[OAUTH-WG] Re: WGLC for SD-JWT
Watson Ladd <watsonbladd@gmail.com> Fri, 13 September 2024 21:18 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2259DC14F6BC for <oauth@ietfa.amsl.com>; Fri, 13 Sep 2024 14:18:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id meDHiTVFmwyh for <oauth@ietfa.amsl.com>; Fri, 13 Sep 2024 14:18:14 -0700 (PDT)
Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B2A1C14F6B0 for <oauth@ietf.org>; Fri, 13 Sep 2024 14:18:14 -0700 (PDT)
Received: by mail-wm1-x329.google.com with SMTP id 5b1f17b1804b1-42cb806623eso23884085e9.2 for <oauth@ietf.org>; Fri, 13 Sep 2024 14:18:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1726262292; x=1726867092; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=1mTP22PPQ+yRHQon/afjtXF/DSUlHKryv8SVhvDMAQ8=; b=A4nYTHSygAbWs/Bi9OuO5B2CNv4OanSHwY646lF9AnRfaOkAmuA2TeAs5CIKba0zWP 315swDs2wN5RPioDDanlriJEG3r5XRvVT5EpqoA1wx8xVXOxP2rYrKCYBcoyTnacRidc h0hi1CKJIY1onmhdrCZUBdsVvCexFEQgcG3R2urNhYw3ZEcd+/LoiQ+ojwQvozmsOqh1 ehJJSZ0JU2Om//2Wi6ZNZqjZKrDBNUHDMvTHcmc7gQB2eVLd2ojwSUNHAWj2Q5kfC4U0 VUg/O/nDEJLnilr268/hfc3GvlT5TMnR0VJhwJb/aR+556i/Lu3W+lrEpvnmD/PzbTRz yXyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726262292; x=1726867092; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1mTP22PPQ+yRHQon/afjtXF/DSUlHKryv8SVhvDMAQ8=; b=QnhmxoQEzNoHhOsS/VEzm+ecJ9aWg1k0/oRfp2nSJOGPcloY5Hro8U1UGDSthCsI1l fLgVcFzWg9nvw63g09FllQzqnsCVTFHk8emwEkXkYymN4R5OYEXxu7Orbo45S4wJH1XI CO30zwx8jUSa0TiLY61G96osGzQLu6alIGb6S1MxMFU65SraTVdAZAA6/IzPTiHtOj3K ImST4yMkjk7qj6oh781mmGnjdLaDjXS+MYrfJpV4Suw/Kj6vB9ve4xGzZn4Zc//diNQE riBypwrkaGW7c+L1m29+26QGaS72m/rmCk5BqEqXHBVkXTZHkNn54cYXmM5/Seug6ZNw cEFA==
X-Forwarded-Encrypted: i=1; AJvYcCUkV4kG/XPc43cptPgr1VVsDcjgxq6am0u/mA0FvZAj17e2URfIFXAVGPHF1M/auStQn23I3Q==@ietf.org
X-Gm-Message-State: AOJu0Yx7DEnh7WchcOMvOM8Nee7vTBm/N1gt29TlEvJBA99Dl/huF8uL HWgEKXn0W3Dy+Bjc3N0qJ8zYbVL240tUS3BOaKKeTTqFdmss/tm4Qad/NO/8fkg2+wg5qlEsUWY VcrVqLf3XopHOhucq6tsbQrex4Mw=
X-Google-Smtp-Source: AGHT+IHxVAVWOTaYSe0QOH1eZPPrxzyMzkHojgcrZspDSNMHoR/1C+Rxh49w0gcjNTG6cv5DaG+tkqLGWbwq6pa1tZ0=
X-Received: by 2002:adf:a3c6:0:b0:371:88b9:256d with SMTP id ffacd0b85a97d-378c2cfec17mr5523343f8f.6.1726262291795; Fri, 13 Sep 2024 14:18:11 -0700 (PDT)
MIME-Version: 1.0
References: <CADNypP_BESkJTXfuv=G9HnLcGwhpSYRggYDZxzaq6-6AaARh0w@mail.gmail.com> <CACsn0cnwUVp3NwkmqYVjrCNbSvKhTwx04YvAoYb9ujUTQWAS4Q@mail.gmail.com> <CA+k3eCTeZU3gXVX+nK-g+ke-3hVLF3bgXvSye2d5tN+=gD7NrQ@mail.gmail.com>
In-Reply-To: <CA+k3eCTeZU3gXVX+nK-g+ke-3hVLF3bgXvSye2d5tN+=gD7NrQ@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Fri, 13 Sep 2024 14:18:00 -0700
Message-ID: <CACsn0cmO0FFizdFqMNMLZYwkheCHHkAQ9SwAaJ+mS8k1xzEJgA@mail.gmail.com>
To: Brian Campbell <bcampbell@pingidentity.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: RG3KFL3E74WS4HIP4LUW2RHVOBFK724H
X-Message-ID-Hash: RG3KFL3E74WS4HIP4LUW2RHVOBFK724H
X-MailFrom: watsonbladd@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: oauth <oauth@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [OAUTH-WG] Re: WGLC for SD-JWT
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/C9G0A-HPFQGvC00t80xhFbc4Cjg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
On Fri, Sep 13, 2024 at 10:17 AM Brian Campbell <bcampbell@pingidentity.com> wrote: > > Watson, > > Thank you for your comments during the Vancouver meeting and subsequently on the mailing list. Your input helped initiate some valuable discussions, and I’ve incorporated additional text into the Unlinkability subsection under the Privacy Considerations to reflect the general consensus that emerged. There's certainly been a lot of discussion, but I think a general consensus is rather more nebulous. > > I appreciate your role in sparking this conversation, which has undoubtedly improved the document. I’d also like to respectfully remind everyone that the content of these documents is meant to represent the rough consensus of the working group, rather than any single individual’s perspective. I agree: i'd like to see more people weigh in specifically on how 11.3 can be useful to them in mitigating the risks, in part to ensure that what is produced is really representative. However, I do expect IESG will take a careful look at this and the overall systemwide challenges. > > Respectfully, > Brian > > > On Wed, Sep 4, 2024 at 3:20 PM Watson Ladd <watsonbladd@gmail.com> wrote: >> >> The privacy considerations section does not have enough RFC 2119 >> language in the Unlinkability section. There is no workable guidance >> on how to mitigate these risks. Presentation to users is not a >> workable solution: please learn from how browsers have suffered a lot >> at this. It's also very prolix. This is in contrast to 11.1 and 11.2. >> >> Sincerely, >> Watson >> >> On Tue, Sep 3, 2024 at 3:40 AM Rifaat Shekh-Yusef >> <rifaat.s.ietf@gmail.com> wrote: >> > >> > All, >> > >> > As per the discussion in Vancouver, this is a WG Last Call for the SD-JWT document. >> > https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-11.html >> > >> > Please, review this document and reply on the mailing list if you have any comments or concerns, by Sep 17th. >> > >> > Regards, >> > Rifaat & Hannes >> > _______________________________________________ >> > OAuth mailing list -- oauth@ietf.org >> > To unsubscribe send an email to oauth-leave@ietf.org >> >> >> >> -- >> Astra mortemque praestare gradatim >> >> _______________________________________________ >> OAuth mailing list -- oauth@ietf.org >> To unsubscribe send an email to oauth-leave@ietf.org > > > CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. -- Astra mortemque praestare gradatim
- [OAUTH-WG] Re: WGLC for SD-JWT Jeffrey Victorino
- [OAUTH-WG] WGLC for SD-JWT Rifaat Shekh-Yusef
- [OAUTH-WG] Re: WGLC for SD-JWT Jeffrey Victorino
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Neil Madden
- [OAUTH-WG] Re: WGLC for SD-JWT Judith Kahrer
- [OAUTH-WG] Re: WGLC for SD-JWT Judith Kahrer
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Dick Hardt
- [OAUTH-WG] Re: WGLC for SD-JWT Denis
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Denis
- [OAUTH-WG] Re: WGLC for SD-JWT Michael Jones
- [OAUTH-WG] Re: WGLC for SD-JWT Dick Hardt
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Watson Ladd
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Watson Ladd