[OAUTH-WG] Re: WGLC for SD-JWT
Dick Hardt <dick.hardt@gmail.com> Wed, 04 September 2024 12:25 UTC
Return-Path: <dick.hardt@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C6D8C14F748 for <oauth@ietfa.amsl.com>; Wed, 4 Sep 2024 05:25:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cx9VZ8nu84Wm for <oauth@ietfa.amsl.com>; Wed, 4 Sep 2024 05:25:34 -0700 (PDT)
Received: from mail-yb1-xb2f.google.com (mail-yb1-xb2f.google.com [IPv6:2607:f8b0:4864:20::b2f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B5D3C14F713 for <oauth@ietf.org>; Wed, 4 Sep 2024 05:25:34 -0700 (PDT)
Received: by mail-yb1-xb2f.google.com with SMTP id 3f1490d57ef6-e02b79c6f21so6956739276.2 for <oauth@ietf.org>; Wed, 04 Sep 2024 05:25:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1725452733; x=1726057533; darn=ietf.org; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=8Hqj1mKoODJwhR/OBe3BARtphWsE7J0t8Ge+2Pf06UY=; b=a9sH83gf0Oyplh5pXEhkjbmU0x+I709gRI8BW6uyHDJ24tzVQ5oSTwM/EzYztwst0m eK6Hx9Sc9RBmG5eXL37r+655apFIlqKhfE0ZvwN1Sp4BldKRgDDh5VmBj+4zyl8hZkeB 9JEdGBlk/Ja0DLyLds8XxaVbgeMkOaCp/186LTV1u4vJ/oZYJyX914Wwk/v6eybNvIjc pPAfKFyb/MgRZfhDzLMuI5NIs4H3GSksC2PPUBgb9cXDt7dQPd6bN/N1qOgGlg3L6rVh 85Gz6+1s/p5pEy8emNTXks3DwTGlgEOglNP0qlP3sd7+AQGHunM/4e7AAbOSV7cSSG1W KY6A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725452733; x=1726057533; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=8Hqj1mKoODJwhR/OBe3BARtphWsE7J0t8Ge+2Pf06UY=; b=FAhPygVOnTLFJVWCNTut53DgZjvVBGgQjbyec6OQiXEz9ZFxYHGgvk//QDQfx9A/lq vL6x7tYrOSoZj85GNoLDCCofOUHcm9QIesCTsPypEiVz+F1c9w4NdViV9UoARgu47Zvz icVA8whsce7VZLWiX3FoEYRMJviveHGs/e28VP6YVgjCnMzxYQWgdioa16o6A7R5+NyT 8+ZD/lNfA86vWIS7lq8np4xpPXVL+KG7+wx+OSmYlwZg3LIiD0kk4hBLVo8aeG3IywfA ++TRMqcnFp74zRWhNLAYhiwXySvxfVkty9TEU8EypfpST1kUvVPfXz70HhyacR3DMme7 ssFA==
X-Forwarded-Encrypted: i=1; AJvYcCWd9cKI1Mn4jL1PfVMKm4kyUrxBMhancdTQ9WI2NOxeOFNyJb8M0tTQZt/sUyoL3CfBxRzXtg==@ietf.org
X-Gm-Message-State: AOJu0YyXJ1cX0nrjWAN8+Nc/w9O5Td77RO2hgzHoTRdlFcNRz+VkDM03 AawVFpjazvWJspG29BduNitSnTxAW/hMXSwFBU3ooPibXHfjJbTPJfAS9fc8U7pQAUYYoUWkQkh ReHAUdW1/tuBadfLx9AOiIxUwEtk=
X-Google-Smtp-Source: AGHT+IHLmPGu+eOIaQJcaEM6wOw0A3JR1BbbbaeHwfH2EQ1jcNhY14AJREJwLRDLDbu1oc+Iv1dUyUOvd5fmCQt1WsI=
X-Received: by 2002:a05:6902:2803:b0:e1c:f184:259a with SMTP id 3f1490d57ef6-e1cfa422738mr5622813276.42.1725452732906; Wed, 04 Sep 2024 05:25:32 -0700 (PDT)
MIME-Version: 1.0
References: <CADNypP_BESkJTXfuv=G9HnLcGwhpSYRggYDZxzaq6-6AaARh0w@mail.gmail.com> <CA+k3eCQOofXBSFz_Ob6y1ZCWjnx4agvFuMOFc6vNWP4c93XTJw@mail.gmail.com>
In-Reply-To: <CA+k3eCQOofXBSFz_Ob6y1ZCWjnx4agvFuMOFc6vNWP4c93XTJw@mail.gmail.com>
From: Dick Hardt <dick.hardt@gmail.com>
Date: Wed, 04 Sep 2024 13:24:55 +0100
Message-ID: <CAD9ie-s4mhFkdTZ1G_+M4SNnTe14moiR-az+UE7JL5_dfQxYKg@mail.gmail.com>
To: Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="00000000000038c92906214a45c0"
Message-ID-Hash: W3IXUBAXUMOQY4XITMYXRGJSZPHKZLG7
X-Message-ID-Hash: W3IXUBAXUMOQY4XITMYXRGJSZPHKZLG7
X-MailFrom: dick.hardt@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: oauth <oauth@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Reply-To: Dick.Hardt@gmail.com
Subject: [OAUTH-WG] Re: WGLC for SD-JWT
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/CdA3aXIhKwIT25s2rbVnsiVPCUo>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
