search

oauth-wg / oauth-selective-disclosure-jwt

https://datatracker.ietf.org/doc/draft-ietf-oauth-selective-disclosure-jwt/
Other
57 stars 31 forks source link

[WIP] SD-JWT as a W3C VC-DATA-MODEL #110

Closed Sakurann closed 2 years ago

Sakurann commented 2 years ago

Current proposal is here: https://datatracker.ietf.org/doc/html/draft-fett-oauth-selective-disclosure-jwt-01#appendix-A.3 Alternative proposal is here: https://github.com/oauthstuff/draft-selective-disclosure-jwt/issues/103#issuecomment-1175572062

Guess yet another alternative would be:

     "vc": {
       "@context": [
         "https://www.w3.org/2018/credentials/v1",
         "https://www.w3.org/2018/credentials/examples/v1"
       ],
       "type": [
         "VerifiableCredential",
         "UniversityDegreeCredential"
       ],
     "credentialSubject": {
      "given_name": "Alice",
      "sd_digests": {
         "given_name": "fUMdn88aaoyKTHrvZd6AuLmPraGhPJ0zF5r_JhxCVZs",
         "family_name": "9h5vgv6TpFV6GmnPtugiMLl5tHetHeb5X_2cKHjN7cw",
         "birthdate": "fvLCnDm3r4VSYcBF3pIlXP4ulEoHuHOfG_YmFZEuxpQ"
        }
     }
  }
nikosft commented 2 years ago

I believe that this alternative violates the definition of SD-JWT in section 4.1. In particular, I uderestand that this alternative is not of the form 

SD-JWT-DOC = (METADATA, SD-CLAIMS)
Sakurann commented 2 years ago

yes, the idea was to add a sentence in the SD-JWT specification that profiles of the specification MAY define other places to include sd_digests.

sbutterfield commented 2 years ago

Just a thought: Should this issue turn in to an extension spec vc-sd-jwt to separate out the responsibility of mapping something foundational (sd-jwt) to something intermediate (vc datamodel)?

Sakurann commented 2 years ago

PR #162

danielfett commented 2 years ago

This has been superseded by the changes we made in PR #174. An example for a W3C VC is contained in the appendix.