Currently, OpenID4VP and 18013-5 have conflicting approach to IntentToRetain:
Both have this feature on a per-claim basis. It is intended to indicate whether the Verifier will store the requested value beyond the duration of the current transaction. This is used both for wallet transaction history and for informational purposes to the user at the time of consent.
In 18013-5 the Verifier MUST set either TRUE or FALSE. In OpenID4VP the Verifier may set TRUE, FALSE or leave it out entirely.
There has been much discussion on this in the past:
- 18013-5 intentionally makes this mandatory so the Verifier needs to make a declaration, and can be held accountable if they misrepresent their intent.
- OpenID4VP intentionally allows it to be omitted as in some cases (notably online) it is not possible to make a reasonable declaration of what retaining means and believe it is better communicated with a more comprehensive tos/usage policy. The contention is that forcing the Verifier to make a choice in those cases will result in an inconsistent signal, and be harmful overall.
Proposed Options:
- Option 1: Make it mandatory and provide unambiguous usage requirements for both in-person and online
- This optional potentially results in the boolean always being set for online verifiers
- Option 2: Make it optional and provide clear meaning of all three states
- This option potentially results in Issuers/Documents having their own access control policies that mandate it
- Option 3: Make it optional or remove it and provide an alternative way to declare usage/tos policy
- This option potentially requires a lot of novel work
Currently, OpenID4VP and 18013-5 have conflicting approach to IntentToRetain:
Both have this feature on a per-claim basis. It is intended to indicate whether the Verifier will store the requested value beyond the duration of the current transaction. This is used both for wallet transaction history and for informational purposes to the user at the time of consent.
In 18013-5 the Verifier MUST set either TRUE or FALSE. In OpenID4VP the Verifier may set TRUE, FALSE or leave it out entirely.
There has been much discussion on this in the past:
Proposed Options: