I haven’t read the latest draft in a lot of detail, but I did check over the cryptographic details again and everything seems reasonable to me.
One error I noticed in section 5.2.4.1: "For example, using the digest of the object property Disclosure created above, the Issuer could create the following SD-JWT payload to make given_name selectively disclosable” I believe this should say “family_name”, as that is what is in the disclosure hash (the given_name is represented directly in the claims). (Also, where it references “the Disclosure claim created above”, it should probably explicitly say “in section 5.2.3”, but even that is still a bit confusing as there are two disclosures created in that section and neither lists the actual content of the disclosure being hashed). Other than that, it looks in good shape. — Neil > On 3 Sep 2024, at 11:39, Rifaat Shekh-Yusef <rifaat.s.i...@gmail.com> wrote: > > All, > > As per the discussion in Vancouver, this is a WG Last Call for the SD-JWT > document. > https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-11.html > > <https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-11.html> > > Please, review this document and reply on the mailing list if you have any > comments or concerns, by Sep 17th. > > Regards, > Rifaat & Hannes > _______________________________________________ > OAuth mailing list -- oauth@ietf.org > To unsubscribe send an email to oauth-le...@ietf.org
_______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org
