Hi Hannes,
maybe it was a bit implicit, but the point of Brian's email was to
specifically do what you said - discuss this normative change here first.
Although this is an extremely small change, we are conscious about not
introducing breaking changes unless there is a tangible, practical
advantage. This is such a change and we would be interested to hear
feedback from the list.
To illustrate the change further, taking Example 1 from the spec, the
issuance would be changed from the current format:
eyJhbGciOiAiRVMyNTYifQ.eyJfc2QiOiBbIjRIQm42YUlZM1d0dUdHV1R4LXFVajZjZ
Gs2V0JwWnlnbHRkRmF2UGE3TFkiLCAiOHNtMVFDZjAyMXBObkhBQ0k1c1A0bTRLWmd5T
k9PQVljVGo5SE5hQzF3WSIsICJTRE43OU5McEFuSFBta3JkZVlkRWE4OVhaZHNrME04R
EtZU1FPVTJaeFFjIiwgIlh6RnJ6d3NjTTZHbjZDSkRjNnZWSzhCa01uZkc4dk9TS2ZwU
ElaZEFmZEUiLCAiZ2JPc0k0RWRxMngyS3ctdzV3UEV6YWtvYjloVjFjUkQwQVROM29RT
DlKTSIsICJqTUNYVnotLTliOHgzN1ljb0RmWFFpbnp3MXdaY2NjZkZSQkNGR3FkRzJvI
iwgIm9LSTFHZDJmd041V3d2amxGa29oaWRHdmltLTMxT3VsUjNxMGhyRE8wNzgiXSwgI
mlzcyI6ICJodHRwczovL2V4YW1wbGUuY29tL2lzc3VlciIsICJpYXQiOiAxNjgzMDAwM
DAwLCAiZXhwIjogMTg4MzAwMDAwMCwgIl9zZF9hbGciOiAic2hhLTI1NiIsICJjbmYiO
iB7Imp3ayI6IHsia3R5IjogIkVDIiwgImNydiI6ICJQLTI1NiIsICJ4IjogIlRDQUVSM
TladnUzT0hGNGo0VzR2ZlNWb0hJUDFJTGlsRGxzN3ZDZUdlbWMiLCAieSI6ICJaeGppV
1diWk1RR0hWV0tWUTRoYlNJaXJzVmZ1ZWNDRTZ0NGpUOUYySFpRIn19fQ.Kxtki3s03m
PtQQ1huyZvoTggStQWfcNrcKSOZ2Kdn5XNmT-jLK0JGYMPH8_ZF4wiSGhx-KzPNXOwqz
euff9kjA
To this new format:
eyJhbGciOiAiRVMyNTYifQ.eyJfc2QiOiBbIjRIQm42YUlZM1d0dUdHV1R4LXFVajZjZ
Gs2V0JwWnlnbHRkRmF2UGE3TFkiLCAiOHNtMVFDZjAyMXBObkhBQ0k1c1A0bTRLWmd5T
k9PQVljVGo5SE5hQzF3WSIsICJTRE43OU5McEFuSFBta3JkZVlkRWE4OVhaZHNrME04R
EtZU1FPVTJaeFFjIiwgIlh6RnJ6d3NjTTZHbjZDSkRjNnZWSzhCa01uZkc4dk9TS2ZwU
ElaZEFmZEUiLCAiZ2JPc0k0RWRxMngyS3ctdzV3UEV6YWtvYjloVjFjUkQwQVROM29RT
DlKTSIsICJqTUNYVnotLTliOHgzN1ljb0RmWFFpbnp3MXdaY2NjZkZSQkNGR3FkRzJvI
iwgIm9LSTFHZDJmd041V3d2amxGa29oaWRHdmltLTMxT3VsUjNxMGhyRE8wNzgiXSwgI
mlzcyI6ICJodHRwczovL2V4YW1wbGUuY29tL2lzc3VlciIsICJpYXQiOiAxNjgzMDAwM
DAwLCAiZXhwIjogMTg4MzAwMDAwMCwgIl9zZF9hbGciOiAic2hhLTI1NiIsICJjbmYiO
iB7Imp3ayI6IHsia3R5IjogIkVDIiwgImNydiI6ICJQLTI1NiIsICJ4IjogIlRDQUVSM
TladnUzT0hGNGo0VzR2ZlNWb0hJUDFJTGlsRGxzN3ZDZUdlbWMiLCAieSI6ICJaeGppV
1diWk1RR0hWV0tWUTRoYlNJaXJzVmZ1ZWNDRTZ0NGpUOUYySFpRIn19fQ.Kxtki3s03m
PtQQ1huyZvoTggStQWfcNrcKSOZ2Kdn5XNmT-jLK0JGYMPH8_ZF4wiSGhx-KzPNXOwqz
euff9kjA~
(Note the additional ~ at the end.)
The suggested clarification in the terminology will help to make the
spec more concise and clear.
-Daniel
Am 14.06.23 um 09:27 schrieb Hannes Tschofenig:
Hi Brian,
please note that this is a working group item and you cannot make
decisions in a small group with off-line discussions.
Hence, I suggest to propose the changes to the list and get support
for it. As you know, we need to follow this approach to give everyone
in the group a chance to get their voice heard.
Ciao
Hannes
Am 13.06.2023 um 20:58 schrieb Brian Campbell:
Following some offline discussions and feedback there's a plan to
make some small simplifying changes to the SD-JWT draft to
consolidate the format and associated terminology. Basically the
terms "Combined Format for Issuance" and "Combined Format for
Presentation'' will go away and the whole structure, issued or
presented, can simply be called an SD-JWT. To align the two formats,
the last Disclosure will always be followed by a `~` (tilde)
character (currently the Combined Format for Issuance does not have
the trailing tilde). When holder/key binding is required for
presentation of a SD-JWT, a holder/key binding JWT will be appended
to the end of the whole thing after the trailing tilde. That's all
there is to it, which isn't much, but I think the result will be
shortening and simplifying the spec text. And also make the
terminology easier and more natural when talking about uses or
applications of SD-JWT.
/CONFIDENTIALITY NOTICE: This email may contain confidential and
privileged material for the sole use of the intended recipient(s).
Any review, use, distribution or disclosure by others is strictly
prohibited. If you have received this communication in error, please
notify the sender immediately by e-mail and delete the message and
any file attachments from your computer. Thank you./
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth