https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/354
Since this pull request is blocked, I could not post a comment.
Instead of one section about "Unlinkability" (12.4), there should be two
sections:
"*Unlinkability between Verifiers*" means that :
1) if two Verifiers are colluding, they should not be able to
know whether two different presentations are presented by the same user.
2) If a presentation,presented to a Verifier, is voluntarily
publicly revealed at the initiative of that Verifier or is involuntarily
revealed
after a data breach that happened to that Verifier, other
Verifiers should not be able to know that different presentations were
presented
by the same user.
"*Untrackability by****an **Issuer*" means that an Issuer should not be
able to know to which Verifier a digital presentation will be
or has been presented by a user.
Note:In this case, there is no need to have a collusion between an
Issuer and a Verifier.
Denis
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
