Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credential Status Attestations (typo)
Orie Steele <orie@transmute.industries> Tue, 23 January 2024 13:48 UTC
Return-Path: <orie@transmute.industries>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34774C14F726 for <oauth@ietfa.amsl.com>; Tue, 23 Jan 2024 05:48:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=transmute.industries
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 20aeIg1QD5Tg for <oauth@ietfa.amsl.com>; Tue, 23 Jan 2024 05:48:34 -0800 (PST)
Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77BD3C14F6FB for <oauth@ietf.org>; Tue, 23 Jan 2024 05:48:21 -0800 (PST)
Received: by mail-pf1-x42c.google.com with SMTP id d2e1a72fcca58-6dc6f47302bso1188887b3a.1 for <oauth@ietf.org>; Tue, 23 Jan 2024 05:48:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transmute.industries; s=google; t=1706017700; x=1706622500; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=bzLxQCJ3U9DCpRJ5yXwMQBcjhl7BdXt2RvsA3j1C4HU=; b=I/ehs/k6neQGR92p30kCPHaXWUHoAvSMWRbnRe38+tgdBWeoHzBIawK/iJStsu47HC suBx35zw0BrMcEk+zPqLvJW7zk91LkPe82aO6iwLiN02wjauGpyZrnFrzTyzaMBb7bB9 l5sUrO18ABpmpMwaAFwSfbhVNUzGCnPda/Bj/Y8fa/E+7nN9Io0iDzB7mZx4lweW4x5m RZPcXxHlUsdJuDLxk8AXl9PMb94wKOrRXzZ9teEVFcVOhbcgQ23xZBA14uyJ2Lvaq5iq CMVYh6MIW2gxZKtGFqe8iySofdKjwo/F1zXz/xBvdFkZddnOpFs6Hq1YPXN0GhPoY7ln YJ0Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706017700; x=1706622500; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=bzLxQCJ3U9DCpRJ5yXwMQBcjhl7BdXt2RvsA3j1C4HU=; b=ElsrnYs/Pk6Yd17KV5G+FqYBQmtfHaVVPREqLIkeJ57DpkpGvVNqWTjqUJoYeacuTC B0KOG5lgzF0tp0gU0fOj3tfd4NW2Zx21UAFTfL6hMM6Pehnx8Ou/7sHnu5OHqTWESqa6 JNcH1y+C6BEZjNyyBjLo9XWYjhe8FXsxAtVPaBALauorkSg93OLWulrwyUpCbnVP45mD /Azjsx+xtgODu/5pPlIhHoh2Gprty1ovP12WlUM/e3iAHzdClAXsWK0ZTZGIWg0W6Gq3 IZ6RoVepxZydlRhDLKl9gqb+UEYOfZaMHhjaEKlR2FrgKzBYw3W2ilmxzcjMrMaOD8t6 uHqA==
X-Gm-Message-State: AOJu0Yx6Lz+zrkrOjr3RyEnhy071TzeMcXzA5nIJIWvVQHEZmqfFRk8L kquny03+JB2VaMIlAvo8JZoJPRp6biRVIfSNUMJWe4eCxi2wA7TVs/gaClULPI+Kby4aBTeQW24 vmGyYlZTqsrf/FZBQMZzd+snVW2FT2zLaAaQKJA==
X-Google-Smtp-Source: AGHT+IG4+9eLoKv5bSnHMRbAxZXp2SlOB7eTb2DN/d4UjtCapk9iI8Lo+CjDXeMm+O6I7wQfA8F2Kmgz0/+7n3CBOHc=
X-Received: by 2002:a05:6a20:389d:b0:199:d6b5:247c with SMTP id n29-20020a056a20389d00b00199d6b5247cmr5473824pzf.87.1706017700284; Tue, 23 Jan 2024 05:48:20 -0800 (PST)
MIME-Version: 1.0
References: <CAN8C-_+5mSFAion-e4Ta6AZLVGadr7cdSWjw-UpnBvH9Z98ohw@mail.gmail.com> <05d901da4980$8c8021e0$a58065a0$@gmx.net> <CAP_qYy=Dh0wDJ1JwOkvLiRR==7ZJTH+oLtzSU=egho1L0===hQ@mail.gmail.com> <3a80e0ce-682e-e3c5-8f39-7f3731aa9c1f@free.fr> <a5a530c8-bf2d-1edb-8ba7-cb05b18ac151@free.fr> <CAP_qYymC=dWbVjQjQmJC7fFkQki5nN3D646TNCO8=JWXC-TOOQ@mail.gmail.com> <c1d7db80-61b6-629e-3ed9-6ed2065322db@free.fr> <AS8PR07MB7527985F6E29AF5620523D19AC712@AS8PR07MB7527.eurprd07.prod.outlook.com> <59401024-b4b3-054b-3b89-0f70f0e0400b@free.fr> <CAK2Cwb5YwPu1A7nvcUx8ypBXGXaFjrEdCxs5rnpYhCegtnPNkA@mail.gmail.com> <77c6057d94ae5a342e9776d04dbc71bd@waugh.com> <CAK2Cwb6N0Dc4tY3qV_scbD7xTAnby+Lz0YdTkGFmnMTJeZ8uBA@mail.gmail.com> <96e1cbae391e6e1c60bc04e3ae58d62f@waugh.com> <CAK2Cwb7MAQq8O=CX8ffidHt-ptT5JKTqEjAFfP1P4W-KHaWZ7Q@mail.gmail.com> <CAK2Cwb4eOtAR2e5zDYZ7g4N=18=DNdHuBzPPSCLOEPeR_e5cMA@mail.gmail.com> <CACsn0ckkhqUhbQis3dZWdEzO=Es+=xGAQUT7USK-5q++HD5ZXA@mail.gmail.com> <CAK2Cwb6OGVvGHrvNX4jKpdBRjngJfh2kciT1sASYxMPR9bF+Ww@mail.gmail.com>
In-Reply-To: <CAK2Cwb6OGVvGHrvNX4jKpdBRjngJfh2kciT1sASYxMPR9bF+Ww@mail.gmail.com>
From: Orie Steele <orie@transmute.industries>
Date: Tue, 23 Jan 2024 07:48:09 -0600
Message-ID: <CAN8C-_+Mp_xcjVg988o8duzg+=UuLA77iHmoxO=tc1hhEadhbg@mail.gmail.com>
To: Tom Jones <thomasclinganjones@gmail.com>
Cc: Watson Ladd <watsonbladd@gmail.com>, spice@ietf.org, Giuseppe De Marco <gi.demarco@innovazione.gov.it>, oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000001a15f060f9d3340"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/P97NDkELOHf5tlJqi9DWtufCAw0>
Subject: Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credential Status Attestations (typo)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jan 2024 13:48:39 -0000
