[OAUTH-WG] Re: Alternative text for sd-jwt privacy considerations.
David Waite <david@alkaline-solutions.com> Fri, 27 December 2024 00:14 UTC
Return-Path: <david@alkaline-solutions.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B914EC14F5F9 for <oauth@ietfa.amsl.com>; Thu, 26 Dec 2024 16:14:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=alkaline-solutions.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6LeU7GFOlIzN for <oauth@ietfa.amsl.com>; Thu, 26 Dec 2024 16:14:47 -0800 (PST)
Received: from mail.alkaline-solutions.com (caesium6.alkaline.solutions [157.230.133.164]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A9B96C14F604 for <oauth@ietf.org>; Thu, 26 Dec 2024 16:14:47 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alkaline-solutions.com; s=dkim; t=1735258486; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ZfyfmX7W2yBnmCIeNxf7xnvHYcFv2e35O9I+qY76qas=; b=pw7MYV995qw/7eFd/qxriEgkjs5spdFXVip4UyNDF5JSDtIn0NQ+a42/BRO7Zf/H99MMtt KXDJWCZMqQ31ulnfsRrouOym6in+GKarjpzeNtSDSwqD5JYbJuFitKlVVLEJUEv3DFz/J8 5rLsgLgF0tSwPsHB9ef7MGOApe9TgEWwRNbe5etpgW5EFAOAM4IuzgHVLlqxyJ0zPT8B7U GyYmyzz+YMcLMkMpf9ur66pKvwnTB3WZtDW3/8/aCC3DjNvlq4VU1MnsZ4Tcalop4MtV6H jNr7bSfAxpZGX8+ZA0BLLGmK1iYrt+FW1WmdOsCGCP7unLxH9IC7rdT9fzSNiQ==
Authentication-Results: mail.alkaline-solutions.com; auth=pass smtp.mailfrom=david@alkaline-solutions.com
Mime-Version: 1.0
From: David Waite <david@alkaline-solutions.com>
In-Reply-To: <CAK2Cwb5cf9uHJBNZp2rZ+BQcUNPpC7-GfPPhu4ben1N6ZyEa9w@mail.gmail.com>
Date: Thu, 26 Dec 2024 17:14:19 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <005A4346-84CE-47CD-BCCC-9EE236F569F1@alkaline-solutions.com>
References: <CACsn0cnEJKamSSJH4-pKg1xNZ3X+__B4UwZ3P5enxP5tQ4AqzA@mail.gmail.com> <CAK2Cwb5cf9uHJBNZp2rZ+BQcUNPpC7-GfPPhu4ben1N6ZyEa9w@mail.gmail.com>
To: peace@acm.org
X-Spamd-Bar: --
Message-ID-Hash: NS72KHWUOURWH53RBMJXIZVDOQGFRX55
X-Message-ID-Hash: NS72KHWUOURWH53RBMJXIZVDOQGFRX55
X-MailFrom: david@alkaline-solutions.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF oauth WG <oauth@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [OAUTH-WG] Re: Alternative text for sd-jwt privacy considerations.
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/iePjaUFW2JlZRcNL0cyJSgqu8HM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
> On Dec 26, 2024, at 10:38 AM, Tom Jones <thomasclinganjones@gmail.com> wrote: > > This problem was clearly demonstrated by the California mDL hackathon where the default presentation was ALL DATA. That is the easiest path, so it remains the one most taken. We have known since standards were first introduced that they immediately create a drive to the bottom. This will be the fate of this standard as well. The most permissive interpretation will be the most common. The user's desires will not be met. > The consequence of splitting out the policy for controlling data release from the issuing authority is that the complexity that was the business logic for handling requests, determining if they are appropriate for the use case, prompting the user for consent, etc. is now all complexity pushed into the (likely third party) user agent. Architectures like PRIVACYPASS create individual solutions to release a particular type of information in the most privacy-preserving manner they are capable of. This sort of business logic is baked into the protocol, and the scope of implementation is thus boxed to solve that particular problem. The user agent can only work per the spec if it intends to work properly, and following the specification (hopefully) leads to a complete implementation. The majority of verifiable credentials systems proposed have no such bounds - which is one reason you are likely to see credentials often scoped to be issued only to specific, qualified wallets in production. Those specific user agents will enforce the required security and privacy requirements the issuer has for their credential. That is both their own policy logic to be enforced (such as a credential being bound to hardware), as well as their own requirements for appropriate user behavior (such as mandatory authentication and mandatory disclosure before the credential is released). That could include verifier authentication and having the holder agent confirm the verifier is authorized by the issuer to make the sort of request they are making - before a user consent prompt ever enters the picture. You could say that the captcha usage of privacy pass and AAMVA mDL usage are the same in that they develop trust frameworks that define the network of acceptable participants. I suspect however that the requirements for the latter contain significantly more requirements and potentially new technical works. A mDL hackathon has likely not set such policy or mandated that mDL and readers abide by it. They may not even have wanted to limit participants to having support for specifying complex queries (especially with the OpenID4VP query language changes which occurred recently). I’m not surprised a hackathon defaulted to a wide-open attribute policy. -DW
- [OAUTH-WG] Alternative text for sd-jwt privacy co… Watson Ladd
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… Tom Jones
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… Wayne Chang
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… Tom Jones
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… Wayne Chang
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… Tom Jones
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… Wayne Chang
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… Pierce Gorman
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… Tom Jones
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… Tom Jones
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… David Waite
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… Tom Jones
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… Brian Campbell
- [OAUTH-WG] Re: [External Sender] Re: Alternative … George Fletcher
- [OAUTH-WG] Re: [External Sender] Re: Alternative … Watson Ladd
- [OAUTH-WG] Re: Alternative text for sd-jwt privac… Watson Ladd