The privacy considerations section does not have enough RFC 2119 language in the Unlinkability section. There is no workable guidance on how to mitigate these risks. Presentation to users is not a workable solution: please learn from how browsers have suffered a lot at this. It's also very prolix. This is in contrast to 11.1 and 11.2.
Sincerely, Watson On Tue, Sep 3, 2024 at 3:40 AM Rifaat Shekh-Yusef <rifaat.s.i...@gmail.com> wrote: > > All, > > As per the discussion in Vancouver, this is a WG Last Call for the SD-JWT > document. > https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-11.html > > Please, review this document and reply on the mailing list if you have any > comments or concerns, by Sep 17th. > > Regards, > Rifaat & Hannes > _______________________________________________ > OAuth mailing list -- oauth@ietf.org > To unsubscribe send an email to oauth-le...@ietf.org -- Astra mortemque praestare gradatim _______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org