There are at least 2 kinds of vp. W3C has them and they can be secured or not. SD-JWT has them, and they can have key binding or not. An sd-jwt without key binding is indistinguishable from a credential except for looking at the unprotected disclosures. SD-JWT has a section on forwarding presentations, that talks about redacting fields and presenting in a cases where key binding is not required. Key binding is basically the secured version of a W3C VP, but restricted to a single credential, instead of multiple credentials. Key binding is not required afaik. Therefore presentation can be forwarded / reused. OS On Tue, Jan 23, 2024, 12:51 AM Tom Jones <thomasclinganjones@gmail.com> wrote: > VPs are not reused AFAIK. > > thx ..Tom (mobile) > > On Mon, Jan 22, 2024, 4:41 PM Watson Ladd <watsonbladd@gmail.com> wrote: > >> It could be a resused one obtained from a different context. Does that >> matter? Depends on application. There's also a question of what it >> means the subject processed it: people don't process VCs, their >> computers do. (Hence the terminology of User Agent, not user, in the >> W3C) >> >> >> >> On Sun, Jan 21, 2024 at 4:46 PM Tom Jones <thomasclinganjones@gmail.com> >> wrote: >> > >> > I should have added - if you get a verifiable presentation from a >> wallet with a verifiable credential - it is my understanding that the VP is >> proof possession - in the sense that the VC has been processed by the >> subject to create the VP. >> > >> > I started to collect some information about that here - but it is far >> from complete. >> https://tcwiki.azurewebsites.net/index.php?title=Verifiable_Presentation#Full_Text_or_Meme >> > >> > ..tom >> > >> > >> > On Sun, Jan 21, 2024 at 1:03 PM Tom Jones <thomasclinganjones@gmail.com> >> wrote: >> >> >> >> Technically oauth is about authorization not authentication. And >> technically attestation is provided by rats and not oauth. So if you think >> that you are confused, so is everyone else at this point. >> >> >> >> thx ..Tom (mobile) >> >> >> >> On Sun, Jan 21, 2024, 11:51 AM <don@waugh.com> wrote: >> >>> >> >>> Hi Tom et al. >> >>> >> >>> Earlier this or last week someone wrote about the possibility of >> looking at things from a relying party's perspective. >> >>> >> >>> As a relying party I need a method for a user to prove who and what >> they are or have. Hence the user needs to present evidence as proof of who >> they are and in what capacity or holding they are presenting. >> >>> >> >>> I have been very involed in SSI and verfiable credentials (VC). Which >> is becoming a major way of presentiing evidence as proof. >> >>> >> >>> VCs are cryptographic proofs for a relying party. However the relying >> party also needs proof of who is presenting. WShen you combine the two you >> now address proof of possession problem which has been the underlying >> weakness of public key cryptography. >> >>> >> >>> I was not trying to be misleading. I was responding to the >> discussion below regarding " digital proof, digital credential, secure and >> privacy preserving fashion, collusion between holders, collection >> limitation, privacy principles, unlinkability between verifiers and more. >> >>> >> >>> I have done a lot of work in this area and believe have addressed the >> proof of possession issue of public key cryptography because I can >> cryptographically and privately bind a users biometrics with both their >> public and private keys and can embed the same with veriable credentials. >> Whereas when I see the OAuth work it seems to be trying to create an audit >> trail rather than solving the proof of posession by the original >> client/wallet initiating the transaction. >> >>> >> >>> As I said I was not trying to be misleading. At the same time I do >> not see the current OAuth track as solving this underlying proof of >> possesion problem that is needed by the relying party. >> >>> >> >>> Best >> >>> >> >>> Don >> >>> >> >>> And for the record I am not a technologist. I am a person who tries >> to solve business problems. >> >>> >> >>> >> >>> >> >>> On 2024-01-21 11:08, Tom Jones wrote: >> >>> >> >>> yes - i see that's what you are doing and think it is not only wrong, >> but misleading. >> >>> Somehow words like trust and proof are given technological >> definitions by technologists that do not reflect