Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC" Draft Specification
Giuseppe De Marco <demarcog83@gmail.com> Fri, 26 May 2023 23:11 UTC
Return-Path: <demarcog83@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36925C14CF05 for <oauth@ietfa.amsl.com>; Fri, 26 May 2023 16:11:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.844
X-Spam-Level:
X-Spam-Status: No, score=-1.844 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ObaqZBIA7tha for <oauth@ietfa.amsl.com>; Fri, 26 May 2023 16:11:40 -0700 (PDT)
Received: from mail-ed1-x531.google.com (mail-ed1-x531.google.com [IPv6:2a00:1450:4864:20::531]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86C85C14F75F for <oauth@ietf.org>; Fri, 26 May 2023 16:11:40 -0700 (PDT)
Received: by mail-ed1-x531.google.com with SMTP id 4fb4d7f45d1cf-5148ebc4b89so401000a12.3 for <oauth@ietf.org>; Fri, 26 May 2023 16:11:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1685142699; x=1687734699; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=/qfq/RR6bsbwIe62Wib9lFqreG/U8z48mLOLv690US8=; b=hpbSpA7zVoTbOALelJtuX0pCeOgcMqQX36lordUJ3DPj/eYcwW+1MV0zxl9Ho4iNNy 2Z62xuV3JORjZa2pBRLICTrM/+XX8Dl5ApSdtyAwtdcbnHaPSvnnPEWW2Z5PMrbRtYgU IKzRUU9OL0fCFa20N7jTxaTQOucPgSKtsgPm0RH0AXfNUnX3+HiVehXCcnK+ou4jY/qW o7pNRF6iz1WX/MahUajzd0dD4QHQOL04eq4s8ztDKw7+oySCErq8U9gVaOW6o2SIs+d8 P3vKgxr3Z6bNfKT16+GEf13Jy3r1VQsXdEFKccBtUi+aCjvNNSntE1unRJ/ty6SOPq0D Nw6g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685142699; x=1687734699; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=/qfq/RR6bsbwIe62Wib9lFqreG/U8z48mLOLv690US8=; b=b9m+v3EUzuvecX7ihmzzWWaRc18NSrtTT1nKUtn6yrSVBQapjpY4Z3SRLC01KQZilU aqhvhXpcTPbAOi0jRA07dW9HWMcdl4jngQ5vPM23b3SBT2D1je/T5KqX3bF5hsT3Gi0r r+sHhgVN6t2r3yZHz43baETg1F+jycpy0osTAXr+FXicFbC4RXL8YD/iRSfoGgV8R5eK jzP7hItRSeYi5S3/kSpeycoVn6NPTq5TDYvPPMYUqhK+oXVXc3toVc6CMbXzBrcBd4Sz rL7DZKj1mSoPcPrOyi87sttJDI/vWws/eoV6/n5LUDoPoTQLIj523OwmuE17s+toIoc+ v9ew==
X-Gm-Message-State: AC+VfDxIzfc1AEpeNcNXENDiKcptPl93ROxqcI1bTHeKWAXO6VOqi64t wmjdodv6OalPcUlLuP+uvWmZR1+1PpyR+xWZz6smZRSj
X-Google-Smtp-Source: ACHHUZ57wIpDpBTgWyV1cS2JtbEkucahrklwQeiVLowquB2wh5aj0nTy8fiBnnhkn96ZacjXqmJ44UeyhWzVX0e9iUQ=
X-Received: by 2002:aa7:c599:0:b0:50b:bfee:ea26 with SMTP id g25-20020aa7c599000000b0050bbfeeea26mr2288963edq.35.1685142698721; Fri, 26 May 2023 16:11:38 -0700 (PDT)
MIME-Version: 1.0
References: <CAP7TzjARvkOOe5BupS7OzFU0pX-cHr2ffA+-8iiDG11Wg_UbXA@mail.gmail.com>
In-Reply-To: <CAP7TzjARvkOOe5BupS7OzFU0pX-cHr2ffA+-8iiDG11Wg_UbXA@mail.gmail.com>
From: Giuseppe De Marco <demarcog83@gmail.com>
Date: Sat, 27 May 2023 01:11:27 +0200
Message-ID: <CAP_qYy=5nh+tzk_g067bewFO1QYEj_q=8gBNff_uZ_tA+_pU1g@mail.gmail.com>
To: Oliver Terbu <oliver.terbu@spruceid.com>
Cc: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f4060e05fca0db92"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/5D4XKtOG7ah8FgdTbMveIL6y3Fc>
Subject: Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC" Draft Specification
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 May 2023 23:11:41 -0000
Hi, I support sd-jwt-vc with the will to contribute to its evolution and use it in the wallet solutions under development Il ven 26 mag 2023, 16:57 Oliver Terbu <oliver.terbu@spruceid.com> ha scritto: > Dear all, > > I hope this email finds you well. I am writing to introduce "SD-JWT-based > Verifiable Credentials with JSON payloads” (SD-JWT VC): > > https://datatracker.ietf.org/doc/draft-terbu-sd-jwt-vc/ > > This proposal builds upon the existing SD-JWT specification by the OAuth > WG and aims to address certain gaps and provide specific guidance for > utilizing SD-JWT in the context of Verifiable Credentials. For example, > while SD-JWT defines how to implement selective disclosure in JWTs (an > important building block in many Verifiable Credential use cases), it is > not opinionated about the specific JWT Claim Sets in the payload to > represent Verifiable Credentials and used with HB-JWT. > > As you may be aware, the SD-JWT specification has already been adopted by > the OAuth WG and has gained significant traction within the industry. > However, the SD-JWT specification does not provide explicit guidance on > using SD-JWT for Verifiable Credentials. > > The eIDAS 2.0 Architecture Reference Framework (ARF) has expressed a keen > interest in utilizing SD-JWT for Verifiable Credentials, and SD-JWT VC > became one of the two core credential formats of the European Digital > Wallet (EUDIW): > > > https://github.com/eu-digital-identity-wallet/architecture-and-reference-framework > > Verifiable Credentials play a crucial role in enhancing digital trust and > enabling secure identity interactions in various domains. To ensure the > seamless integration of SD-JWT into the eIDAS ARF and similar initiatives, > it is essential to address the existing gaps in the SD-JWT specification > specifically relevant to Verifiable Credentials. > > As a general-purpose format, SD-JWT itself is not the right place to > define these kinds of guidelines. The SD-JWT VC draft proposes to fill > these gaps by defining additional requirements, clarifying ambiguities, and > providing concrete guidelines for utilizing SD-JWT in the context of > Verifiable Credentials. Since SD-JWT VC and SD-JWT are closely related, we > propose to develop this specification in the OAuth working group. > > Your support and endorsement of this proposal would significantly > contribute to the advancement of Verifiable Credentials. > > If you have any questions or require additional information regarding the > "SD-JWT VC" specification or its potential impact, please do not hesitate > to reach out. > I’m looking forward to your feedback! > > Oliver Terbu > > -- > Director of Identity Standards, Spruce Systems, Inc. > oliver.terbu@spruceid.com > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
- [OAUTH-WG] Request for Feedback on "SD-JWT VC" Dr… Oliver Terbu
- Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC… Giuseppe De Marco
- Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC… Leif Johansson
- Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC… Denis
- Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC… torsten
- Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC… Vladimir Dzhuvinov
- Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC… Kristina Yasuda
- Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC… Michael Jones
- Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC… Rifaat Shekh-Yusef
- Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC… Denis
- Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC… Oliver Terbu
- Re: [OAUTH-WG] Request for Feedback on "SD-JWT VC… Denis