A few points:
* Batch credential issuing is completely transparent to the user.
* The selection is done by the Wallet, before presentation.
* It doesn't need to be random, the Wallet can just select the next
credential.
-Daniel
Am 21.09.24 um 17:53 schrieb Tom Jones:
that doesn't answer the question about users randomly selecting some
to store and some to reject. This seems to me like user private
information.
As is most of the feedback to the issuer from the wallet.
Peace ..tom jones
On Sat, Sep 21, 2024 at 7:30 AM Daniel Fett
<mail=40danielfett...@dmarc.ietf.org> wrote:
Hi Dick,
Batch credential (not claims) issuing has become the default
approach to circumvent the inherent limitations of
salted-hash-based credentials formats. This was neither invented
by us, nor is it unreasonable to ask implementers to do it.
Protocols such as OpenID4VCI support it.
-Daniel
Am 21.09.24 um 06:42 schrieb Dick Hardt:
Is it really going to be practical to batch issue claims, and
have the holder randomly choose between them on presentation?
As an implementer, what is the right number of claims to be in a
batch?
This section of the draft reads as a hack to add a new capability
(unlinkability) to a mechanism that did not have that as a design
objective.
This is going to be like the "alg":"null" for SD-JWT. :-)
_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org
_______________________________________________
OAuth mailing list --oauth@ietf.org
To unsubscribe send an email tooauth-le...@ietf.org
_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org