the words existing >> meaning, but seek to gain reflected credence by their use in technological >> contexts. . (like proof -> a cryptographic ability that is verifiable) >> >>> Perhaps you don't care that these are incorrect uses of the word? >> >>> >> >>> ..tom >> >>> >> >>> On Fri, Jan 19, 2024 at 10:46 AM <don@waugh.com> wrote: >> >>> >> >>> You present evidence as proof. >> >>> >> >>> >> >>> On 2024-01-19 12:50, Tom Jones wrote: >> >>> >> >>> >> >>> Proof seems to be yet another term for which we already have other >> terms. >> >>> Can anyone explain the difference between: >> >>> proof >> >>> presentation >> >>> evidence. >> >>> >> >>> ..tom >> >>> >> >>> On Fri, Jan 19, 2024 at 4:28 AM Denis <denis.ietf@free.fr> wrote: >> >>> >> >>> Hi Giuseppe, >> >>> >> >>> Ciao Denis, >> >>> >> >>> Thank you! By points. >> >>> >> >>> First, I still have a vocabulary problem. The text states: >> >>> >> >>> A digital credential may be presented to a verifier long after it has >> been issued. >> >>> >> >>> It should rather say: A digital proof (derived from a digital >> credential) may be presented to a verifier. >> >>> >> >>> Then, the text states: >> >>> >> >>> Verifier: >> >>> >> >>> Entity that relies on the validity of the Digital Credentials >> presented to it. >> >>> >> >>> >> >>> I should rather say: >> >>> >> >>> Verifier: >> >>> >> >>> Entity that relies on the validity of the digital proof >> presented to it. >> >>> >> >>> >> >>> >> >>> OAuth Status List can be accessed by a Verifier when an internet >> connection is present. >> >>> >> >>> This does not correspond to the flows of the figure. >> >>> >> >>> >> >>> the section enumerates the differences between oauth status list and >> oauth status attestations. >> >>> The subject of the sentence is then the oauth status list, below I >> report the original text in that point: >> >>> >> >>> Offline flow: OAuth Status List can be accessed by a Verifier when an >> internet connection is present. At the same time, OAuth Status List defines >> how to provide a static Status List Token, to be included within a Digital >> Credential. This requires the Wallet Instance to acquire a new Digital >> Credential for a specific presentation. Even if similar to the OAuth Status >> List Token, the Status Attestations enable the User to persistently use >> their preexistent Digital Credentials, as long as the linked Status >> Attestation is available and presented to the Verifier, and not expired. >> >>> >> >>> OK. >> >>> >> >>> >> >>> What about the support of "blinded link secrets" and "link secrets" >> (used with anonymous credentials) ? >> >>> >> >>> >> >>> Unfortunately I don't have these in the EUDI ARF and in my >> implementative asset but this doesn't prevent us to not include it in the >> draft. >> >>> >> >>> When writing this, I had the use case of BBS+ in mind. >> >>> >> >>> Published versions of the ARF is available here: >> https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/blob/main/docs/arf.md >> >>> >> >>> The word "privacy" is used once in a single sentence copied below >> which is: >> >>> >> >>> Attestation exchange Protocol. This protocol defines how to request >> and present the PID and the (Q)EAA in a secure and privacy preserving >> fashion. >> >>> >> >>> In the context of a single data controller, ISO 29100 identifies >> eleven privacy principles: >> >>> >> >>> 1. Consent and choice >> >>> 2. Purpose legitimacy and specification >> >>> 3. Collection limitation >> >>> 4. Data minimization >> >>> 5. Use, retention and disclosure limitation >> >>> 6. Accuracy and quality >> >>> 7. Openness, transparency and notice >> >>> 8. Individual participation and access >> >>> 9. Accountability >> >>> 10. Information security >> >>> 11. Privacy compliance >> >>> >> >>> None of them is being addressed. >> >>> >> >>> In addition, when considering a distributed system used by human >> beings, two additional privacy principles need to be taken into >> consideration >> >>> and none of them is mentioned: >> >>> >> >>> Unlinkability of holders between verifiers >> >>> >> >>> Untrackability of holders by a server, (i.e., a property >> ensuring that it is not possible for a server to know by which verifier the >> information