As it's the input to a hash, I think it should be well enough understood that the order is important in that context.
On Tue, Sep 24, 2024 at 10:51 AM David Waite <david= 40alkaline-solutions....@dmarc.ietf.org> wrote: > I didn’t see anything in SD-JWT about a canonical disclosure ordering. > > Disclosures from the issuer (and after selective disclosure) are to the > best of my understanding an unordered set - they are expressed in an order, > but that order is not meaningful for processing. The disclosures may be > sorted or randomized as part of the presentation process at the holder’s > leisure. > > However, once you do key binding JWTs, that order is meaningful because > shuffling the disclosures will break that signature. > > Can I suggest 5.3.1 be tweaked to represent this, perhaps to: > > The sd_hash value MUST be taken over the US-ASCII bytes of the encoded > SD-JWT, i.e., the Issuer-signed JWT, a tilde character, *and any > Disclosures selected for presentation to the Verifier in presented order*, > each followed by a tilde character: > > > -DW > _______________________________________________ > OAuth mailing list -- oauth@ietf.org > To unsubscribe send an email to oauth-le...@ietf.org > -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
_______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org
