IETF Logo Mail Archive

Re: [OAUTH-WG] Type Metadata for SD-JWT VC

Oliver Terbu <oliver.terbu@mattr.global> Tue, 09 April 2024 10:22 UTC

Return-Path: <oliver.terbu@mattr.global>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75318C14F6A8 for <oauth@ietfa.amsl.com>; Tue, 9 Apr 2024 03:22:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.075
X-Spam-Level:
X-Spam-Status: No, score=-2.075 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_KAM_HTML_FONT_INVALID=0.01, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mattr.global
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AvYf7GequUZh for <oauth@ietfa.amsl.com>; Tue, 9 Apr 2024 03:22:43 -0700 (PDT)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01on2119.outbound.protection.outlook.com [40.107.107.119]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 71863C14F6AA for <oauth@ietf.org>; Tue, 9 Apr 2024 03:22:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=km8LuHlw15rYqOmGlkeB7aAHdrGWlqKKLHY42w6FpJ0ZYT13q3RYNRwSMijtM4CTIOkEEvpPaJPVRsCcdLOk/fFQ0lUEiDZW/ar6t/5SZLABj//T9IX4N/hfuv3FgNdmzi9zCBenJ93n3Mcc4tIe2Lmanl205YXJrh1emvygOZQoaL8HIeLnwhLqRyUiINRbKRJopQJljAAyQjdS541eQpV69O1GbTMne4k4dQaWI20EdqhcnJ87T2lrKxSBI5U3XpRlLQireZKjGzzeYuAeKHpBIWB/Qe17fPa1IbKoBvQSIUW9cIVP5E4ykWNQPNTvxEkrrrqNsBTDUbfSMyfFYw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=RODc6O4+1sVTLtBAxbNQCs2UCzeE36LB3y2TIqZxYeg=; b=Tgjvshs3cqCGFPlZqfQp4GJXdb2RfMw5WNO1+zPyQpXwxNcufp30lcte9QaDDfQrReHNt4ctVBilDrMOCqpG7gRZh2/Jl+JB99mHQZWRinG8EmglUvTf3SQvgBZ8xQ15n6rsU6/pLucW5v5vURWLcYpwt4J8pp1LQauKz4V5/ePtaiI1hu2PINCwoVsFuKtjoakzTV+ltj2FH99FZSOcST177JUERzYQIZe0fyoPZFRpjLxILYMf9F5XLQl5R+EE0dYUiqErmRfNLPEIqYL8ITr35VFtLH7u4ekDHB+DXmqSZEMFn0evbD/JsFPoymgVTwsn4b6KGU0/PSFvVkWzmw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mattr.global; dmarc=pass action=none header.from=mattr.global; dkim=pass header.d=mattr.global; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mattr.global; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RODc6O4+1sVTLtBAxbNQCs2UCzeE36LB3y2TIqZxYeg=; b=fPlUQpp+6U8jOQ1oPJwKEIR7+dMbiYlS6Z+xZ+QSwYwjevadCLLZOpGwlVraAoBzW2id+VI0pImdfnsKyvYWsrwJW45mQ49EOEtNmuxg83atvRyqXfnbN7qMRHY1X6iLK82WShWjog+hn9pjMsecx5zKuU+ayML2zU3Rd4w0E20=
Received: from ME3P282MB1347.AUSP282.PROD.OUTLOOK.COM (2603:10c6:220:8e::13) by SYBP282MB4149.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:1a5::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Tue, 9 Apr 2024 10:22:39 +0000
Received: from ME3P282MB1347.AUSP282.PROD.OUTLOOK.COM ([fe80::893:8b15:9041:bbd3]) by ME3P282MB1347.AUSP282.PROD.OUTLOOK.COM ([fe80::893:8b15:9041:bbd3%3]) with mapi id 15.20.7409.053; Tue, 9 Apr 2024 10:22:39 +0000
From: Oliver Terbu <oliver.terbu@mattr.global>
To: Jacob Ward <jacob.ward@spruceid.com>, Daniel Fett <mail=40danielfett.de@dmarc.ietf.org>
CC: oauth <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Type Metadata for SD-JWT VC
Thread-Index: AQHahZe9EoGVu0Xe0k+c0D+YwFvq77FW2JCAgAjraKM=
Date: Tue, 09 Apr 2024 10:22:39 +0000
Message-ID: <ME3P282MB13474BDC956C24377317471AF0072@ME3P282MB1347.AUSP282.PROD.OUTLOOK.COM>
References: <680b1aac-3845-461d-a063-09f7a7db9dd9@danielfett.de> <CAGDGPRZy3vP2J=YUExqGr4_gcMZuD9-6ytWHdihHsyAJNdAgfA@mail.gmail.com>