it issues to a caller, >> >>> or derivations from it, will be >> consumed. In other words : Can the server act as Big Brother ? >> >>> >> >>> Margrethe Vestager, [former] Executive Vice-President for a Europe >> Fit for the Digital Age said: >> >>> >> >>> "The European digital identity will enable us to do in any >> Member State as we do at home without any extra cost and fewer hurdles. >> >>> Be that renting a flat or opening a bank account outside of our >> home country. And do this in a way that is secure and transparent. >> >>> So that we will decide how much information we wish to share >> about ourselves, with whom and for what purpose. >> >>> >> >>> Source: >> https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2663 >> >>> >> >>> >> >>> This statement is not mentioned in the ARF. >> >>> >> >>> >> >>> An additional important security consideration needs to be addressed: >> >>> >> >>> Collusions between holders (natural persons), which is >> difficult to support while at the same time the "collection limitation" >> privacy principle is considered. >> >>> >> >>> This can be illustrated by the following example: >> >>> >> >>> Can Alice (12) collude with Bob (25) to access to a verifier >> delivering age-restricted services or products (e.g., like the condition of >> being over 18) ? >> >>> Since Bob is over 25, he can obtain some "proof" that he is over >> 18. Can Alice (12) can advantage of this proof to access to age-restricted >> services or products ? >> >>> >> >>> Would you like to propose your idea in the current text (github issue >> or PR) about the possibility to enable this technology? >> >>> >> >>> On page 45 from COM(2021) 281 final, ( >> https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52021PC0281) >> there is the following statement: >> >>> >> >>> " A strengthened privacy-by-design approach could yield >> additional benefits since the wallet would not require intermediaries >> >>> in the process of asserting the attributes, thus enabling >> the citizen to communicate directly with the service and credential >> providers". >> >>> >> >>> Every IETF draft now includes both a Security Consideration section >> and a Privacy Consideration section. There is no such sections in ARF 1.0.X. >> >>> >> >>> Since ARF 1.0.X has not listed any privacy principle, it could not >> follow a privacy-by-design approach. >> >>> >> >>> >> >>> Before defining technical solutions, requirements would first need to >> be identified and agreed. At the moment, none of the five experiments is >> considering >> >>> the previously identified privacy principles (nor the above security >> consideration). >> >>> >> >>> There should first be an agreement to add both a Security >> Consideration section and a Privacy Consideration section to the ARF. >> >>> >> >>> Another consideration has been raised: the cryptographic algorithms >> being used should be quantum resistant. >> >>> >> >>> This is a good wish but nobody knows when this would really be needed. >> >>> >> >>> BBS+ is not believed to be quantum resistant. However, if one-time >> digital signatures are considered, they can be quantum resistant >> >>> (e.g., using SHA-3 and Lamport signatures). This would natively >> prevent verifiers to use the public key present in a credential proof to >> link accesses from >> >>> the same holder on different servers. This would mandate to issue >> batches of credentials in advance, which is only considered at a possible >> option >> >>> at the moment. This would also prevent using a "digital credential >> serial number" to perform a linkage between different digital proofs. >> >>> >> >>> For signing digital credentials, the FIPS 204 (DRAFT) >> MODULE-LATTICE-BASED DIGITAL SIGNATURE STANDARD might be considered. >> >>> >> >>> This does not mean in anyway that these algorithms should be used >> now, but it would be good to already know which kinds algorithms will be >> usable >> >>> when it will become really necessary to achieve quantum resistance. >> >>> >> >>> I mean, the current text satisfies the security requirements, in >> addition to this we can explore and enable additional methods, in >> particular when these brings additional benefits. >> >>> >> >>> A major section