SID-TRANS-02 — OpenID4VCI Credential Issuance Protocol
| Property | Value |
|---|---|
| Owner | platform |
| Category | technical |
| CSF Function | protect |
| Group | Transport Security Controls |
Description
Full OID4VCI flow: credential offer parsing → metadata fetch → issuer trust evaluation via AuthZEN → OAuth token exchange → credential request with proof. Proof types: JWT, DI-VP, attestation. Algorithm 'none' rejected. Private keys in headers rejected.
Components
Source References
Framework Requirements
EUDI Security Requirements: WUM-8.2.2-Fun-01, CS-I.3-WUS
FitCEM Wallet Instance: FIT-AU-11, FIT-AU-17
ISO 27001 Annex A: A.5.14