Skip to content

2.2.0

Latest
Latest

Choose a tag to compare

View all tags
@peppelinux peppelinux released this 11 Mar 14:59
2.2.0
1247bcd
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

  • feat(openid4vci): bind access and refresh tokens to DPoP key (RFC 9449)
  • feat(openid4vci): reject PAR jti replay (RFC 9126)
  • feat(openid4vci): verify key_attestation (WUA) in credential proof when present
  • doc(openid4vci): document OpenID Federation integration for trust evaluation
  • feat(openid4vp): validate mdoc SessionTranscript for OpenID4VP profile (ISO 18013-7)
  • feat: openid4vci add proof jwt specific checks
  • Introduced the proof_jwt_required flag in integration_test/conf/openid4vci_frontend.yaml to control proof JWT requirements at the credential endpoint.
  • Removed the scopes field from backend configuration in test files, aligning with updated claim handling logic. [1] [2]
  • Removed redundant or misplaced security configuration sections from backend test configs.

Full Changelog: 2.1.0...2.2.0

Contributors

peppelinux and manpace
Assets 2
Loading