is missing: "Privacy considerations". >> >>> >> >>> >> >>> yes, the best is yet to come �� >> >>> >> >>> When doing a privacy-and-security-by-design approach, once the model >> and the key actors have be identified, these two sections should be >> filled-in first. >> >>> >> >>> :-) >> >>> >> >>> >> >>> >> >>> One of many privacy principles is: "unlinkability between verifiers". >> >>> >> >>> >> >>> yes. The scope of this specs is providing a "static" way to give a >> verifiable proof. In the privacy consideration I would start with the sotry >> of Giuseppe that presents his credential of org affiliation to an RP, >> giving org name, entitlements and position. Having the url and the index of >> the revocation status of that credential, the RP is technically able to >> continuosly check that Giuseppe is still emploied in that organization, >> even outside of a resonable time windows for the authorized >> authentication/session. >> >>> >> >>> then, the scopes of this draft is all about revocation and tracking >> prevention about the revocation checks. The problem of linkability belongs >> to the credential and not to the status attestation (if I didn't miss >> anything). >> >>> >> >>> Let us now come back to Status Attestations when using one-time >> digital credentials. >> >>> Let us consider two cases: whether the status attestation request is >> done by the holder or by the verifier. >> >>> >> >>> 1) If the status attestation request is done by the holder, this >> means that it is online and in such a case, it could ask for a batch of >> one-time digital credentials >> >>> with short expiration dates without the need to request Status >> Attestations. >> >>> >> >>> 2) If the status attestation request is done by the verifier and if >> the server able to provide Status Attestations is different from the server >> issuing the digital credential, >> >>> then a query to that other server will prevent the issuer to know >> where the digital proof has been presented by the holder. This would allow >> the holder to get >> >>> digital credentials with longer expiration dates. >> >>> >> >>> Seen from the wallet, the following strategy would be used: >> >>> >> >>> If the wallet knows that it is on-line, it will use or request a >> digital credential with a short expiration date. >> >>> This will avoid the verifier to make a call when it receives the >> digital proof. >> >>> >> >>> If the wallet knows that it is off-line, it will use an already >> stored digital credential with a long expiration date. >> >>> If the server able to provide Status Attestations is, in fact, not >> really independent from the server issuing the digital credential, >> >>> the linkability between verifiers will be limited to servers accessed >> using NFC. Hence, the risk will be mitigated. >> >>> >> >>> Both types of digital credential will then have their own merits. >> >>> >> >>> Yes, I will, The sections Rationale and Privacy Consideration are the >> most funny and we'll continue on those. Thank you for the hints, I >> appreciate! >> >>> >> >>> In this rather long email, you have further hints. >> >>> >> >>> :-) >> >>> >> >>> Denis >> >>> >> >>> >> >>> >> >>> ________________________________ >> >>> Da: Denis <denis.ietf@free.fr> >> >>> Inviato: giovedì 18 gennaio 2024 19:25 >> >>> A: demarcog83 <demarcog83@gmail.com> >> >>> Cc: spice@ietf.org <spice@ietf.org>; Giuseppe De Marco < >> gi.demarco@innovazione.gov.it>; oauth <oauth@ietf.org> >> >>> Oggetto: Re: [SPICE] [OAUTH-WG] OAuth Digital Credential Status >> Attestations (typo) >> >>> >> >>> >> >>> Non si ricevono spesso messaggi di posta elettronica da >> denis.ietf@free.fr. Informazioni sul perché è importante >> >>> >> >>> Questa email arriva da un mittente insolito. Assicurati che sia >> qualcuno di cui ti fidi. >> >>> Giuseppe, >> >>> >> >>> You are perfectly right, I read your draft too quickly. >> >>> >> >>> 1) The text mentions near the end: >> >>> >> >>> OAuth Status List can be accessed by a Verifier when an internet >> connection is present. >> >>> >> >>> This does not correspond to the flows of the figure. >> >>> >> >>> 2) The text states: >> >>> >> >>> " The proof of possession MUST be signed with the private key >> corresponding