[OAUTH-WG] Re: SD-JWT and Unlinkability
Tom Jones <thomasclinganjones@gmail.com> Sat, 21 September 2024 15:53 UTC
Return-Path: <thomasclinganjones@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46254C14F6A9 for <oauth@ietfa.amsl.com>; Sat, 21 Sep 2024 08:53:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gj9r48yQTgWt for <oauth@ietfa.amsl.com>; Sat, 21 Sep 2024 08:53:43 -0700 (PDT)
Received: from mail-ej1-x62b.google.com (mail-ej1-x62b.google.com [IPv6:2a00:1450:4864:20::62b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF6C1C14F6A5 for <oauth@ietf.org>; Sat, 21 Sep 2024 08:53:43 -0700 (PDT)
Received: by mail-ej1-x62b.google.com with SMTP id a640c23a62f3a-a90349aa7e5so420287166b.0 for <oauth@ietf.org>; Sat, 21 Sep 2024 08:53:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1726934022; x=1727538822; darn=ietf.org; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=3DQ5EhlVNZOs8T3JDrgEcOe6qAoCba6ECj+SJWmW0oA=; b=MgIY81CBJGyuBVV8pW3SSjBffiOZJXpY485JjOe2g7gQOLcia1EWeMDSHcKBl8ys2N wpjFozRto58XmqOibe3mMuJMUZH/BE60hx8+KGvXNnLzbSJrey3WV0cXfOgPzSHn0J0C p4ZDpMwG1bi2bxK4Yp2h/co3Ip9/4hDGLgXAZXYEricxH1wjXy4ZEPfSrI4UMvnlPfT8 wF+1H8Y6JQSu/M5Gus4VGAVMpafPzjFrOB5llur3y8BgctLfr17Go2JkN8HWV0j+uat2 LKwI2Gnx0EB3O8z4paOmxXcSyaOctm858QMieVYPTUC1e2TcIDq2vSTRlI4vppBq73t/ vrHw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726934022; x=1727538822; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3DQ5EhlVNZOs8T3JDrgEcOe6qAoCba6ECj+SJWmW0oA=; b=CbsqlEc/hUuYshjokHFwdbF/bS8ifH0M1eTQah5IxRovHdSZWh7S+Kpve5uTxasU+a n0kctQ8ZzvLAo5WonSZKmsDbJsHdO0n416WydbunbO8rcWNX66sP+jvxCTFIx7xhMLqa bKxbJWkwcs1fiRU85HNHUCVJVy+gMxcICIXEWkB/r3WwFa2YI1eAdfnFI7haW9iXoQk6 Djs873iE7SMwB7tJBhVguAMn6jSKruDgMwjzS0k/YOTLffE7WqygFyyCJV6OjDD10RJS Fxrs/GHeoxvA2mas/kdvX+ZFI+PkLgNkV+Nj62ZBM4z+iUrM7fsq7FReaWN9xjZaYoGB seJQ==
X-Forwarded-Encrypted: i=1; AJvYcCWZSZoYSQY9Hc418dnyVxqhFV/YZi+7gPDfmuG9ig76M7M1I59k+sqtepB7/nQmPVLRyMGv6Q==@ietf.org
X-Gm-Message-State: AOJu0Yxs2+8ZVyEFDI2reWhmFAwlU89/mS+33fpPlwl5ewYvN42hk9k9 WG/a2da8uyC1Zf+rrzpgtmjmptVdUY18swipTJQngkVXDzKHWE7gy8HzoMEW8afxb53Cfy2zTSw 72PQjW1fr5y491l5qG60V47mVtpU=
X-Google-Smtp-Source: AGHT+IF4Yo6GFgZwWox8nK0cBhB/pguHBZqew+FREFQF5cs3SJdklhsOo57RBVa9XC3/8OVLvPKPWAF8/3gd/lw74xw=
X-Received: by 2002:a17:906:db07:b0:a86:ae95:eba3 with SMTP id a640c23a62f3a-a90d599ce8emr661202066b.62.1726934022042; Sat, 21 Sep 2024 08:53:42 -0700 (PDT)
MIME-Version: 1.0
References: <CAD9ie-s_gFmkCC8uKXQXC0W1u_zcaktvvNV6wEC4RtJQMarnng@mail.gmail.com> <51d9e2b2-e766-4eea-8b31-a0ae5b2cfae4@danielfett.de>
In-Reply-To: <51d9e2b2-e766-4eea-8b31-a0ae5b2cfae4@danielfett.de>
From: Tom Jones <thomasclinganjones@gmail.com>
Date: Sat, 21 Sep 2024 08:53:30 -0700
Message-ID: <CAK2Cwb7nP-VPRjzbw36GRxQapVGYYyqYHOe9SNBPFpweParpkQ@mail.gmail.com>
