On Fri, Sep 13, 2024 at 10:17 AM Brian Campbell <bcampb...@pingidentity.com> wrote: > > Watson, > > Thank you for your comments during the Vancouver meeting and subsequently on > the mailing list. Your input helped initiate some valuable discussions, and > I’ve incorporated additional text into the Unlinkability subsection under the > Privacy Considerations to reflect the general consensus that emerged.
There's certainly been a lot of discussion, but I think a general consensus is rather more nebulous. > > I appreciate your role in sparking this conversation, which has undoubtedly > improved the document. I’d also like to respectfully remind everyone that the > content of these documents is meant to represent the rough consensus of the > working group, rather than any single individual’s perspective. I agree: i'd like to see more people weigh in specifically on how 11.3 can be useful to them in mitigating the risks, in part to ensure that what is produced is really representative. However, I do expect IESG will take a careful look at this and the overall systemwide challenges. > > Respectfully, > Brian > > > On Wed, Sep 4, 2024 at 3:20 PM Watson Ladd <watsonbl...@gmail.com> wrote: >> >> The privacy considerations section does not have enough RFC 2119 >> language in the Unlinkability section. There is no workable guidance >> on how to mitigate these risks. Presentation to users is not a >> workable solution: please learn from how browsers have suffered a lot >> at this. It's also very prolix. This is in contrast to 11.1 and 11.2. >> >> Sincerely, >> Watson >> >> On Tue, Sep 3, 2024 at 3:40 AM Rifaat Shekh-Yusef >> <rifaat.s.i...@gmail.com> wrote: >> > >> > All, >> > >> > As per the discussion in Vancouver, this is a WG Last Call for the SD-JWT >> > document. >> > https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-11.html >> > >> > Please, review this document and reply on the mailing list if you have any >> > comments or concerns, by Sep 17th. >> > >> > Regards, >> > Rifaat & Hannes >> > _______________________________________________ >> > OAuth mailing list -- oauth@ietf.org >> > To unsubscribe send an email to oauth-le...@ietf.org >> >> >> >> -- >> Astra mortemque praestare gradatim >> >> _______________________________________________ >> OAuth mailing list -- oauth@ietf.org >> To unsubscribe send an email to oauth-le...@ietf.org > > > CONFIDENTIALITY NOTICE: This email may contain confidential and privileged > material for the sole use of the intended recipient(s). Any review, use, > distribution or disclosure by others is strictly prohibited. If you have > received this communication in error, please notify the sender immediately by > e-mail and delete the message and any file attachments from your computer. > Thank you. -- Astra mortemque praestare gradatim _______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org