to the public key attested by the Issuer >> >>> and contained within the Credential". >> >>> >> >>> What about the support of "blinded link secrets" and "link secrets" >> (used with anonymous credentials) ? >> >>> >> >>> 3) A major section is missing: "Privacy considerations". >> >>> >> >>> One of many privacy principles is: "unlinkability between verifiers". >> >>> >> >>> If or when the status attestation allows to support this privacy >> principle, it should be indicated how it can be supported. >> >>> If or when it does not, this should be mentioned as well. >> >>> >> >>> Denis >> >>> >> >>> Ciao Denis, >> >>> >> >>> thank you for the quick reply and for your contribution. >> >>> The scope of the current draft is to provide a verifiable artifact >> that give the proof that a specific credential is active, then not revoked. >> >>> >> >>> >From your sequence diagram I read a digital credential issuance, >> while this is not in the scope of the draft. >> >>> best >> >>> >> >>> >> >>> Il giorno gio 18 gen 2024 alle ore 10:26 Denis <denis.ietf@free.fr> >> ha scritto: >> >>> >> >>> Typo: Change: "proof or origin of wallet instance" >> >>> into : "proof of origin of wallet instance". >> >>> >> >>> The figure has been corrected below. >> >>> >> >>> Denis >> >>> >> >>> Hi Giuseppe, >> >>> >> >>> The current figure in the Introduction from >> draft-demarco-status-attestations-latest is: >> >>> >> >>> +-----------------+ +-------------------+ >> >>> | | Requests Status Attestation | | >> >>> | |---------------------------->| | >> >>> | Wallet Instance | | Credential Issuer | >> >>> | | Status Attestation | | >> >>> | |<----------------------------| | >> >>> +-----------------+ +-------------------+ >> >>> >> >>> >> >>> +-- ----------------+ +----------+ >> >>> | | Presents credential and | | >> >>> | Wallet Instance | Status Attestation | Verifier | >> >>> | |---------------------------->| | >> >>> +-------------------+ +----------+ >> >>> >> >>> IMO, using the vocabulary agreed during the last BoF video >> conference, this figure should be modified as follows: >> >>> >> >>> >> >>> +------------+ >> +-------------------+ >> >>> | | Requests Digital Credential | >> | >> >>> | | and presents proof of knowledge of | >> | >> >>> | | either a private key or a link secret | >> | >> >>> | | and proof of origin of wallet instance | Credential >> Issuer | >> >>> | Holder |--------------------------------------->| >> | >> >>> | | | >> | >> >>> | | Digital Credential | >> | >> >>> | |<---------------------------------------| >> | >> >>> +------------+ >> +-------------------+ >> >>> >> >>> >> >>> +-- ---------+ >> +-------------------+ >> >>> | | Presents Credential proof | >> | >> >>> | Holder | | >> Verifier | >> >>> | |--------------------------------------->| >> | >> >>> +------------+ >> +-------------------+ >> >>> >> >>> Denis >> >>> >> >>> >> >>> >> >>> Hi Hannes, >> >>> Thank you for your quick reaction and also to Orie for sharing. >> >>> I've submitted the draft, here: >> https://datatracker.ietf.org/doc/draft-demarco-status-attestations/ >> >>> >> >>> Regarding the term Attestation: good point. We have decided to use >> this term since in several IETF and OpenID drafts this term seems pretty >> established, the term Attestation is found at least in the following >> specifications: >> >>> - Attestation based client-authentication (it's in the title) >> >>> - OpenID4VC High Assurance Interoperability Profile with SD-JWT VC >> (wallet attestation) >> >>> - OpenID for Verifiable Presentations - draft 20 (verifier >> attestation) >> >>> - OpenID for Verifiable Credential Issuance (section "Trust between >> Wallet and Issuer": Device Attestation) >> >>> >> >>> Meantime in the eIDAS Expert group this term is going to be changed >> to "Wallet Trust Evidence". >> >>> >> >>> I don't have a strong opinion on what would be the best semantic for >> this, I just have realized the functional difference between a Digital >> Credential and an Attestation: >> >>> the first requires the user to be authenticated and give consent for >> using the secure storage. The second is obtained with a machine2machine >> flow where no user interaction is required, the secure storage is not >> required, no