Hi, I was wondering what is the reason for introducing the sd_digests claim. I think it complicates integration with existing systems. For example, I am pretty sure that the VC included in Example 4 is wrong. Since the verifier can learn from the SD-JWT-RELEASE which claims are hashed, why is it necessary to nest them under the sd_digests claim?
Also a small detail: if you decode the token at the end of section 5.2, instead of "sd_digests" it uses "_sd" Best, Nikos -- Nikos Fotiou - http://pages.cs.aueb.gr/~fotiou Researcher - Mobile Multimedia Laboratory Athens University of Economics and Business https://mm.aueb.gr > On 23 Jun 2022, at 7:32 PM, Daniel Fett <m...@danielfett.de@dmarc.ietf.org> > wrote: > > All, > > Kristina and I would like to bring to your attention a new draft that we have > been working on with many others over the past weeks. "Selective Disclosure > JWT (SD-JWT)" describes a format for signed JWTs that support selective > disclosure (SD-JWT), enabling sharing only a subset of the claims included in > the original signed JWT instead of releasing all the claims to every verifier. > > https://www.ietf.org/archive/id/draft-fett-oauth-selective-disclosure-jwt-01.html > > Initial feedback we got was positive and we now would like to hear from the > working group with the eventual goal of asking for working group adoption. > > Issues are tracked in our GitHub repository: > https://github.com/oauthstuff/draft-selective-disclosure-jwt/issues > > The approach to selective disclosure described in the document is based on > salted hashes. We have discussed and explored other approaches based on > encryption as well. If you are interested in following this discussion, we > would like to invite you to read this issue: > https://github.com/oauthstuff/draft-selective-disclosure-jwt/issues/30 > > One main goal with this work is that the format should be easy to implement, > requiring little more than a regular JWT library. Three working > implementations show that this goal has been achieved: > https://github.com/oauthstuff/draft-selective-disclosure-jwt#implementations > > We are looking forward to your feedback! > > -Daniel > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
