Select parts of a conversation from an encrypted messaging service copied here. Editorial liberties have been taken to extract the most relevant parts of the discussion and protect the identities of the participants.
I would find it useful to have an example showing the payload of the credential in clear text (not the salted hashes) + all the metadata required to do validity checks and trust checks. Basically how the data would look like before it gets chopped into pieces or after they have been reverted. A credential without iss value does not make sense to me.
it is intentional that that part does not include iss, iat, exp, etc
maybe we can clarify the intro text more, but basically the idea has been to make a distinction between the user claims and all the metadata around it.
the first example is just user claims that are being secured
the second example is user claims + metadata that is necessary to be added when signing the sd-jwt
bc-pi
commented
3 months ago
Select parts of a conversation from an encrypted messaging service copied here. Editorial liberties have been taken to extract the most relevant parts of the discussion and protect the identities of the participants.
IMHO it would be worthwhile to expand the example in https://www.ietf.org/archive/id/draft-ietf-oauth-sd-jwt-vc-04.html#vc-sd-jwt-example with some additions to https://www.ietf.org/archive/id/draft-ietf-oauth-sd-jwt-vc-04.html#name-examples to also show the content of the thing that needs a name.