Merge pull request #78 from peppelinux/dg-val

Further clarifications about credential validity without status assertions
peppelinux · Jul 1, 2024 · b497657 · b497657
2 parents 73316fd + e76c890
commit b497657
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/draft-demarco-oauth-status-assertions.md b/draft-demarco-oauth-status-assertions.md
@@ -240,8 +240,9 @@ using a timestamp which is at or after the time of
 Digital Credential issuance which it refers;
 - MUST contain the expiration datetime after which
 the Status Assertion MUST NOT be considered valid anymore,
-and the Digital Credential it refers
-SHOULD NOT be considered valid anymore. The expiration datetime MUST be
+and the Digital Credential referred to SHOULD NOT
+be considered as having a valid status, unless there exists some specific verifier policy that provides stronger guidance.
+The expiration datetime MUST be
 superior to the Status Assertion issuance datetime and it MUST end before
 the expiration datetime of the Digital Credential;
 - MUST enable the offline use cases by employing validation using