For what it’s worth, you can always make consistency fixes during AUTH48.
From: Brian Campbell <bcampbell=40pingidentity....@dmarc.ietf.org> Sent: Thursday, May 29, 2025 5:03 AM To: Dan Moore <dan=40fusionauth...@dmarc.ietf.org> Cc: oauth@ietf.org Subject: [OAUTH-WG] Re: I-D Action: draft-ietf-oauth-selective-disclosure-jwt-21.txt Thanks Dan, You aren't missing anything. That's an inconsistency I introduced about 3 weeks ago when I added the "US" element to the array in hopes of giving a better visual distinction between the two arrays in the examples at https://datatracker.ietf.org/doc/html/draft-ietf-oauth-selective-disclosure-jwt-18#section-4.2.2-4 but overlooked updating the associated text a little later https://datatracker.ietf.org/doc/html/draft-ietf-oauth-selective-disclosure-jwt-18#section-4.2.4.2-4 that explains usage of those arrays. I've created this https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/580 PR to bring the explanatory text inline with the content in the example. I'm a little unsure of the proper process at this point (the IESG approved the draft yesterday) but I'll work with the powers that be to figure out the most appropriate way to get this fix incorporated. On Wed, May 28, 2025 at 8:27 PM Dan Moore <dan=40fusionauth...@dmarc.ietf.org<mailto:40fusionauth...@dmarc.ietf.org>> wrote: Hi folks, I saw one confusing item in this document. In section 4.2.4.2. at the end, it states: In the example above, the verification process would output an array with only one element unless a matching Disclosure for the second element is received. But the example looks like this: { "nationalities": ["DE", {"...":"w0I8EKcdCtUPkGCNUrfwVp2xEgNjtoIDlOxc9-PlOhs"}, "US"] } My reading is that the second element of the array would be omitted if the verifier didn't receive the matching disclosure, but the first and third elements would be delivered. Therefore the array would have two elements if no disclosure was received. I reviewed section 7 but didn't see anything about removing elements of an array after an element that was selectively disclosed (as the {"...":"w0I8EKcdCtUPkGCNUrfwVp2xEgNjtoIDlOxc9-PlOhs"} is). What am I missing? Dan On Wed, May 28, 2025 at 11:47 AM <internet-dra...@ietf.org<mailto:internet-dra...@ietf.org>> wrote: Internet-Draft draft-ietf-oauth-selective-disclosure-jwt-21.txt is now available. It is a work item of the Web Authorization Protocol (OAUTH) WG of the IETF. Title: Selective Disclosure for JWTs (SD-JWT) Authors: Daniel Fett Kristina Yasuda Brian Campbell Name: draft-ietf-oauth-selective-disclosure-jwt-21.txt Pages: 96 Dates: 2025-05-28 Abstract: This specification defines a mechanism for the selective disclosure of individual elements of a JSON data structure used as the payload of a JSON Web Signature (JWS). The primary use case is the selective disclosure of JSON Web Token (JWT) claims. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-oauth-selective-disclosure-jwt/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-21.html A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-ietf-oauth-selective-disclosure-jwt-21 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts _______________________________________________ OAuth mailing list -- oauth@ietf.org<mailto:oauth@ietf.org> To unsubscribe send an email to oauth-le...@ietf.org<mailto:oauth-le...@ietf.org> _______________________________________________ OAuth mailing list -- oauth@ietf.org<mailto:oauth@ietf.org> To unsubscribe send an email to oauth-le...@ietf.org<mailto:oauth-le...@ietf.org> CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.
_______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org