user information is contained in it since the subject is the >> wallet instance and not the user, it cannot be (re)used without the >> cryptographic proof of possession. Probably a discussion could start about >> this term aiming to align several specifications on the same terminology. I >> could say that Status Attestation is a specific artifact defined for a >> specific context, other attestations can be defined outside the functional >> perimeter of this specification. Let's talk about it, it doesn't matters >> changing terms (eventually mindsets on perceivable meanings). >> >>> >> >>> Here I share some notes I picked along the last two months about this >> brand new individual draft: >> >>> >> >>> - it is related to digital credential only, I don't expect to use it >> in legacy infrastructure different from wallet. I really don't need this >> kind of mechanism in OIDC or any other traditional infrastructure since >> these doesn't show the privacy issues the wallet ecosystem has; >> >>> - it would interesting mentioning in the introduction that's >> pratically an ocsp stapling like mechanism, just to give some context >> (credit: Paul Bastien); >> >>> - The Rationale section needs to clarify better problems and >> solutions, where it seems that the problem does not exist or that it is >> weak. A review is necessary to clearly bring the benefits; >> >>> - Editorials mistake are still along the reading. >> >>> >> >>> thank you for your time and interest, >> >>> best >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> Il giorno mer 17 gen 2024 alle ore 21:06 <hannes.tschofenig= >> 40gmx.net@dmarc.ietf.org> ha scritto: >> >>> >> >>> Hi Guiseppe, Francesco, Orie, >> >>> >> >>> >> >>> >> >>> @Orie: Thanks for sharing the draft. >> >>> >> >>> >> >>> >> >>> As a quick reaction: It would be good to invent a new term for >> "attestation" in draft-demarco-status-attestations.html because this term >> is already widely used in a different context (see RFC 9334). >> >>> >> >>> >> >>> >> >>> @Guiseppe and Francesco: It would be great if you could submit your >> draft to OAuth or SPICE for discussion. >> >>> >> >>> >> >>> >> >>> Ciao >> >>> >> >>> Hannes >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> From: OAuth <oauth-bounces@ietf.org> On Behalf Of Orie Steele >> >>> Sent: Mittwoch, 17. Jänner 2024 19:07 >> >>> To: spice@ietf.org >> >>> Cc: oauth <oauth@ietf.org> >> >>> Subject: [OAUTH-WG] OAuth Digital Credential Status Attestations >> >>> >> >>> >> >>> Hello Digital Credential Enthusiasts, >> >>> >> >>> See: >> https://peppelinux.github.io/draft-demarco-status-attestations/draft-demarco-status-attestations.html >> >>> >> >>> Note the use of the term digital credential, and the alignment to CWT >> based credentials and CWT based credential status lists. >> >>> >> >>> As a quick summary of the editors draft above: >> >>> >> >>> It is basically a refresh-token-like approach to dynamic state, where >> the holder retrieves updated state from the issuer at regular intervals, >> and can then present that dynamic state directly to the verifier. >> >>> >> >>> This eliminates the herd privacy and phone home issues associated >> with W3C Bitstring Status Lists. >> >>> >> >>> And it informs the holder of dynamic state, so the digital wallet can >> provide a better user experience. >> >>> >> >>> However, an issuer (government or ngo) could use the interval of >> requesting dynamic state, to track the holder... so the guidance from >> https://datatracker.ietf.org/doc/draft-steele-spice-oblivious-credential-state/ >> >>> >> >>> Is also relevant to this draft. >> >>> >> >>> I also learned that >> https://datatracker.ietf.org/doc/draft-ietf-oauth-sd-jwt-vc/ >> >>> >> >>> Has defined a new property for expressing "Verifiable Credential" >> "type" `vct`, which is different from how W3C defines credential types. >> >>> >> >>> W3C uses the expanded IRI for the graph node type, based on the >> JSON-LD context. >> >>> >> >>> For example with: >> >>> >> >>> { >> >>> "@context": [ >> >>> "https://www.w3.org/ns/credentials/v2", >> >>> "https://www.w3.org/ns/credentials/examples/v2" >> >>> ], >> >>> "id": "http://university.example/credentials/1872", >> >>> "type": ["VerifiableCredential", "ExampleAlumniCredential"], >> >>> ... >> >>> } >> >>> >> >>> The