[OAUTH-WG] Re: WGLC for SD-JWT

Michael Jones <michael_b_jones@hotmail.com> Wed, 18 September 2024 04:00 UTC

Return-Path: <michael_b_jones@hotmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08EA1C15154D for <oauth@ietfa.amsl.com>; Tue, 17 Sep 2024 21:00:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.232
X-Spam-Level:
X-Spam-Status: No, score=-6.232 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u5-zgYUSQDpN for <oauth@ietfa.amsl.com>; Tue, 17 Sep 2024 20:59:59 -0700 (PDT)
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12olkn2098.outbound.protection.outlook.com [40.92.22.98]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12A4AC14F5EF for <oauth@ietf.org>; Tue, 17 Sep 2024 20:59:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Gxgx9DOhNGG8vuV/Imi+9uRmc3K5I95gAIOItvZHQi6jchiHSygi9YqsVbZe1TiQi+h8AP/rXcJrvPvH/Ym4BR4sRV2wBjXOM8XUUBThtprAUcTvrhVMcSRL1Liw/UkV/xr9ehpqMve+s+8WLfdTEexXsG7ieobdtjwGLEkyLNZYd6lbGzlxHl33S8/cLDNolAkzrrc9Ivu6V+nZ6Waf/dRrnTLHYpSlEEZHVm2PsLhKIL44wdTRQiSZuN4KRXK2PJEn02MaZ3HiNzki161+Zgqj/sS0RQAOHzkGgiU50AKIY8dGCOmSSBvXA9GbBioa9lLVy3qS+MXRAvBeFexFLQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=nijbEi2RfOVuDhT57oCVoDE7JA8cJh5PeGtIjzBZ4Dg=; b=Wsbfszmo7o4wTARSVT2gZi4FZwQnNUFkXd+wWtE8P6YGyZ4ry3MrfPQrxvuRH82wzEwhwCQAnYnDJ9+9tj0ldqBrLl623jzDy80lf5IAfbszdju4cXzGz+KktGEM/PXvPNOp1aHmSHOjGfvu/89URREXXhgJCt3gJzslZ5RuqnXv/CdRskRMcg33ysBBLFFQhtA8B6UaZ9gJfR8z7wcYJ8JC0BaUH2lyhgFNI3wlwIZ6RCQG6ob3SaKjdPVL0JFw33fgquIe2SrMfjWr5gEy4K98ihwHhhNtVzf9u/Pqa6ruqZGjdgmPQuUrDd891Lp18yfCIoyx8HX7uQl/laDobQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nijbEi2RfOVuDhT57oCVoDE7JA8cJh5PeGtIjzBZ4Dg=; b=VDzqziywb82nGq4kX0hJNIj32o5m/kQnIQIWWci/s0BxcKiHz8hl/87AbkSaLWjCI0B8XhshT3JBlo2cmQooPKYyuEzNo7kcg3dc1prg6ZlULHJ1QGX10neu6WM0T2d/krNICjuiunPTtMe2ea3tFB2MtDZ75BTJK/wPIyu1hnbsgXMlqlOr6tb+OM62U0eHuL3owOFgiZyj5/UGyJfyvLBShfK+T7tZeFsTlQaUkqIX6N3tXRbCthlnRSUnRRDnva9Q9/UeCpUhnvaedP70QHAZllpiQ6ZFCu/jfSUIIeYFwRRqbBFPnqSode/5PjAb1q269cp8Tbff9AnIt08zsQ==
Received: from SJ0PR02MB7439.namprd02.prod.outlook.com (2603:10b6:a03:295::14) by SA0PR02MB7292.namprd02.prod.outlook.com (2603:10b6:806:eb::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7962.24; Wed, 18 Sep 2024 03:59:57 +0000
Received: from SJ0PR02MB7439.namprd02.prod.outlook.com ([fe80::6394:e79c:c32a:4c6a]) by SJ0PR02MB7439.namprd02.prod.outlook.com ([fe80::6394:e79c:c32a:4c6a%3]) with mapi id 15.20.7962.022; Wed, 18 Sep 2024 03:59:57 +0000
From: Michael Jones <michael_b_jones@hotmail.com>
To: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>, oauth <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] WGLC for SD-JWT
Thread-Index: AQHa/e2kCOoSxjyNG0CnAzRpitfKSLJdAFTg
Date: Wed, 18 Sep 2024 03:59:56 +0000
Message-ID: <SJ0PR02MB7439518694FB2E9C0FD51CD0B7622@SJ0PR02MB7439.namprd02.prod.outlook.com>
References: <CADNypP_BESkJTXfuv=G9HnLcGwhpSYRggYDZxzaq6-6AaARh0w@mail.gmail.com>
In-Reply-To: <CADNypP_BESkJTXfuv=G9HnLcGwhpSYRggYDZxzaq6-6AaARh0w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SJ0PR02MB7439:EE_|SA0PR02MB7292:EE_
x-ms-office365-filtering-correlation-id: 2c010a29-4935-4b57-36aa-08dcd7965bd7
x-microsoft-antispam: BCL:0;ARA:14566002|7092599003|9400799024|19110799003|461199028|12050799009|15080799006|8060799006|102099032|1602099012|440099028|4302099013|3412199025;
