I didn’t see anything in SD-JWT about a canonical disclosure ordering.
Disclosures from the issuer (and after selective disclosure) are to the best of
my understanding an unordered set - they are expressed in an order, but that
order is not meaningful for processing. The disclosures may be sorted or
randomized as part of the presentation process at the holder’s leisure.
However, once you do key binding JWTs, that order is meaningful because
shuffling the disclosures will break that signature.
Can I suggest 5.3.1 be tweaked to represent this, perhaps to:
> The sd_hash value MUST be taken over the US-ASCII bytes of the encoded
> SD-JWT, i.e., the Issuer-signed JWT, a tilde character, and any Disclosures
> selected for presentation to the Verifier in presented order, each followed
> by a tilde character:
-DW
_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org
