I've rewritten the introduction. Take what you want from it!
I dropped language about how the mechanism is general purpose and is easy
to use. This is not a patent application!
I submitted as a PR as requested, and am including the text below so it is
more accessible to the list.
----
# Introduction {#Introduction}
JSON Web Tokens (JWT) [@!RFC7519] have become a popular mechanism for
exchanging claims between systems. When exchanging the JWT directly between
an issuer of a JWT and the verifier of a JWT, the issuer can select which
claims that it wants to disclose to the verifier, minimizing the
information shared. A new model is emerging that decouples the issuance of
a JWT from the presentation and verification of the JWT. A JWT containing
many claims is issued to an intermediate party, who holds the JWT (the
holder). The holder can then present the JWT to different verifying parties
(verifiers), who each may only require a subset of the claims in the JWT.
For example, the JWT may contain claims representing both a verified phone
number and an email address. The holder would like to disclose only their
phone number to one verifier, and only their email address to a different
verifier.
This functionality is enabled by the issuer creating digests of each claim
that could be selectively disclosed. The digest is then included in the
signed payload rather than the claim. The holder presents the signed
payload with the claim to be selectively disclosed along with the salt used
to create the digest. The verifier can then compute the digest and confirm
it is included in the signed payload. This selective disclosure mechanism
for JWTs is called SD-JWT.
With the introduction of an intermediate party (the holder) to the exchange
of claims, the verifier would like assurance when a SD-JWT is presented,
that it is presented by the same party that was issued the SD-JWT. Proving
possession of a private key by signing an artifact is a widely available
mechanism for a party to prove they are the same entity. This document
provides a mechanism where the holder proves possession of a private key to
the issuer of a SD-JWT, who can then bind the matching public key to a
SD-JWT by including it in the signed payload. The holder of the SD-JWT can
then prove they possess the matching private key when presenting the SD-JWT
to a verifier by signing a separate JWT with their private key. This
document provides a SD-JWT key binding mechanism (SD-JWT+KB).
While SD-JWT allows the holder to select which claims are released to a
verifier, it does not enable redaction of the identity of the issuing party.
_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org
