IETF Logo Mail Archive

Re: [OAUTH-WG] Call for adoption - SD-JWT

Giuseppe De Marco <demarcog83@gmail.com> Fri, 29 July 2022 22:00 UTC

Return-Path: <demarcog83@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 347F0C15C503 for <oauth@ietfa.amsl.com>; Fri, 29 Jul 2022 15:00:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.857
X-Spam-Level:
X-Spam-Status: No, score=-1.857 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o6tgK2phlFCG for <oauth@ietfa.amsl.com>; Fri, 29 Jul 2022 15:00:10 -0700 (PDT)
Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB362C15C501 for <oauth@ietf.org>; Fri, 29 Jul 2022 15:00:10 -0700 (PDT)
Received: by mail-ej1-x632.google.com with SMTP id ez10so10637000ejc.13 for <oauth@ietf.org>; Fri, 29 Jul 2022 15:00:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=NEvdB/Ggv2NgDMmkWSI/IHzHtDmytVy3hJ2lSnI63kA=; b=NfGiW2VB3ViDnG5bxnRJIT8GN6ZVJo+/GVkbpsYacFXpUOLuIHVidaf3Bl36I+h8hn 3MUY3xHpecVKnb4Yfc1NMgANqHVRRfFbLtSEExKnKgda1VdiTeXmqy/lFi6wJTxxde5O zrvcf1xzQN+e8GyYc3DevoNKsRYsBvA6aEqxzvcbFUu6LwPT9ybaazjQeJvq9++A26Um UEl+eB2ohXj07VgfqmGBDhBY7SaI2CECWkr9JY8Vn0OPWjjbduoSjp9zPe9yG25sd7hg XWkLQc87GiUAj7zCofDGoknECklSS1WQrj14I/oAMPNjoNEf3Fnm6TprXXkIGrJP0D5t eWTQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=NEvdB/Ggv2NgDMmkWSI/IHzHtDmytVy3hJ2lSnI63kA=; b=y8Aps5+j8R25t3r0mC43UOF8Z3WhlNRxh4vvs8dXl1GGjOIeFDoGNWIOR9+uUmlel3 /7AEt97wz0i5XVHk2yxJxT9D9RzSJwit6CTDpkqnr0vMvH1yAiWE9+/e4u4GlsvcIlIq 2J8ZAwZYHQMYwZ+I6wKGKCxD1p/V8Hzl+yQucZQyHXBr9fI+ypQJPnEjIk3/TEP5YhTS 8JMHOdssP89dJu77nSsDIfXFveDzSmI7xRNhiYZzZNYyZdg2xZ2mVXoojZ8TTRpN3G/3 zNO4iGqXaWgSZIWsSZ1mx5tUQ4PKtqq/pWkwoXEgVUTt/RsDBe9T+/A9IxmprD4GJP+n bzJw==
X-Gm-Message-State: AJIora/VglqB0BpSc0LfC/VUuQQtw35+hxSAYTNiMqb01Ctq9xk2b2Fj 4BTCIQq6BazzqXT/ntEihIbK6BUnQU7jBBcfJuQ=
X-Google-Smtp-Source: AGRyM1uX6e/CR7t+OKsmaW6pmZUzZ/Z3VEKJntV35trwcAEEXqnCIHDzygknzBaVugFYf0pF9H41PF6fV0Q4fevlG0o=
X-Received: by 2002:a17:907:9495:b0:72f:a158:7598 with SMTP id dm21-20020a170907949500b0072fa1587598mr4179987ejc.410.1659132009235; Fri, 29 Jul 2022 15:00:09 -0700 (PDT)
MIME-Version: 1.0
References: <CADNypP9xSXWKV=0nj803fW9xdqgguLWLOpMMQd0Uw3P16LQpfQ@mail.gmail.com>
In-Reply-To: <CADNypP9xSXWKV=0nj803fW9xdqgguLWLOpMMQd0Uw3P16LQpfQ@mail.gmail.com>
From: Giuseppe De Marco <demarcog83@gmail.com>
Date: Fri, 29 Jul 2022 23:59:57 +0200
Message-ID: <CAP_qYy=G+di3KNDmtsbh0LLXHW9a+RNV3qdZTvNxDf=GYJJ8ig@mail.gmail.com>
To: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>
Cc: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000bc73705e4f8c68f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/JTL5eL_7xW9xHL_nzfiV5osn6zc>
Subject: Re: [OAUTH-WG] Call for adoption - SD-JWT
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jul 2022 22:00:15 -0000

With its salted/hashed approach SD-JWT rapresents the solution that allows
the selective disclosure of the claim values in a JWT, it's a concrete
alternative to ISO 18013-5 (mDoc) and also proposes a very interesting
integration with JWT-VC (vc-data-model 1.1).

Considering that in eIDAS 2 we can't enable yet the algorithms of advanced
cryptography unless they became standards, a discussion paper in the eIDAS
expert group has been presented to explore the capabilities of SD-JWT in a
concrete use case.

I think that SD-JWT is much more than an alternative to mDoc, it gives us
more features and flexibility than the latter, it's a concrete general
purpose format with many ongoing evolutions and potential integrations and
that's why I want to say:

+1 for SD-JWT

Il giorno ven 29 lug 2022 alle ore 02:17 Rifaat Shekh-Yusef <
rifaat.s.ietf@gmail.com> ha scritto:

> All,
>
> This is a call for adoption for the *SD-JWT* document
> https://datatracker.ietf.org/doc/draft-fett-oauth-selective-disclosure-jwt/
>
> Please, provide your feedback on the mailing list by *August 12th*.
>
> Regards,
>  Rifaat & Hannes
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>

v2.23.0 | Report a Bug | By Email