Intent to Experiment: Digital Credentials API (issuance support)

16 views
Skip to first unread message

Chromestatus

unread,
1:08 PM (6 hours ago) 1:08 PM
to blin...@chromium.org, ashim...@google.com, ma...@chromium.org, rby...@chromium.org
Contact emails
rby...@chromium.org, ma...@chromium.org, ashim...@google.com

Explainer
https://github.com/w3c-fedid/digital-credentials/blob/main/explainer.md

Specification
https://w3c-fedid.github.io/digital-credentials

Summary
This Web Platform feature enables issuing websites (e.g., a university, government agency, or bank) to securely initiate the provisioning (issuance) process of digital credentials directly into a user's mobile wallet application. On Android, this capability leverages the Android IdentityCredential CredMan system (Credential Manager). On Desktop, it leverages cross-device approaches using the CTAP protocol similar to Digital Credentials presentation.

Blink component
Blink>Identity>DigitalCredentials

Web Feature ID
Missing feature

TAG review
https://github.com/w3ctag/design-reviews/issues/1119

TAG review status
Pending

Origin Trial documentation link
https://w3c-fedid.github.io/digital-credentials

Risks


Interoperability and Compatibility
There are multiple standards efforts involved here. We have been working with WebKit and Mozilla in the WICG on defining this specific API. But the greater interoperability risk will come from the data that is sent and returned via this API. Details of that are driven outside the web browser community in the OpenID Foundation.

Gecko: Negative (https://github.com/mozilla/standards-positions/issues/1003)

WebKit: Support (https://github.com/WebKit/standards-positions/issues/332) Presentation support is shipped, but timeline for adding issuance support yet.

Web developers: No signals

Other signals:

Activation
The primary activation concern is enabling existing deployments using technology like OpenID4VCI to be able to also support this API. As such we have left the request protocol unspecified at this layer, to be specified along with existing request protocols to maximize activation opportunity.

WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

None


Goals for experimentation


Ongoing technical constraints
None

Debuggability
None necessary - just new JS API. For testing we plan to add a developer option to provide a fake wallet, but this effort is still ongoing.

Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)?
No

Is this feature fully tested by web-platform-tests?
Yes
https://wpt.fyi/results/digital-credentials?label=experimental&label=master&aligned

Flag name on about://flags
web-identity-digital-credentials-creation

Finch feature name
WebIdentityDigitalCredentialsCreation

Requires code in //chrome?
True

Tracking bug
https://crbug.com/378330032

Launch bug
https://launch.corp.google.com/launch/4418038

Estimated milestones
Origin trial desktop first143
DevTrial on desktop133
Origin trial Android first143
DevTrial on Android133


Link to entry on the Chrome Platform Status
https://chromestatus.com/feature/5099333963874304?gate=5124632629870592

This intent message was generated by Chrome Platform Status.
Reply all
Reply to author
Forward
0 new messages