Hi David, The RP will know the schema of the received credential regardless of the number of credential types the Issuer is capable of issuing given each credential type has individual schema. What am I missing?
I think it heavily depends on the use-case and it is not clear cut when and how much information does or does not leak. I agree we should discuss all aspects of this in the privacy considerations. wrt mandatory and optional claims, just to note that there seems to be a use-case where mandatory claims are always revealed and included in SD-JWT outside "sd_digests", while optional claims are hashed and included in "sd_digests". Best, Kristina From: David Chadwick <d.w.chadw...@verifiablecredentials.info> Sent: Friday, June 24, 2022 2:16 AM To: Kristina Yasuda <kristina.yas...@microsoft.com>; oauth@ietf.org Subject: Re: [OAUTH-WG] Presenting Selective Disclosure JWT (SD-JWT) Hi Kristina Yes I realise that if the RP knows the schema then it will know the structure of the VC. In cases where an Issuer issues more than one type of VC then hiding the claims names (using your terminology) does add value. Remember also that the schema will say which claim names are mandatory and which are optional, so in cases where a VC has a lot of optional claims then hiding the claim names is even more valuable. The only case where hiding claim names has no value is when an issuer only issues one type of VC, and the schema makes all the claims mandatory. I think for the above reasons, then hiding claim names should be an option. Section 8.1 is only correct if claim names are revealed. If SD-JWT hid the claim names then it would not be revealing the schema of the JWT. (That is not to say that an RP might have alternate ways of discovering the schema, but SD-JWT would not be revealing it). Kind regards David On 23/06/2022 20:57, Kristina Yasuda wrote: Hi David, Thank you for the feedback. Blinding claim names has been considered. Here is the issue: https://github.com/oauthstuff/draft-selective-disclosure-jwt/issues/3<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Foauthstuff%2Fdraft-selective-disclosure-jwt%2Fissues%2F3&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C91a63c11ada4480c3c4708da55c231d3%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637916589809815666%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=0USscKr1kliJkKxqOT4l7DqodzKAHV3vkm%2FJfzAAJDw%3D&reserved=0> We made a choice not to hash claim names because SD-JWT already reveals information about the issuer and the schema, and revealing the claim names does not provide any additional information. The more comprehensive explanation is in this section in the draft: https://datatracker.ietf.org/doc/html/draft-fett-oauth-selective-disclosure-jwt-01#section-8.1<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-fett-oauth-selective-disclosure-jwt-01%23section-8.1&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C91a63c11ada4480c3c4708da55c231d3%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637916589809815666%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=piNmCIGkEUcN73EdKiAABIBMQqqaM97o%2FXPr4YbZCfc%3D&reserved=0> Best, Kristina From: OAuth <oauth-boun...@ietf.org><mailto:oauth-boun...@ietf.org> On Behalf Of David Chadwick Sent: Thursday, June 23, 2022 10:20 AM To: oauth@ietf.org<mailto:oauth@ietf.org> Subject: Re: [OAUTH-WG] Presenting Selective Disclosure JWT (SD-JWT) Hi Daniel Whilst I commend your initial efforts at SD, I find that the current draft is too privacy invasive since it reveals to the RP every property type that the user possesses, even though it does not reveal the property values. Revealing property types might be too privacy invasive in many cases. Some users may not wish to reveal that they have these properties to every RP. Can you investigate blinding the property types in the next version please? Kind regards David On 23/06/2022 17:32, Daniel Fett wrote: All, Kristina and I would like to bring to your attention a new draft that we have been working on with many others over the past weeks. "Selective Disclosure JWT (SD-JWT)" describes a format for signed JWTs that support selective disclosure (SD-JWT), enabling sharing only a subset of the claims included in the original signed JWT instead of releasing all the claims to every verifier. https://www.ietf.org/archive/id/draft-fett-oauth-selective-disclosure-jwt-01.html<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-fett-oauth-selective-disclosure-jwt-01.html&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C91a63c11ada4480c3c4708da55c231d3%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637916589809815666%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=qFv%2FJQLfbZ0plY9abxFEQo4PmXNJPlLWQBihEdK5r%2FU%3D&reserved=0> Initial feedback we got was positive and we now would like to hear from the working group with the eventual goal of asking for working group adoption. Issues are tracked in our GitHub repository: https://github.com/oauthstuff/draft-selective-disclosure-jwt/issues<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Foauthstuff%2Fdraft-selective-disclosure-jwt%2Fissues&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C91a63c11ada4480c3c4708da55c231d3%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637916589809815666%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=xhx0QqddJNDb8Kz%2FZV2p4qZODqFtWdd9rGfkLzUp9Pc%3D&reserved=0> The approach to selective disclosure described in the document is based on salted hashes. We have discussed and explored other approaches based on encryption as well. If you are interested in following this discussion, we would like to invite you to read this issue: https://github.com/oauthstuff/draft-selective-disclosure-jwt/issues/30<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Foauthstuff%2Fdraft-selective-disclosure-jwt%2Fissues%2F30&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C91a63c11ada4480c3c4708da55c231d3%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637916589809815666%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Igp9RdO5D%2BkKShtGxLeVJBcz1Usr8xuK8FG6PbNPe%2BY%3D&reserved=0> One main goal with this work is that the format should be easy to implement, requiring little more than a regular JWT library. Three working implementations show that this goal has been achieved: https://github.com/oauthstuff/draft-selective-disclosure-jwt#implementations<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Foauthstuff%2Fdraft-selective-disclosure-jwt%23implementations&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C91a63c11ada4480c3c4708da55c231d3%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637916589809815666%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ejyarN9TzlsKdgbewFOzvSNjox4AYGkCiB6MSiNeaHI%3D&reserved=0> We are looking forward to your feedback! -Daniel _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Foauth&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C91a63c11ada4480c3c4708da55c231d3%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637916589809971915%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=IpnrO%2Bltdn%2BQqxENG3wIWZxKtiKlEb0UahtTVf%2BsbHw%3D&reserved=0>
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
