Re: [OAUTH-WG] Simplification and consolidation of SD-JWT terminology and format

Wed, 14 Jun 2023 05:49:29 -0700 

Hi Hannes,
maybe it was a bit implicit, but the point of Brian's email was to specifically do what you said - discuss this normative change here first. 


Although this is an extremely small change, we are conscious about not 
introducing breaking changes unless there is a tangible, practical 
advantage. This is such a change and we would be interested to hear 
feedback from the list.



To illustrate the change further, taking Example 1 from the spec, the 
issuance would be changed from the current format:


eyJhbGciOiAiRVMyNTYifQ.eyJfc2QiOiBbIjRIQm42YUlZM1d0dUdHV1R4LXFVajZjZ
Gs2V0JwWnlnbHRkRmF2UGE3TFkiLCAiOHNtMVFDZjAyMXBObkhBQ0k1c1A0bTRLWmd5T
k9PQVljVGo5SE5hQzF3WSIsICJTRE43OU5McEFuSFBta3JkZVlkRWE4OVhaZHNrME04R
EtZU1FPVTJaeFFjIiwgIlh6RnJ6d3NjTTZHbjZDSkRjNnZWSzhCa01uZkc4dk9TS2ZwU
ElaZEFmZEUiLCAiZ2JPc0k0RWRxMngyS3ctdzV3UEV6YWtvYjloVjFjUkQwQVROM29RT
DlKTSIsICJqTUNYVnotLTliOHgzN1ljb0RmWFFpbnp3MXdaY2NjZkZSQkNGR3FkRzJvI
iwgIm9LSTFHZDJmd041V3d2amxGa29oaWRHdmltLTMxT3VsUjNxMGhyRE8wNzgiXSwgI
mlzcyI6ICJodHRwczovL2V4YW1wbGUuY29tL2lzc3VlciIsICJpYXQiOiAxNjgzMDAwM
DAwLCAiZXhwIjogMTg4MzAwMDAwMCwgIl9zZF9hbGciOiAic2hhLTI1NiIsICJjbmYiO
iB7Imp3ayI6IHsia3R5IjogIkVDIiwgImNydiI6ICJQLTI1NiIsICJ4IjogIlRDQUVSM
TladnUzT0hGNGo0VzR2ZlNWb0hJUDFJTGlsRGxzN3ZDZUdlbWMiLCAieSI6ICJaeGppV
1diWk1RR0hWV0tWUTRoYlNJaXJzVmZ1ZWNDRTZ0NGpUOUYySFpRIn19fQ.Kxtki3s03m
PtQQ1huyZvoTggStQWfcNrcKSOZ2Kdn5XNmT-jLK0JGYMPH8_ZF4wiSGhx-KzPNXOwqz
euff9kjA

To this new format:

eyJhbGciOiAiRVMyNTYifQ.eyJfc2QiOiBbIjRIQm42YUlZM1d0dUdHV1R4LXFVajZjZ
Gs2V0JwWnlnbHRkRmF2UGE3TFkiLCAiOHNtMVFDZjAyMXBObkhBQ0k1c1A0bTRLWmd5T
k9PQVljVGo5SE5hQzF3WSIsICJTRE43OU5McEFuSFBta3JkZVlkRWE4OVhaZHNrME04R
EtZU1FPVTJaeFFjIiwgIlh6RnJ6d3NjTTZHbjZDSkRjNnZWSzhCa01uZkc4dk9TS2ZwU
ElaZEFmZEUiLCAiZ2JPc0k0RWRxMngyS3ctdzV3UEV6YWtvYjloVjFjUkQwQVROM29RT
DlKTSIsICJqTUNYVnotLTliOHgzN1ljb0RmWFFpbnp3MXdaY2NjZkZSQkNGR3FkRzJvI
iwgIm9LSTFHZDJmd041V3d2amxGa29oaWRHdmltLTMxT3VsUjNxMGhyRE8wNzgiXSwgI
mlzcyI6ICJodHRwczovL2V4YW1wbGUuY29tL2lzc3VlciIsICJpYXQiOiAxNjgzMDAwM
DAwLCAiZXhwIjogMTg4MzAwMDAwMCwgIl9zZF9hbGciOiAic2hhLTI1NiIsICJjbmYiO
iB7Imp3ayI6IHsia3R5IjogIkVDIiwgImNydiI6ICJQLTI1NiIsICJ4IjogIlRDQUVSM
TladnUzT0hGNGo0VzR2ZlNWb0hJUDFJTGlsRGxzN3ZDZUdlbWMiLCAieSI6ICJaeGppV
1diWk1RR0hWV0tWUTRoYlNJaXJzVmZ1ZWNDRTZ0NGpUOUYySFpRIn19fQ.Kxtki3s03m
PtQQ1huyZvoTggStQWfcNrcKSOZ2Kdn5XNmT-jLK0JGYMPH8_ZF4wiSGhx-KzPNXOwqz
euff9kjA~

(Note the additional ~ at the end.)


The suggested clarification in the terminology will help to make the 
spec more concise and clear.


-Daniel

Am 14.06.23 um 09:27 schrieb Hannes Tschofenig:


Hi Brian,



please note that this is a working group item and you cannot make 
decisions in a small group with off-line discussions.



Hence, I suggest to propose the changes to the list and get support 
for it. As you know, we need to follow this approach to give everyone 
in the group a chance to get their voice heard.



Ciao
Hannes


Am 13.06.2023 um 20:58 schrieb Brian Campbell:

Following some offline discussions and feedback there's a plan to 
make some small simplifying changes to the SD-JWT draft to 
consolidate the format and associated terminology. Basically the 
terms "Combined Format for Issuance" and "Combined Format for 
Presentation'' will go away and the whole structure, issued or 
presented, can simply be called an SD-JWT. To align the two formats, 
the last Disclosure will always be followed by a `~` (tilde) 
character (currently the Combined Format for Issuance does not have 
the trailing tilde). When holder/key binding is required for 
presentation of a SD-JWT, a holder/key binding JWT will be appended 
to the end of the whole thing after the trailing tilde. That's all 
there is to it, which isn't much, but I think the result will be 
shortening and simplifying the spec text. And also make the 
terminology easier and more natural when talking about uses or 
applications of SD-JWT.



/CONFIDENTIALITY NOTICE: This email may contain confidential and 
privileged material for the sole use of the intended recipient(s). 
Any review, use, distribution or disclosure by others is strictly 
prohibited.  If you have received this communication in error, please 
notify the sender immediately by e-mail and delete the message and 
any file attachments from your computer. Thank you./


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth






















					Reply via email to