In-Reply-To: <CAGDGPRZy3vP2J=YUExqGr4_gcMZuD9-6ytWHdihHsyAJNdAgfA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: ME3P282MB1347:EE_|SYBP282MB4149:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 21AsFM0IxM8/jNcAa6rQjSr6ODjC+pSFYa0V/tcQeDoAygtAU1zP9aMHxyjzqX+qhFVe0LwDivThvtmatjMuoa0gmHr/SJ+06KPiOy5JkDk3KF60tLh3lHqrJ01MWPzU+SMIme8YJoJqNipcZeP2OqGHV3B3EuT4U/DF558gTqGo8eX2vrNXv8JlG+tlInH5idhbl09DmOjcuvlhmRyU7CapWeh6y0Zak0Um/aOKydNApXLNcIAOstQeDxKMj/J1odj7u6mtHfksA39mt0hGbDnhYKQLT3Xhe6rqmq6iEahmdzROKGQYNgmvIouigax/vtfEXo2ZwccM6scCEfzXZzq6vY1RtBixaaFa1JpMfs5YpuryKLujIIJMfFQZxlTq2+EL4dZ3V/yr+gv2/8r925EI0DLhTDuZa5W484HhRi/gyJBFoBKD3Kbfa1IA4wp4Kgp6NK6jaywh+lJNc+SrQIceb+Gxa7QPBKiq+cSn6Y7g76IukL5lIx2CTu3LxOt3erXHlMGCO2R8+lcPZsKgpHGFHl0jPr81mkm5b83jzauF6oVl+wx2JxuEWUVxCyE42FQZeHxWvnSkiaT/D2dMY/73rnUfN6J4K+MZsiOzbxn19AGQjskjQAwdbbNPVt7Mw+H18UwOWFUTo98QiW42+OZ6tAHCSEAthUqkKTWONDo=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:ME3P282MB1347.AUSP282.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(1800799015)(376005)(366007)(4143199003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: ajDPzilXLkxby0ORHBUINq0SoQ9Hdh9dBH2nhFHUdBYw/kVTJfyMnX9QSPRa8E/3TIRNUyuZa5bPQ9B+OKcfYtnJa2eQK35e7qERecSEmLztUrawRJ8/D1Jn/8Bq/KHPC7FVJrOoTcCbnJZYgk07k6GUOfmkiCEbv3s4pgrrvUN2TLKV3uKZxOhXhM7UpadXylj3FV+rDG6eWwLoivJfHSdjMyBsbDe32JS6dQykabNN0sfJCqVXzvsUi37+XWuwTtTMXXqQDb29U8yhMs8c6fGIPtLHMPrPMXRvSf6RcSCuXt8htwrU7fUHD4dSGEpAn18/wmvB3VE+J5OddpOPDuwT9cd7LljantOuzzMN6yswF+XbIHIv/wZq/P+CcbxgVnPLBuZCvRiCDJKbkJua/aTNuKpdNtVoTRFGY90DZUDN5L02WowPPj1VW//QcbxIh5Wtx6lbvD7XTHI+bsbo6Bk+uVmGoH/MKeLlj1PlhLqngAoVzMifdXDNEekNn4kOcJ2MxheBGeyw3w+hWPBtVdH1T377uU77I3733TBCOswX69uVveVtJJx22ZaPsi9zNmsSr8bdPoMRd8NvbvB0M0xjrT3PGLLyDJo6Etx6AMkuEsrPOvHGCVogIah7DFy9qiK80PGuMSiGcCtI3VTjWF9s+y6f50I5jBR9TPYhvDgX8HhhXoP+rLBhwka0HQPkyutC7Ji5L7i0Nzr21prZn6XB49qDBtQ7sQN/u+UWEuTVxiejBfL+er4m9SxZ/hIAqvFXV3S/N3mvsX09GWw0nVxwLnCsulH1jOifunzLNxSIxja8hpPSE5Q9Tt2WNHrFLdWWeJ+g+gndnXpZp802tlS2zh8yqukQSbvJRQcf3vt2rqp+A4zU96hLMp5r2T36LiadmXaw9vE/N5yd6XS6ZUDcMenriotTo1wRsUdNzfLwjsflY3FaE07hLZyiJD2rQ7X1racvVeVH4DWm1pMpTHMG/bwKIJYXxJHJuWRIZkuUbZK5Ij8v5ISTgH9Ks+Q10BSJnDPI2VWPWKe4GyPJPrfN8NRw95zmX7uXkj/popdN+eD/lt+apYCwj3hCbxPW1tfF6TYiMLuvE8p6i26FjyIIBBoGuRBX30n9a7xQb4SwkIjB6VzPiyrlnxwEs6AqAsOZXkzsObyWlZIJ05KK62m1RQqjatJcYgDlSHM/BU58ZzdDqtaFV2+HD+GxMmMcu5UKw5cqgQzbgvj4v5vE+1LTv3n/0rUFKxY/XrXSU36z4E4so+DN492vyha5C66ABY1X9DQ4ljjhpumYjqlqLNERcOT+wQhwTbwbJJ5mo+lKM5dKOmhwmIhL6Yoo3L0AN8O6HxiWSkBgT/nj+dyLsHHJjJ2CAbHk2Evl10eThSB3a/vShsz9zA5Nw1iUlObgU/cGd8rqkTCmHNrOEH67EwJeV+546klK/rS0te9lp1Dvx2Fs6o30XEpKpU/tL+gkZpGPS+ISEdbPIdcY1RHMyjIENjRk3B9Rr64gQgxJsuYXlIuEFScdDwzQUmlm5QINbz4TP8o+kiiSeZFiz9CrpVytTXXqkHH1Ww+Koq6wdofq9s+405WIopPGCcwtEeMgN/xEVaQSi3XWEuy+4b1lZwHD3PDmOVN5Ddb3Y8vUzpXUNuMY8awwgpNHuJXdq5TT
Content-Type: multipart/alternative; boundary="_000_ME3P282MB13474BDC956C24377317471AF0072ME3P282MB1347AUSP_"
MIME-Version: 1.0
X-OriginatorOrg: mattr.global
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: ME3P282MB1347.AUSP282.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 6b5621bc-1041-4414-f5a5-08dc587efbb2
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Apr 2024 10:22:39.1354 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c2c9cf73-6aae-4702-9844-02adab723771
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 46mnnUn9+YpxkBQQFMaupketkJnwXZw2C+2Iu5I9iFAE1apxvgd1H3MHQnjQZUgOESvsaboYuhhfzY5YSG/NXtnpMLgiOMMvbQ7kfA+dUoc=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SYBP282MB4149
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/onvZQgvwtuoyF0rzyruilDjehA4>
Subject: Re: [OAUTH-WG] Type Metadata for SD-JWT VC
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Apr 2024 10:22:47 -0000

