Re: [OAUTH-WG] Request to add a profile parameter to +jwt and +sd-jwt
Orie Steele <orie@transmute.industries> Mon, 27 November 2023 15:18 UTC
Return-Path: <orie@transmute.industries>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DA8FC151089 for <oauth@ietfa.amsl.com>; Mon, 27 Nov 2023 07:18:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=transmute.industries
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id njlDFyQtuYnJ for <oauth@ietfa.amsl.com>; Mon, 27 Nov 2023 07:18:30 -0800 (PST)
Received: from mail-pg1-x52c.google.com (mail-pg1-x52c.google.com [IPv6:2607:f8b0:4864:20::52c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F827C15108E for <oauth@ietf.org>; Mon, 27 Nov 2023 07:18:30 -0800 (PST)
Received: by mail-pg1-x52c.google.com with SMTP id 41be03b00d2f7-5a9bc2ec556so2495785a12.0 for <oauth@ietf.org>; Mon, 27 Nov 2023 07:18:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transmute.industries; s=google; t=1701098309; x=1701703109; darn=ietf.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=bxeIXejtQ5s0Eq//5Gu6SnDifAP3aPOmCMZ/dFFos/w=; b=H+Y8bACSGCoJDaPRV9Bfuq++UAPK0bDv6X8pmhdwXWKsAG43wQg6fOb7yg99O14Ied +d9Csf2AjZ5ULL07/IsU0OOTWa1alyoa4gubNZaITE63+OLpPGSan54CCjx2JL2Xr+Lq N+h0IBdfxcoklCOcH6jjB7zvxoyJHOgju3XBxAZXSoEL4NYN7MiFHLgIlngtOWA0Hx1t Qgwi9EV4ER5RhBD78pkeS3l2u6krslI28CNvMvxxTH8uScQYcVEmNj4Pclu5hFL7ckiD lh4cVEROohjyraPgIuwuOog8jX4UbSLZZjP1LuVn1lff7EsueSeaQ5Sou17BMvT9q6+m lHtg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701098309; x=1701703109; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=bxeIXejtQ5s0Eq//5Gu6SnDifAP3aPOmCMZ/dFFos/w=; b=P5l7Ae9M054O+XvP3u1IQD87fGgCqCJuSsA/lbQzJMH0YQwxVsl2TbP59HqK8yjr0U LhlU5TLuaeF1C+W9ZAkr58Nc2h1vv6jwlICtL7QdQp2mg/wGJm75nmSA2595zhewzOyw CVxRFsSL4zmn6vRBFJMsaY4kTYS8SfXQ6qvyHec9ayEOB3yQo0h8gD69LXMkIKoKr2XG 6TcmnWSWuDEOTVw5KOh7H7KOOrqKaFJ7uHH5+U3LKZPaK07SfNE1+g4i2GjAKUalx+pv xFlHAtfkEbz8nXnTK7xsDeIti1CBhXF9rq88T69SaxbPrmWwUi0JmRkVkgz1PVlrUgCN 9DLQ==
X-Gm-Message-State: AOJu0YwZo0fmLJ0CYqhPanOny9pWddR6Rlmfv9Ff2JGIh6KivYj9mS1b JMwMn+lO8EyuG09L9zZ2HX37TE0XUo8X1CABrUmUr+wQTtw0teJ/hMQ=
X-Google-Smtp-Source: AGHT+IEJs4zY1zjgWX9DbpOJ8Wpd9ew0Uq4FQTYbTxJtnowiZM3XJANb+Ur3+mpTQR8yQLA/coKKJ99GWc1UStsN1LU=
X-Received: by 2002:a17:902:c408:b0:1cf:7c3d:df68 with SMTP id k8-20020a170902c40800b001cf7c3ddf68mr12616894plk.39.1701098308909; Mon, 27 Nov 2023 07:18:28 -0800 (PST)
MIME-Version: 1.0
References: <CAN8C-_JCOnf4ifGMxOaLugEoXMdphb0fcTRTa2YmSqwo5DjVhA@mail.gmail.com> <CAN8C-_JHf_os0qfgV+ZKo7pOwY4hWcCzNCtaTnFCddD0o2PMRw@mail.gmail.com>
In-Reply-To: <CAN8C-_JHf_os0qfgV+ZKo7pOwY4hWcCzNCtaTnFCddD0o2PMRw@mail.gmail.com>
From: Orie Steele <orie@transmute.industries>
Date: Mon, 27 Nov 2023 09:18:18 -0600
Message-ID: <CAN8C-_L_JfoNOF8qO66hXU7GiY3dYTzh_6Hh-zL=oEQL7ooNJw@mail.gmail.com>
To: oauth <oauth@ietf.org>, IETF Media Types <media-types@ietf.org>, W3C VC Working Group <public-vc-wg@w3.org>
Content-Type: multipart/alternative; boundary="0000000000006e550a060b23d0f7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/wG-ciZWCTatf_F5iLuPERZq6p0M>
Subject: Re: [OAUTH-WG] Request to add a profile parameter to +jwt and +sd-jwt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Nov 2023 15:18:34 -0000
