rado0x54
commented
12 months ago Looping in @brentzundel here, because this section is attributed to him. Will also discuss in the upcoming PE meeting.
Open npdoty opened 1 year ago
rado0x54
commented
12 months ago Looping in @brentzundel here, because this section is attributed to him. Will also discuss in the upcoming PE meeting.
rado0x54
commented
12 months ago PE authors understand the concern and generally are in agreement to overhaul the limit_disclosure property in a version 3.0.
The optionality was introduced because in the transition of a full-disclosure to a limited disclosure ecosystem the spec wanted to allow implementers to use PE and not fully fulfill the limit_disclosure option in a transition period.
TimoGlastra
commented
10 months ago I think a valid use case for limit_disclosure of preffered is when you optionally have a credential that supports selective disclosure.
E.g. we're not working on adding both an EdDSA and AnonCreds CL signature to a w3c credential. A verifier could support both, but a holder may have only the EdDSA one, or maybe both. The preferred option allows the holder to disclosure the least possible. While required would make the EdDSA credential not applicable.
As a basic practice of data minimization, it would seem that when a requester requests particular fields, the provider should only provide those fields. Having different levels of
required,preferred, or no limits at all make this privacy property less certain, and it's not clear what additional use cases they support.I would suggest deprecating this property, and adding a requirement that if fields are listed, then no more than those fields are returned.