Jacob, I believe we can always create a CDDL and support other media types in the same way as https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list/ supports CBOR/JSON if this is required in the future.
[https://static.ietf.org/dt/12.9.0/ietf/images/ietf-logo-card.png]<https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list/>
Token Status List<https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list/>
This specification defines status list data structures and processing rules for representing the status of tokens secured by JSON Object Signing and Encryption (JOSE) or CBOR Object Signing and Encryption(COSE), such as JSON Web Tokens (JWTs), CBOR Web Tokens (CWTs) and ISO mdoc. The status list token data structures themselves are also represented as JWTs or CWTs.
datatracker.ietf.org

________________________________
From: OAuth <oauth-bounces@ietf.org> on behalf of Jacob Ward <jacob.ward@spruceid.com>
Sent: Wednesday, April 3, 2024 8:08 PM
To: Daniel Fett <mail=40danielfett.de@dmarc.ietf.org>
Cc: oauth <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Type Metadata for SD-JWT VC

EXTERNAL EMAIL: This email originated outside of our organisation. Do not click links or open attachments unless you recognise the sender and know the content is safe.

Hi Daniel,

I'm not sure anyone has published a draft yet, but given that there is a draft for SD-CWT I wouldn't be surprised if SD-CWT VC appears at some point. With that in mind, has there been any discussion on having an encoding-agnostic specification of this metadata, rather than JSON specific?

Thanks, Jacob

On Wed, Apr 3, 2024 at 8:22 AM Daniel Fett <mail=40danielfett.de@dmarc.ietf.org<mailto:40danielfett.de@dmarc.ietf.org>> wrote:

Hi all,

as discussed during IETF 119, we would like to introduce what we call Type Metadata to SD-JWT VC.

For a bit of context, the intention is to provide a mechanism to provide information about credential types (e.g., a JSON schema, display/rendering information, a name and description to be used by developers, etc.). Type Metadata can be organized in a hierarchical structure using "extends" relationships.

The need for such a mechanism developed from discussions around the 'vct' (Verifiable Credentials Type) identifier<https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/181> in SD-JWT VC and again in the context of the EUDI Wallet<https://github.com/danielfett/sd-jwt-vc-dm>.

I drafted a first tentative design in this specification<https://vcstuff.github.io/sd-jwt-vc-types/draft-fett-oauth-sd-jwt-vc-types.html> and we now want to revisit that and start moving pieces of that over to SD-JWT VC.

The first PR<https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/220> introduces the basic Type Metadata structures including the extension and integrity protection mechanisms. It lacks many of the features we would like to see in an MVP, so we plan to release a new draft only after introducing a few more features<https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/224> in follow-on PRs.

We would like to invite you to review the PR and let us know if there is any feedback! I also plan to discuss this in more detail at an unconference session at the OAuth Security Workshop.

-Daniel, Brian, Oliver


_______________________________________________
OAuth mailing list
OAuth@ietf.org<mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email