If you are interested in how this `profile` parameter might be related to other credential formats at W3C, for example anonymous credentials built on top of data integrity proofs, see this issue: https://github.com/w3c/vc-data-model/issues/1363 Regards, OS On Mon, Nov 27, 2023 at 9:00 AM Orie Steele <orie@transmute.industries> wrote: > An afterthought... we could also punt on the impact of multiple suffixes > by following the convention activity pub used: > > https://www.w3.org/TR/activitystreams-core/#media-type > > application/ld+json; profile="https://www.w3.org/ns/activitystreams" > > For W3C Verifiable Credentials that could be: > > application/ld+json; profile="https://www.w3.org/ns/credentials" > > Noting that W3C already supports https://www.w3.org/ns/credentials/v2 > > Regards, > > OS > > On Mon, Nov 27, 2023 at 8:55 AM Orie Steele <orie@transmute.industries> > wrote: > >> Hello, >> >> There was a request to add media type parameters to application/sd-jwt >> and +sd-jwt made here: >> >> https://github.com/w3c/vc-jose-cose/issues/184#issuecomment-1827973403 >> >> TLDR; TallTed believes that the convention in the JWT BCP is not correct: >> >> https://datatracker.ietf.org/doc/html/rfc8725#name-use-explicit-typing >> >> So instead of seeing: >> >> application/secevent+jwt >> >> We should be seeing: >> >> application/jwt; profile=secevent >> >> This is a general form of the challenges associated with using multiple >> structured suffixes with JWTs. >> >> See these related drafts: >> >> - >> https://datatracker.ietf.org/doc/html/draft-ietf-oauth-selective-disclosure-jwt-06#name-structured-syntax-suffix-re >> - >> https://datatracker.ietf.org/doc/html/draft-ietf-mediaman-suffixes-06#section-2.3 >> >> Note that the change controller for `application/vc+...` would be the W3C >> per the latest draft language in draft-ietf-mediaman-suffixes-06. >> >> The W3C could then reject any attempts to register >> `application/vc+ld+json+sd-jwt` or `application/vc+sd-jwt` or >> `application/vc+jwp` in the future. >> >> If instead we used a meda type parameter to signal profiles... instead of >> suffixes, the change controller rules from multiple suffixes would not >> apply. >> >> Regards, >> >> OS >> >> >> -- >> >> >> ORIE STEELE >> Chief Technology Officer >> www.transmute.industries >> >> <https://transmute.industries> >> > > > -- > > > ORIE STEELE > Chief Technology Officer > www.transmute.industries > > <https://transmute.industries> > -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries>
- [OAUTH-WG] Request to add a profile parameter to … Orie Steele
- Re: [OAUTH-WG] Request to add a profile parameter… Orie Steele
- Re: [OAUTH-WG] Request to add a profile parameter… Orie Steele
- Re: [OAUTH-WG] Request to add a profile parameter… Carsten Bormann
- Re: [OAUTH-WG] Request to add a profile parameter… Michael Jones
- Re: [OAUTH-WG] Request to add a profile parameter… Tom Jones
- Re: [OAUTH-WG] Request to add a profile parameter… David Waite
- Re: [OAUTH-WG] Request to add a profile parameter… Tom Jones
- Re: [OAUTH-WG] Request to add a profile parameter… Denis
- [OAUTH-WG] About interoperability between indepen… Denis