Document: draft-ietf-oauth-selective-disclosure-jwt
Title: Selective Disclosure for JWTs (SD-JWT)
Reviewer: Henry Thompson
Review result: Ready with Nits
I framed my only major point as a recommendation, not a requirement, and that
recommendation was, effectively, declined in subsequent emails.
S
On 2. May 2025, at 16:18, Henry S. Thompson
wrote:
>
> Carsten Bormann writes:
>
>> ...
>
>> For IETF purposes, JSON text is always UTF-8 encoded, so there is no
>> difference.
>
> I don't agree, based on my reading of 8259. It's clear that a single
> U+0076 character can occur in "JSON text
Carsten Bormann writes:
> ...
> For IETF purposes, JSON text is always UTF-8 encoded, so there is no
> difference.
I don't agree, based on my reading of 8259. It's clear that a single
U+0076 character can occur in "JSON text", but as such that text is
_not_ a byte sequence
>> The problem you'v
On 2. May 2025, at 13:09, Henry S. Thompson
wrote:
>
> Carsten Bormann writes:
>
>> On 2. May 2025, at 12:04, Henry Thompson via Datatracker
>> wrote:
>>>
>>> ["26bc4LT-ac6q2KI6cBW5es", "family_name", "M%xc3%xb6bius"] [2]
>>
>> The weird %x notation in the third element has nothing to do
Document: draft-ietf-oauth-selective-disclosure-jwt
Title: Selective Disclosure for JWTs (SD-JWT)
Reviewer: Henry Thompson
Review result: Ready with Issues
Document: draft-ietf-oauth-selective-disclosure-jwt-18
Title: Selective Disclosure for JWTs (SD-JWT)
Reviewer: Henry S. Thompson
Review Date:
The phrase "non-selectively disclosable claims" confused me. At first I
interpreted it to mean "claims that are disclosable but not in a
selective way." The intended reading is "claims that are not selectively
disclosable." The ambiguity is between "(non-selectively) disclosable
claims" and "
This email is mostly a duplication of the issue #528 that has been added
during the week-end:
Comments and issues raised during the 1rst and the 2nd WGLC have not
been addressed in -14 #528
https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/528
However, I have added a ne
rian Campbell
> *Sent:* Tuesday, November 29, 2022 11:21 PM
> *To:* Hannes Tschofenig
> *Cc:* oauth
> *Subject:* Re: [OAUTH-WG] draft-ietf-oauth-selective-disclosure-jwt
>
>
>
> Hi Hannes,
>
>
>
> Though I am yet to officially have my name on the document as
Thanks for the response, Brian.
A few remarks below.
From: Brian Campbell
Sent: Tuesday, November 29, 2022 11:21 PM
To: Hannes Tschofenig
Cc: oauth
Subject: Re: [OAUTH-WG] draft-ietf-oauth-selective-disclosure-jwt
Hi Hannes,
Though I am yet to officially have my name on the document as a co
Hi Brian,
My two cents.
1) This draft is about selective-disclosure. The draft should be
balanced between enclosure and disclosure.
The topic of selective-enclosure should also be addressed.
In particular in OAuth, the claims to be incorporated are usually only
selected with a coarse granula
Hi Hannes,
Though I am yet to officially have my name on the document as a co-author,
you did mention me directly :) And so I'll attempt to answer or respond to
your questions/statements below.
On Mon, Nov 28, 2022 at 7:24 AM Hannes Tschofenig
wrote:
> Hi Daniel, Hi Kristina, Hi Brian,
>
> Hi
Hi Daniel, Hi Kristina, Hi Brian,
Hi all,
Reading through draft-ietf-oauth-selective-disclosure-jwt I was wondering why
the document defines new terminology for roles that already exist in OAuth.
For example:
* Issuer = AS
* Holder = Client
* Verifier = RS
I assume that was done
12 matches
Mail list logo