x-microsoft-antispam-message-info: /ZqF3mTmpjar4Y1n0hrMHlxvskTQvKZ6GkEQ0N7tvvIrOK00zQpjBmXuMtp1zNumue0t5as3WJgqHtXn+tAb+0wlKClc3e3egga3Zh/MEWy24CYFDhIUreQch9sjsoorXq3veQRwLrEG/35uuumxrxKdFaqGhNZqN8XC9nHasJ9OPMokJbPsoaiyCEJMQNWrvEowdTDlrTRXX8xz5w3iVN4kR2WLoMkTTlOUuB1RuSqviN5JlaXuv81h0KPjAODj8KxPYF1NoYEnA49jA21dutGLlDUprYO82tWxr+jJcY7JTSgNWUDRbR6HWFdqhFgs/x6OYTp3Z7qeQ5swVgu3D6uBBUWJ1NP4foPYnjawNCZKU9CV6OdbmYosaxp66vntEh89h4v3f5gL7EMUkddG4asbIuvVfQ1ijnUr39Z1LKGLmytS2qtYnhpRJL92DKwoxbBnya7dqGYm8P0ODEBqWud70BTVZACCVvEKTRWvocILRXqH8TFDHDiZNpeVsRByFsmYmkumnPSSs+FC95lNTB3200NmraH/fwYpkGSm/YQBj0oCgnwaCV1pTZBdvX1XMRGfPd//wITmOljkfEU3sO9Ktpp9j+7ydGhC5Yo3Y8zznucAhskVC8qVNIwY/pSWa3eodWi4bEFbaP8WbMnLqxeZOanLiiNbEozXWT3VjfPrUwoFuEY8H0Nwvw3gaH6NCfcTXJ7/TXnGsIusoKDKBuf98YKfKv5gF6mEEOL9o7UkplrGEKHVA/8a6lKiY7Q5QniKiOaGP76AI+vflEtWIOFCQITNhgwhdyLLZV/d/VxMJr8rZFIlDPGG3ImEL/CJKFxbX9aCkiHz330YnBuBGh2as60GZc68hhS/9KWnT2JFZ/cDXQK2J/6ppOEoi9sdFHWU0ZWQykJuxOJsqsq+yPagGzqS31NI/RPttd/zn9YFa0x9/2bpOdaYwAa2q7Tf
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: HH2zecBUKRdORPCkwrXY328SNtIAj/ouykzmUOrkKBXRQho4+F5UYPU5NP4bbfKs50JMkZb7O0VIFKiOG0j54JqqCT6Md8qwznaDl91VrUXQj/CpVkfyc8pXh7flCCz73OUsB9U5jhn6/K8I/ZJX8KTQrp1mzQhBr0sDGAOabe8y1bu0KimtRVNElUxSnHxwmh95KYHjdQPNkT+td+gtx1SY8e2ZkEBzwDRuH2fmCzbi3tU/Tpl2MpLkrcmIqrpzB+qspEwOE5jdDxnhsQV8K5jPhaNz9fu/ShKx8GurpYM/VJjK7vfgyROnJ0jNL2b+CZobLZIrOIVCJzO4JS7eU1mcl6d8+/AiHTSRrKL9uF7JdJqhnML8Ch/RQC5piDKxFAIj6u+/k5tc5j54kH3UycUNeVk+YBgrWVcYCwXo74uxsgqLR18mkBTNwiJguH7VuwME6cPWy/SWCuEhB19NLcUbfVw3Uo55CLBb2YVQuatWzXE+iBb4Y5amr8LokkVVqte9xFeIjc3VZStALzKzdiogvFg0q6WRbYR4b0MX+faF5FBKXGsr66+8Wm1jnHvuiQsw9hgJLnobDqmf89wL9z8Ow3ERRYs8ljzov5JZWG+Y9JIPGI1A1PafA4JKhTgeMyS5qwTIZPGw49rAAxh9ltoh77miKAgRqCMl3inPkHe8I1miJ2BBU53GLOb/f0qhiqCsn97NKNQ5gkluQg4Ya3LV/0aes+wKzHMSOiHgXwDQ/Cii+1Z6pFdm098g0yRHjOR16i7Z1gCd+aXLpXW0D11HgZVAzz3KxeZlYPekESBXUU9JAp7+6yWhA0Nevh4AxFG1lHmWe0seELGsMqrSxmDmotEFRrytBoTds7Fn+YAuIq6E9htvDVK6M7gaZIpbuR2yyT31Y886MvbKZSASzOLaeO0Rhk6gmy6ppDGe5DF1Bh2k7HY3jV5c9Jo7Xiry3Bipx6xLnvFEKCMkFnVxRC035rR//7BppuPx71rBZGAf9mfZxVu6h6CeZIBQMtW61XPG3AwbfOIdP6Qc0nCSgksmMVVzwb75gj16PeeERoCZBVxKSmfRDbEW1ig7V45ut/rN2HzhIdYYfC40UetA/8hfXZiTn9JvFqlVP3abzWXRv9Oig1p1Ghn4zcBU1gOQXsnwiRD1h/W4HKIJrrzhQPfHRg1A8Ety6DB/4Iqi8dI2LlBTQcW1Cp3K3aUbDQFn3DHK+tGBwoc3hYDfEMt+4y1fTn4FGWlpKUKSJQuLFpM=
Content-Type: multipart/alternative; boundary="_000_SJ0PR02MB7439518694FB2E9C0FD51CD0B7622SJ0PR02MB7439namp_"
MIME-Version: 1.0
X-OriginatorOrg: sct-15-20-7719-20-msonline-outlook-0f88b.templateTenant
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR02MB7439.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: 2c010a29-4935-4b57-36aa-08dcd7965bd7
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Sep 2024 03:59:56.5339 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR02MB7292
Message-ID-Hash: GRIXWIUAW2HJ7UOE6JUCX7HPXRWFGHV3
X-Message-ID-Hash: GRIXWIUAW2HJ7UOE6JUCX7HPXRWFGHV3
X-MailFrom: michael_b_jones@hotmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [OAUTH-WG] Re: WGLC for SD-JWT
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/W88oMIu_no3KYsU60MTmBsuSIJI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>