To: Daniel Fett <mail=40danielfett.de@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ef3dee0622a3280c"
Message-ID-Hash: S2FJBJJCBJK3QX25DUXRHTD2UCDGUM5R
X-Message-ID-Hash: S2FJBJJCBJK3QX25DUXRHTD2UCDGUM5R
X-MailFrom: thomasclinganjones@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Dick.Hardt@gmail.com, oauth@ietf.org, kristina@sfc.keio.ac.jp
X-Mailman-Version: 3.3.9rc4
Precedence: list
Reply-To: peace@acm.org
Subject: [OAUTH-WG] Re: SD-JWT and Unlinkability
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/U74nRa_UV1fvz8MO5Ran0pzLSH4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
that doesn't answer the question about users randomly selecting some to store and some to reject. This seems to me like user private information. As is most of the feedback to the issuer from the wallet. Peace ..tom jones On Sat, Sep 21, 2024 at 7:30 AM Daniel Fett <mail= 40danielfett.de@dmarc.ietf.org> wrote: > Hi Dick, > > Batch credential (not claims) issuing has become the default approach to > circumvent the inherent limitations of salted-hash-based credentials > formats. This was neither invented by us, nor is it unreasonable to ask > implementers to do it. Protocols such as OpenID4VCI support it. > > -Daniel > Am 21.09.24 um 06:42 schrieb Dick Hardt: > > Is it really going to be practical to batch issue claims, and have the > holder randomly choose between them on presentation? > > As an implementer, what is the right number of claims to be in a batch? > > This section of the draft reads as a hack to add a new capability > (unlinkability) to a mechanism that did not have that as a design objective. > > This is going to be like the "alg":"null" for SD-JWT. :-) > > > _______________________________________________ > OAuth mailing list -- oauth@ietf.org > To unsubscribe send an email to oauth-leave@ietf.org >
- [OAUTH-WG] SD-JWT and Unlinkability Dick Hardt
- [OAUTH-WG] Re: SD-JWT and Unlinkability Daniel Fett
- [OAUTH-WG] Re: SD-JWT and Unlinkability Tom Jones
- [OAUTH-WG] Re: SD-JWT and Unlinkability Dick Hardt
- [OAUTH-WG] Re: How to get the benefits of BBS+, w… Watson Ladd
- [OAUTH-WG] Re: SD-JWT and Unlinkability Kristina Yasuda
- [OAUTH-WG] Re: SD-JWT and Unlinkability Kristina Yasuda
- [OAUTH-WG] Re: SD-JWT and Unlinkability Daniel Fett
- [OAUTH-WG] Re: SD-JWT and Unlinkability Dick Hardt
- [OAUTH-WG] Re: SD-JWT and Unlinkability Kristina Yasuda
- [OAUTH-WG] Re: SD-JWT and Unlinkability Denis
- [OAUTH-WG] Re: SD-JWT and Unlinkability Dick Hardt
- [OAUTH-WG] How to get the benefits of BBS+, witho… Denis
- [OAUTH-WG] Re: SD-JWT and Unlinkability Dick Hardt
- [OAUTH-WG] Re: SD-JWT and Unlinkability Watson Ladd
- [OAUTH-WG] Re: SD-JWT and Unlinkability David Waite