IETF Logo Mail Archive

[OAUTH-WG] Array Disclosure (was SD-JWT architecture feedback)

Denis <denis.ietf@free.fr> Mon, 23 September 2024 07:07 UTC

Return-Path: <denis.ietf@free.fr>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BB49C1CAE66 for <oauth@ietfa.amsl.com>; Mon, 23 Sep 2024 00:07:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RT5t_rJVjWfq for <oauth@ietfa.amsl.com>; Mon, 23 Sep 2024 00:07:23 -0700 (PDT)
Received: from smtp6-g21.free.fr (smtp6-g21.free.fr [212.27.42.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 429BFC1CAE70 for <oauth@ietf.org>; Mon, 23 Sep 2024 00:07:23 -0700 (PDT)
Received: from [192.168.1.11] (unknown [90.91.46.145]) (Authenticated sender: pinkas@free.fr) by smtp6-g21.free.fr (Postfix) with ESMTPSA id F1C4B780519; Mon, 23 Sep 2024 09:07:20 +0200 (CEST)
Content-Type: multipart/alternative; boundary="------------cMk8VOAGqWt1VrrvR4E4bacS"
Message-ID: <33d96631-5cf6-4dbd-b9d5-1ff60171cb97@free.fr>
Date: Mon, 23 Sep 2024 09:07:21 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: Daniel Fett <mail=40danielfett.de@dmarc.ietf.org>
References: <CAD9ie-s9kricU8_VBBucQMob-n1jWN5xHd5Ymck=biUWqpH9yQ@mail.gmail.com> <e64eb21d-1ef4-4352-9c74-ffbb853ce3da@danielfett.de>
Content-Language: en-GB
From: Denis <denis.ietf@free.fr>
In-Reply-To: <e64eb21d-1ef4-4352-9c74-ffbb853ce3da@danielfett.de>
Message-ID-Hash: CZ2Z2YFN5J3BG7J2SE2WGTQQYWXAFQSZ
X-Message-ID-Hash: CZ2Z2YFN5J3BG7J2SE2WGTQQYWXAFQSZ
X-MailFrom: denis.ietf@free.fr
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: oauth@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [OAUTH-WG] Array Disclosure (was SD-JWT architecture feedback)
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/nDd07g5Vw3flU6XXZRpTSNnwFBs>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>

Hi Daniel,

Among the five topics, I picked this one:

>> *Array Disclosure*
>> Is this really needed? The only example I saw was for multiple 
>> citizenships. Would the issuer of an SD-JWT that contains a subject's 
>> citizenship not be the country who they are a citizen of? Why would 
>> another country be authoritative that the subject is a citizen of 
>> another country? In the example, it is hard to imagine a 
>> verifier trusting the US to say someone is a DE citizen, or vice 
>> versa. The array of age claims in example A.3 does not need the non 
>> intuitive '...' array mechanism.
>
> Yes, it is needed. First of all, SD-JWT can be used universally, not 
> just for credentials. Second, even if used for credentials, there are 
> many types of credentials
> where there is a use case for disclosing only some array values. Take 
> an education credential as an example, where the holder may want to 
> disclose only relevant courses
> and grades. You'll find more use cases in the examples in the appendix.
>
> A bit besides the point, but in the EU context we do in fact plan for 
> credentials attesting other nationalities (and have good reasons to do 
> so, here PID credentials derived from the eID card for EU citizens, 
> see 
> https://bmi.usercontent.opencode.de/eudi-wallet/eidas-2.0-architekturkonzept/functions/00-pid-issuance-and-presentation/#pid-contents 
> for details).
>
1) OpenID Connect for Identity Assurance Claims Registration 1.0" issued 
on 9 September 2024 mentions the String array claim "nationalities".
     See: https://openid.net/specs/openid-connect-4-ida-claims-1_0-01.html

     However, this draft will hopefully be published before the OpenID 
Connect document.
     Hence, wouldn't it be beneficial to define the String array claim 
"nationalities" in this IETF document ?
     If it is the case, then the following String array claim should be 
registered in section 13 (IANA Considerations):

        "nationalities".

2)  Shouldn't this document also define in section 13 (IANA 
Considerations) the following String array claims:

        "age_equal_or_over", and
        "age_under" ?

3) "Section 5.2.6 (Recursive Disclosures) provides the following example:

        "nationalities": ["DE", "FR", "UK"]

This is a nice example. It would be worthwhile to describe how, using 
decoy digests, the Holder can hide the number of nationalities
from an individual,while disclosing, e.g., only two of them. Annex A1 
does not allow to clearly understand the mechanism.

Denis

v2.29.0 | Report a Bug | By Email | System Status