credential type in RDF becomes " >> https://www.w3.org/ns/credentials/examples#ExampleAlumniCredential" >> >>> >> >>> Which is different from "ExampleAlumniCredential" in JSON... More >> evidence that RDF leads to developer confusion regarding safe typing. >> >>> >> >>> The OAuth solution does not have this confusing issue, they set the >> type explicitly: >> >>> >> >>> { >> >>> "vct": "https://credentials.example.com/identity_credential", >> >>> "given_name": "John", >> >>> "family_name": "Doe", >> >>> "email": "johndoe@example.com", >> >>> "phone_number": "+1-202-555-0101", >> >>> "address": { >> >>> "street_address": "123 Main St", >> >>> "locality": "Anytown", >> >>> "region": "Anystate", >> >>> "country": "US" >> >>> }, >> >>> "birthdate": "1940-01-01", >> >>> "is_over_18": true, >> >>> "is_over_21": true, >> >>> "is_over_65": true, >> >>> "status": { >> >>> "status_attestation": { >> >>> "credential_hash_alg": "S256", >> >>> } >> >>> } >> >>> } >> >>> >> >>> Regards, >> >>> >> >>> OS >> >>> >> >>> -- >> >>> >> >>> >> >>> >> >>> ORIE STEELE >> >>> Chief Technology Officer >> >>> www.transmute.industries >> >>> >> >>> _______________________________________________ >> >>> OAuth mailing list >> >>> OAuth@ietf.org >> >>> https://www.ietf.org/mailman/listinfo/oauth >> >>> >> >>> >> >>> _______________________________________________ >> >>> OAuth mailing list >> >>> OAuth@ietf.org >> >>> https://www.ietf.org/mailman/listinfo/oauth >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> _______________________________________________ >> >>> OAuth mailing list >> >>> OAuth@ietf.org >> >>> https://www.ietf.org/mailman/listinfo/oauth >> >>> >> >>> >> >>> _______________________________________________ >> >>> OAuth mailing list >> >>> OAuth@ietf.org >> >>> https://www.ietf.org/mailman/listinfo/oauth >> > >> > _______________________________________________ >> > OAuth mailing list >> > OAuth@ietf.org >> > https://www.ietf.org/mailman/listinfo/oauth >> >> >> >> -- >> Astra mortemque praestare gradatim >> > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
- [OAUTH-WG] OAuth Digital Credential Status Attest… Orie Steele
- Re: [OAUTH-WG] OAuth Digital Credential Status At… hannes.tschofenig
- Re: [OAUTH-WG] OAuth Digital Credential Status At… Giuseppe De Marco
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Leif Johansson
- Re: [OAUTH-WG] OAuth Digital Credential Status At… Denis
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Denis
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Giuseppe De Marco
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Denis
- Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credentia… Denis
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Paul Bastian
- Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credentia… Tom Jones
- Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credentia… Orie Steele
- Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credentia… Tom Jones
- Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credentia… Tom Jones
- Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credentia… Tom Jones
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Tom Jones
- Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credentia… Watson Ladd
- Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credentia… Tom Jones
- Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credentia… Orie Steele
- Re: [OAUTH-WG] [SPICE] R: OAuth Digital Credentia… Oliver Terbu
- Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credentia… Tom Jones
- Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credentia… Giuseppe De Marco
- Re: [OAUTH-WG] R: [SPICE] OAuth Digital Credentia… Giuseppe De Marco
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Denis
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Giuseppe De Marco
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Denis
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Giuseppe De Marco
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Giuseppe De Marco
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Denis
- Re: [OAUTH-WG] [SPICE] OAuth Digital Credential S… Tom Jones