Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider removing the c_nonce_expires_in parameter #394

Open
tplooker opened this issue Sep 17, 2024 · 1 comment
Open

Consider removing the c_nonce_expires_in parameter #394

tplooker opened this issue Sep 17, 2024 · 1 comment

Comments

@tplooker
Copy link
Contributor

The c_nonce_expires_in parameter is intended to signal to the client/wallet when the c_nonce expires and therefore when a client/wallet should obtain a new one. However, given a credential issuer can invalidate a c_nonce at any stage this parameter is a bit of an un-reliable signal to clients/wallets. Practically this means clients/wallets will have to account for an error at the credential response endpoint due to an invalid nonce even if it isn't expired. For that reason I think we should remove the c_nonce_expires_in parameter and therefore simplify the nonce handling.
@bc-pi
Copy link
Member

bc-pi commented Sep 18, 2024

Concur with the removal of c_nonce_expires_in for the reasons @tplooker mentions and others like just general aesthetics. I was wanting to drop it with the work on #381 but decided to try and keep the scope of changes there narrow in hopes of landing[1] the PR in a timely manner.

[1] I think that's what the cool kids say nowadays

@bc-pi bc-pi mentioned this issue Sep 24, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tplooker @bc-pi