I'm going to resurrect exactly one of my previous review comments that was not addressed.  The original comment was:

6.1. <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-10.html#section-6.1> Issuance<https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-10.html#name-issuance>:  There are many places from here on where the label "SHA-256 Hash" is used, for instance "SHA-256 Hash: jsu9yVulwQQlhFlM_3JlzMaSFzglhQG0DpfayQwLUK4".  Change all of these to "Base64url-Encoded SHA-256 Hash" for correctness.

Brian responded "The current wording might not be as descriptive as you'd like but it is correct."

I'll water down my request if you're not willing to change all the occurrences to "Base64url-Encoded SHA-256 Hash" to then please at least add a textual caveat before the first such occurrence along the lines of:
In the text below and in other locations in this specification, the label "SHA-256 Hash:" is used as a shorthand for the label "Base64url-Encoded SHA-256 Hash:".

As I said in my initial review, I look forward to this specification being published as an RFC.

                                                                Best wishes,
                                                                -- Mike

From: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>
Sent: Tuesday, September 3, 2024 3:39 AM
To: oauth <oauth@ietf.org>
Subject: [OAUTH-WG] WGLC for SD-JWT

All,

As per the discussion in Vancouver, this is a WG Last Call for the SD-JWT document.
https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-11.html

Please, review this document and reply on the mailing list if you have any comments or concerns, by Sep 17th.

Regards,
  Rifaat & Hannes