On 2023-08-24 02:02, Michael Prorock wrote:
"Who exactly has an environment where any of the already existing
pairing implementations, or a forthcoming BBS signature scheme
wouldn't be available?"
I have customers who are required to send regulatory trade data that may
have redactions with FIPS compliant cryptography. They are ok with
linkability, but still need selective disclosure capabilities.
A good example would be an agricultural inspection, where the result
(pass/fail) might be disclosed to some parties, but not to others.
The FIPS and other requirements means we are looking at ES384 and
similar as our preferred approaches for signatures and would still like
to selectively disclose data.
This is also the most common case in govt to citizen use-cases.
Unlinkability really isn't an option because most govt have some form of
linkable identifiers for citizens anyway and insists on using them.
Having said that I know some people are looking at single use sd-jwt
(you batch issue multiple tokens basically) to introduce some limited
support for unlinkability.
Just for clarity I repeat: anyone who tells you they know what this
space is going to look like in the EU probably doesn't understand how
the process works or are trying to sell you something... or both.
Cheers Leif
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
