Proposal to reorder Holder steps for presentation to a Verifier

[srosenda]

In draft 06 section 8.2. Processing by the Holder there is a list of steps:

For presentation to a Verifier, the Holder MUST perform the following (or equivalent) steps:

1. Decide which Disclosures to release to the Verifier, obtaining proper End-User consent if necessary.
2. If Key Binding is required, create a Key Binding JWT.
3. Assemble the SD-JWT for Presentation, including the Issuer-signed JWT, the selected Disclosures and, if applicable, the Key Binding JWT.
4. Send the Presentation to the Verifier.

Now that draft 06 also has the requirement to add Integrity Protection of the Presentation (section 5.3.1.) to Key Binding JWTs, a more natural order for the steps would be to create the SD-JWT for Presentation with the selected Disclosures before the Key Binding JWT, as the presentation is needed for calculating the required _sd_hash digest for the Key Binding JWT.

E.g. something like this:

For presentation to a Verifier, the Holder MUST perform the following (or equivalent) steps:

1. Decide which Disclosures to release to the Verifier, obtaining proper End-User consent if necessary.
2. Assemble the SD-JWT for Presentation, including the Issuer-signed JWT and the selected Disclosures.
3. If Key Binding is required, create a Key Binding JWT and add it to the Presentation.
4. Send the Presentation to the Verifier.

With that step 2. constructs the input required for the digest computation in step 3. For extra clarity, the requirement to compute and include the integrity protection digest to the Key Binding JWT could be mentioned also here with a reference to section 5.3.1. for details.

[danielfett]

That makes sense, thank you!