A while ago in an in-person meeting I provided feedback that the introduction was difficult to parse. It still is. A few comments inserted to illustrate. I'll raise my hand to provide alternative text if the authors are interested. /Dick > 1. > <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#section-1> > Introduction > > <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#name-introduction>This > document specifies conventions for creating JSON Web Signature (JWS) [ > RFC7515 > <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#RFC7515> > ] structures with JSON [RFC8259 > <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#RFC8259> > ] objects as the payload while supporting selective disclosure of > individual elements of that JSON. Because JSON Web Token (JWT) [RFC7519 > <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#RFC7519> > ] is a very prevalent application of JWS with a JSON payload, the > selective disclosure of JWT claims receives primary treatment herein. > However, that does not preclude the mechanism's applicability to other > applications of JWS with JSON payloads. > The last two sentences add alot of noise to the first paragraph of what this document is all about > The JSON-based representation of claims in a signed JWT is secured against > modification using JWS digital signatures. A consumer of a signed JWT that > has checked the signature can safely assume that the contents of the token > have not been modified. However, anyone receiving an unencrypted JWT can > read all the claims. Likewise, anyone with the decryption key receiving > encrypted JWT can also read all the claims. > > One of the common use cases of a signed JWT is representing a user's > identity. As long as the signed JWT is one-time use, it typically only > contains those claims the user has consented to disclose to a specific > Verifier. However, there is an increasing number of use cases where a > signed JWT is created once and then used a number of times by the user (the > "Holder" of the JWT). In such use cases, the signed JWT needs to contain > the superset of all claims the user of the signed JWT might want to > disclose to Verifiers at some point. The ability to selectively disclose a > subset of these claims depending on the Verifier becomes crucial to ensure > minimum disclosure and prevent Verifiers from obtaining claims irrelevant > for the transaction at hand. SD-JWTs defined in this document enable such > selective disclosure of JWT claims. > > One example of a multi-use JWT is an Issuer-signed credential that > contains the claims about a subject, and whose authenticity can be > cryptographically verified. > Similar to the JWT specification on which it builds, this document is a > product of the Web Authorization Protocol (OAuth) working group. However, > while both JWT and SD-JWT have potential OAuth 2.0 applications, their > utility and application is certainly not constrained to OAuth 2.0. JWT was > developed as a general-purpose token format and has seen widespread usage > in a variety of applications. SD-JWT is a selective disclosure mechanism > for JWT and is similarly intended to be general-purpose specification. > While JWTs with claims describing natural persons are a common use case, > the mechanisms defined in this document are also applicable to other use > cases. > The above paragraphs are background on what problem is being solved -- but the writing is difficult to follow > In an SD-JWT, claims can be hidden, but cryptographically protected > against undetected modification. "Claims" here refers to both object > properties (name/value pairs) as well as array elements. When issuing the > SD-JWT to the Holder, the Issuer includes the cleartext counterparts of all > hidden claims, the so-called Disclosures, outside the signed part of the > SD-JWT. > > The Holder decides which claims to disclose to a particular Verifier and > includes the respective Disclosures in the SD-JWT to that Verifier. The > Verifier has to verify that all disclosed claim values were part of the > original Issuer-signed JWT. The Verifier will not, however, learn any claim > values not disclosed in the Disclosures. > The