "none" : "show";
  }
  if (target.closest(".dfn-panel")) {
    if (hitALink) {
      return target.classList.contains("self-link") ? "hide" : "dock";
    }
    const panel = target.closest(".dfn-panel");
    return panel.classList.contains("docked") ? "hide" : "none";
  }
  if (document.querySelector(".dfn-panel:not([hidden])")) {
    return "hide";
  }
  return "none";
}

/**
 * @param {HTMLElement} dfn
 * @param {HTMLElement} panel
 * @param {{ x: number, y: number }} clickPosition
 */
function displayPanel(dfn, panel, { x, y }) {
  panel.hidden = false;
  // distance (px) between edge of panel and the pointing triangle (caret)
  const MARGIN = 20;

  const dfnRects = dfn.getClientRects();
  // Find the `top` offset when the `dfn` can be spread across multiple lines
  let closestTop = 0;
  let minDiff = Infinity;
  for (const rect of dfnRects) {
    const { top, bottom } = rect;
    const diffFromClickY = Math.abs((top + bottom) / 2 - y);
    if (diffFromClickY &lt; minDiff) {
      minDiff = diffFromClickY;
      closestTop = top;
    }
  }

  const top = window.scrollY + closestTop + dfnRects[0].height;
  const left = x - MARGIN;
  panel.style.left = `${left}px`;
  panel.style.top = `${top}px`;

  // Find if the panel is flowing out of the window
  const panelRect = panel.getBoundingClientRect();
  const SCREEN_WIDTH = Math.min(window.innerWidth, window.screen.width);
  if (panelRect.right &gt; SCREEN_WIDTH) {
    const newLeft = Math.max(MARGIN, x + MARGIN - panelRect.width);
    const newCaretOffset = left - newLeft;
    panel.style.left = `${newLeft}px`;
    /** @type {HTMLElement} */
    const caret = panel.querySelector(".caret");
    caret.style.left = `${newCaretOffset}px`;
  }

  // As it's a dialog, we trap focus.
  // TODO: when &lt;dialog&gt; becomes a implemented, we should really
  // use that.
  trapFocus(panel, dfn);
}

/**
 * @param {HTMLElement} panel
 * @param {HTMLElement} dfn
 * @returns
 */
function trapFocus(panel, dfn) {
  /** @type NodeListOf&lt;HTMLAnchorElement&gt; elements */
  const anchors = panel.querySelectorAll("a[href]");
  // No need to trap focus
  if (!anchors.length) return;

  // Move focus to first anchor element
  const first = anchors.item(0);
  first.focus();

  const trapListener = createTrapListener(anchors, panel, dfn);
  panel.addEventListener("keydown", trapListener);

  // Hiding the panel releases the trap
  const mo = new MutationObserver(records =&gt; {
    const [record] = records;
    const target = /** @type HTMLElement */ (record.target);
    if (target.hidden) {
      panel.removeEventListener("keydown", trapListener);
      mo.disconnect();
    }
  });
  mo.observe(panel, { attributes: true, attributeFilter: ["hidden"] });
}

/**
 *
 * @param {NodeListOf&lt;HTMLAnchorElement&gt;} anchors
 * @param {HTMLElement} panel
 * @param {HTMLElement} dfn
 * @returns
 */
function createTrapListener(anchors, panel, dfn) {
  const lastIndex = anchors.length - 1;
  let currentIndex = 0;
  return event =&gt; {
    switch (event.key) {
      // Hitting "Tab" traps us in a nice loop around elements.
      case "Tab": {
        event.preventDefault();
        currentIndex += event.shiftKey ? -1 : +1;
        if (currentIndex &lt; 0) {
          currentIndex = lastIndex;
        } else if (currentIndex &gt; lastIndex) {
          currentIndex = 0;
        }
        anchors.item(currentIndex).focus();
        break;
      }

      // Hitting "Enter" on an anchor releases the trap.
      case "Enter":
        hidePanel(panel);
        break;

      // Hitting "Escape" returns focus to dfn.
      case "Escape":
        hidePanel(panel);
        dfn.focus();
        return;
    }
  };
}

/** @param {HTMLElement} panel */
function hidePanel(panel) {
  if (!panel) return;
  panel.hidden = true;
  panel.classList.remove("docked");
}
})()</script><script src="https://www.w3.org/scripts/TR/2021/fixup.js"></script></body></html>