Return-Path: <watsonbladd@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
	by ietfa.amsl.com (Postfix) with ESMTP id E2616C14F6FE
	for <oauth@ietfa.amsl.com>; Tue, 24 Dec 2024 06:34:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level: 
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5
	tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
	DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
	HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001,
	RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001,
	SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01]
	autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
	header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194])
	by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 6t9Nf7ypwlhh for <oauth@ietfa.amsl.com>;
	Tue, 24 Dec 2024 06:34:11 -0800 (PST)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com
 [IPv6:2a00:1450:4864:20::431])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256)
	(No client certificate requested)
	by ietfa.amsl.com (Postfix) with ESMTPS id 2499FC14F61C
	for <oauth@ietf.org>; Tue, 24 Dec 2024 06:34:11 -0800 (PST)
Received: by mail-wr1-x431.google.com with SMTP id
 ffacd0b85a97d-385e0e224cbso2818890f8f.2
        for <oauth@ietf.org>; Tue, 24 Dec 2024 06:34:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1735050849; x=1735655649; darn=ietf.org;
        h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
         :date:message-id:reply-to;
        bh=FN4T3ZNlisscYjEAKGqRC535EU9/Ipql/iVnGUHhSnE=;
        b=OqmnzvIl12uuirUYnruNQ/9aHkwl0JIsk7wRkcRxflE3z5f6mI1usaEVGDrxWFhN7k
         0jqpjos6vUHjGRzoQ5ohG+hrOa5Yq1TKu7vXF5E4rC4PCPRb/y1AU6b+8K5YGC2gjZsq
         3Lc2A6DzvzIUXqNm3ukxYp6z8uZlvCv2JWrpJC+PcyJy4cDKBQ1lZMGRRj0JrM6xHs0v
         VQci0rRoiTC7FuGdN2AsJYxJSIEqF9vbEpdGSsgHC5fyoHhK30bn30eQILCeI19VNEOz
         jJ9ptnrHOI8wXFW18NQx/XrUOFIIgpxASTJb5tTnnfWCPwX9ym+M40EgEUZV0ahVI6rO
         rnFA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1735050849; x=1735655649;
        h=to:subject:message-id:date:from:mime-version:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=FN4T3ZNlisscYjEAKGqRC535EU9/Ipql/iVnGUHhSnE=;
        b=IbQE8FhRDZdkMEj5AvzlXCW3xyP56gDyl3lp20sMEWSWHU8Bt4+6QG4LboUyGHV3Oj
         UZv7aTu4X+Gf7yedzVBrIq9RrgkxpZE8O+YOG3jfVE6cZpItTVVmxjhbfbwKDqdSAoFS
         0Qyr2jN5Ngdu6NFeekSgN41+Vm9xWTfwD3EtpBhioTo6kGzgfbYDb1ibrhCe4z/bQxrJ
         vM11evpKH7rrSPQLpnUbZA1UUWz9iW0KhZ3GY6+4eXweaUeV0Im/hBTCDeHctu5QdgEN
         nwfy9By2rqCXrCJRHk1NAdPEhD3bAdQ4Hg6ZZR1SvV/r/0LIf0BuMznV7tiElu/gBjlL
         Hsow==
X-Gm-Message-State: AOJu0YyMa3CqTCtpxh056lBKxNlN2fEwnu+eo3yK8CMmGssLq4lgSHGB
	7p2dV9LBEYZNp21SuOS/5FrV+GjLXVZFHgB49obFF78cACTE0hOPim33Nwxgk+D/tGUJAml46xh
	i/uuEWirq7NZksYM34gED4brmvkzi/w==
X-Gm-Gg: ASbGncvKXxQzW5eTsFdPsUmkYkTTQH30AXIfPHVflErd3ZGexdS1K82gxEbtSuex5xu
	h1wTTzYF2NnDLpFiVjYmCbhw3b5oCjSBH3rYzlLXLZTfvU9i1MH4Q4g0B4MGRKOeJQjiZ7Q==
X-Google-Smtp-Source: 
 AGHT+IHg15bC/QMlQoRUaHMU5jryBpbLo46npAezp/p4HZnYsu4CpcOA4gCETp6eih9A+t9BES3Ey21O6Sg8oFI/AG4=
X-Received: by 2002:a05:6000:1a8c:b0:385:ee40:2d75 with SMTP id
 ffacd0b85a97d-38a221faf90mr14457850f8f.20.1735050848938; Tue, 24 Dec 2024
 06:34:08 -0800 (PST)
MIME-Version: 1.0
From: Watson Ladd <watsonbladd@gmail.com>
Date: Tue, 24 Dec 2024 09:33:57 -0500
Message-ID: 
 <CACsn0cnEJKamSSJH4-pKg1xNZ3X+__B4UwZ3P5enxP5tQ4AqzA@mail.gmail.com>
To: IETF oauth WG <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000084b49f062a050129"
Message-ID-Hash: H35AIMLNGP6CFOBFFIDRCJR2QBU6XTHZ
X-Message-ID-Hash: H35AIMLNGP6CFOBFFIDRCJR2QBU6XTHZ
X-MailFrom: watsonbladd@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; header-match-oauth.ietf.org-0;
 nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size;
 news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: =?utf-8?q?=5BOAUTH-WG=5D_Alternative_text_for_sd-jwt_privacy_considerations?=
	=?utf-8?q?=2E?=
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: 
 <https://mailarchive.ietf.org/arch/msg/oauth/ugVBj2O0hw-nuWNVTFpt0JH3yVY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>

--00000000000084b49f062a050129
Content-Type: text/plain; charset="UTF-8"

I see that people are uncomfortable with making any mandates, and so I've
tried to be purely descriptive in this proposal. I leave it to the WG to
decide where to put it, but I see it as a wholesale replacement for some
sections to emphasize clarity.

 "SD-JWT conceals only the values that aren't revealed. It does not meet
standard security notations for anonymous credentials. In particular
Verifiers and Issuers can know when they have seen the same credential no
matter what fields have been opened, even none of them. This behavior may
not accord with what users naively expect or are lead to expect from UX
interactions and lead to them make choices they would not otherwise make.
Workarounds such as issuing multiple credentials at once and using them
only one time can help for keeping Verifiers from linking different
showing, but cannot work for Issuers. This issue applies to all selective
disclosure based approaches, including mdoc. "

Sincerely,
Watson

--00000000000084b49f062a050129
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div>I see that people are uncomfortable with making any m=
andates, and so I&#39;ve tried to be purely descriptive in this proposal. I=
 leave it to the WG to decide where to put it, but I see it as a wholesale =
replacement for some sections to emphasize clarity.</div><div><br></div><di=
v>=C2=A0&quot;SD-JWT conceals only the values that aren&#39;t revealed. It =
does not meet standard security notations for anonymous credentials. In par=
ticular Verifiers and Issuers can know when they have seen the same credent=
ial no matter what fields have been opened, even none of them. This behavio=
r may not accord with what users naively expect or are lead to expect from =
UX interactions and lead to them make choices they would not otherwise make=
. Workarounds such as issuing multiple credentials at once and using them o=
nly one time can help for keeping Verifiers from linking different showing,=
 but cannot work for Issuers. This issue applies to all selective disclosur=
e based approaches, including mdoc. &quot;<br></div><div><br></div><div>Sin=
cerely,</div><div>Watson<br></div></div>

--00000000000084b49f062a050129--