IETF Logo Mail Archive

Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC" Draft Specification

Giuseppe De Marco <demarcog83@gmail.com> Fri, 26 May 2023 23:11 UTC

Return-Path: <demarcog83@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36925C14CF05 for <oauth@ietfa.amsl.com>; Fri, 26 May 2023 16:11:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.844
X-Spam-Level:
X-Spam-Status: No, score=-1.844 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ObaqZBIA7tha for <oauth@ietfa.amsl.com>; Fri, 26 May 2023 16:11:40 -0700 (PDT)
Received: from mail-ed1-x531.google.com (mail-ed1-x531.google.com [IPv6:2a00:1450:4864:20::531]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86C85C14F75F for <oauth@ietf.org>; Fri, 26 May 2023 16:11:40 -0700 (PDT)
Received: by mail-ed1-x531.google.com with SMTP id 4fb4d7f45d1cf-5148ebc4b89so401000a12.3 for <oauth@ietf.org>; Fri, 26 May 2023 16:11:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1685142699; x=1687734699; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=/qfq/RR6bsbwIe62Wib9lFqreG/U8z48mLOLv690US8=; b=hpbSpA7zVoTbOALelJtuX0pCeOgcMqQX36lordUJ3DPj/eYcwW+1MV0zxl9Ho4iNNy 2Z62xuV3JORjZa2pBRLICTrM/+XX8Dl5ApSdtyAwtdcbnHaPSvnnPEWW2Z5PMrbRtYgU IKzRUU9OL0fCFa20N7jTxaTQOucPgSKtsgPm0RH0AXfNUnX3+HiVehXCcnK+ou4jY/qW o7pNRF6iz1WX/MahUajzd0dD4QHQOL04eq4s8ztDKw7+oySCErq8U9gVaOW6o2SIs+d8 P3vKgxr3Z6bNfKT16+GEf13Jy3r1VQsXdEFKccBtUi+aCjvNNSntE1unRJ/ty6SOPq0D Nw6g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685142699; x=1687734699; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=/qfq/RR6bsbwIe62Wib9lFqreG/U8z48mLOLv690US8=; b=b9m+v3EUzuvecX7ihmzzWWaRc18NSrtTT1nKUtn6yrSVBQapjpY4Z3SRLC01KQZilU aqhvhXpcTPbAOi0jRA07dW9HWMcdl4jngQ5vPM23b3SBT2D1je/T5KqX3bF5hsT3Gi0r r+sHhgVN6t2r3yZHz43baETg1F+jycpy0osTAXr+FXicFbC4RXL8YD/iRSfoGgV8R5eK jzP7hItRSeYi5S3/kSpeycoVn6NPTq5TDYvPPMYUqhK+oXVXc3toVc6CMbXzBrcBd4Sz rL7DZKj1mSoPcPrOyi87sttJDI/vWws/eoV6/n5LUDoPoTQLIj523OwmuE17s+toIoc+ v9ew==
X-Gm-Message-State: AC+VfDxIzfc1AEpeNcNXENDiKcptPl93ROxqcI1bTHeKWAXO6VOqi64t wmjdodv6OalPcUlLuP+uvWmZR1+1PpyR+xWZz6smZRSj
X-Google-Smtp-Source: ACHHUZ57wIpDpBTgWyV1cS2JtbEkucahrklwQeiVLowquB2wh5aj0nTy8fiBnnhkn96ZacjXqmJ44UeyhWzVX0e9iUQ=
X-Received: by 2002:aa7:c599:0:b0:50b:bfee:ea26 with SMTP id g25-20020aa7c599000000b0050bbfeeea26mr2288963edq.35.1685142698721; Fri, 26 May 2023 16:11:38 -0700 (PDT)
MIME-Version: 1.0
References: <CAP7TzjARvkOOe5BupS7OzFU0pX-cHr2ffA+-8iiDG11Wg_UbXA@mail.gmail.com>
In-Reply-To: <CAP7TzjARvkOOe5BupS7OzFU0pX-cHr2ffA+-8iiDG11Wg_UbXA@mail.gmail.com>
From: Giuseppe De Marco <demarcog83@gmail.com>
Date: Sat, 27 May 2023 01:11:27 +0200
Message-ID: <CAP_qYy=5nh+tzk_g067bewFO1QYEj_q=8gBNff_uZ_tA+_pU1g@mail.gmail.com>
To: Oliver Terbu <oliver.terbu@spruceid.com>
Cc: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f4060e05fca0db92"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/5D4XKtOG7ah8FgdTbMveIL6y3Fc>
Subject: Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC" Draft Specification
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 May 2023 23:11:41 -0000

Hi,

I support sd-jwt-vc with the will to contribute to its evolution and use it
in the wallet solutions under development

Il ven 26 mag 2023, 16:57 Oliver Terbu <oliver.terbu@spruceid.com> ha
scritto:

> Dear all,
>
> I hope this email finds you well. I am writing to introduce "SD-JWT-based
> Verifiable Credentials with JSON payloads” (SD-JWT VC):
>
> https://datatracker.ietf.org/doc/draft-terbu-sd-jwt-vc/
>
> This proposal builds upon the existing SD-JWT specification by the OAuth
> WG and aims to address certain gaps and provide specific guidance for
> utilizing SD-JWT in the context of Verifiable Credentials. For example,
> while SD-JWT defines how to implement selective disclosure in JWTs (an
> important building block in many Verifiable Credential use cases), it is
> not opinionated about the specific JWT Claim Sets in the payload to
> represent Verifiable Credentials and used with HB-JWT.
>
> As you may be aware, the SD-JWT specification has already been adopted by
> the OAuth WG and has gained significant traction within the industry.
> However, the SD-JWT specification does not provide explicit guidance on
> using SD-JWT for Verifiable Credentials.
>
> The eIDAS 2.0 Architecture Reference Framework (ARF) has expressed a keen
> interest in utilizing SD-JWT for Verifiable Credentials, and SD-JWT VC
> became one of the two core credential formats of the European Digital
> Wallet (EUDIW):
>
>
> https://github.com/eu-digital-identity-wallet/architecture-and-reference-framework
>
> Verifiable Credentials play a crucial role in enhancing digital trust and
> enabling secure identity interactions in various domains. To ensure the
> seamless integration of SD-JWT into the eIDAS ARF and similar initiatives,
> it is essential to address the existing gaps in the SD-JWT specification
> specifically relevant to Verifiable Credentials.
>
> As a general-purpose format, SD-JWT itself is not the right place to
> define these kinds of guidelines. The SD-JWT VC draft proposes to fill
> these gaps by defining additional requirements, clarifying ambiguities, and
> providing concrete guidelines for utilizing SD-JWT in the context of
> Verifiable Credentials. Since SD-JWT VC and SD-JWT are closely related, we
> propose to develop this specification in the OAuth working group.
>
> Your support and endorsement of this proposal would significantly
> contribute to the advancement of Verifiable Credentials.
>
> If you have any questions or require additional information regarding the
> "SD-JWT VC" specification or its potential impact, please do not hesitate
> to reach out.
> I’m looking forward to your feedback!
>
> Oliver Terbu
>
> --
> Director of Identity Standards, Spruce Systems, Inc.
> oliver.terbu@spruceid.com
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>

v2.23.0 | Report a Bug | By Email