Holder and Verifier terms are being introduced here with no context. The key difference in an SD-JWT and a JWT that the claims are encrypted in what is signed is not clearly obvious. > This document also defines a format for SD-JWTs with Key Binding > (SD-JWT+KB). By optionally sending an SD-JWT+KB to a Verifier, the Holder > can prove to the Verifier that they hold the private key associated to the > SD-JWT (i.e., using the cnf claim [RFC7800 > <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#RFC7800> > ]). The strength of the binding is conditional upon the trust in the > protection of the private key of the key pair an SD-JWT is bound to. > This does not read as an introduction. Assumes significant knowledge of why this is useful. > SD-JWT can be used with any JSON-based representation of claims. > repetitive from start of intro > This specification aims to be easy to implement and to leverage > established and widely used data formats and cryptographic algorithms > wherever possible. <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#section-1-1> <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#section-1-2> <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#section-1-3> <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#section-1-4> <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#section-1-5> <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#section-1-6> <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#section-1-7> <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#section-1-8> <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#section-1-9> <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#section-1-10> <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html#section-1-11> Fluff -- are there specifications that aim to be difficult to implement? On Tue, Sep 3, 2024 at 4:06 PM Brian Campbell <bcampbell= 40pingidentity.com@dmarc.ietf.org> wrote: > Thanks Rifaat & Hannes, > > In an effort to make the most up-to-date content available for the WGLC > period, a -12 revision was just recently published, which contains a number > of editorial improvements. > > > https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-12.html > > Respectfully, > Brian, Kristina, and Dr. Fett > > > > On Tue, Sep 3, 2024 at 4:40 AM Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> > wrote: > >> All, >> >> As per the discussion in Vancouver, this is a WG Last Call for the *SD-JWT >> *document. >> >> https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-11.html >> >> Please, review this document and reply on the mailing list if you have >> any comments or concerns, by *Sep 17th*. >> >> Regards, >> Rifaat & Hannes >> _______________________________________________ >> OAuth mailing list -- oauth@ietf.org >> To unsubscribe send an email to oauth-leave@ietf.org >> > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sender > immediately by e-mail and delete the message and any file attachments from > your computer. Thank you.*_______________________________________________ > OAuth mailing list -- oauth@ietf.org > To unsubscribe send an email to oauth-leave@ietf.org >
- [OAUTH-WG] WGLC for SD-JWT Rifaat Shekh-Yusef
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Dick Hardt
- [OAUTH-WG] Re: WGLC for SD-JWT Neil Madden
- [OAUTH-WG] Re: WGLC for SD-JWT Watson Ladd
- [OAUTH-WG] Re: WGLC for SD-JWT Judith Kahrer
- [OAUTH-WG] Re: WGLC for SD-JWT Judith Kahrer
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Watson Ladd
- [OAUTH-WG] Re: WGLC for SD-JWT Dick Hardt
- [OAUTH-WG] Re: WGLC for SD-JWT Denis
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Brian Campbell
- [OAUTH-WG] Re: WGLC for SD-JWT Denis
- [OAUTH-WG] Re: WGLC for SD-JWT Michael Jones