I agree with you, Paul. A statement that this is not anonymous should be sufficient. -dhs
-- Principal Engineer Office of the CTO Beyond Identity
It seems to me saying "SD-JWT is not an anonymous credential system according to <link>" then seems sufficient, as most of the other text is already present in the thorough unlinkability section.Also I see that it gets increasingly difficult, if drafts have to enumerate all the things that they are not, this is a slippery slope that may never be complete.Best, PaulOn 1/9/25 8:32 PM, Watson Ladd wrote:On Thu, Jan 9, 2025 at 10:39 AM Dean Saxe
<[email protected]> wrote:
I’m struggling with the same thing. If there’s somewhere that this is described/documented it should be linked from the text. I added the same comment to the PR.
https://www.google.com/url?q=https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/535%23issuecomment-2580990520&source=gmail-imap&ust=1737058221000000&usg=AOvVaw2ZJTyUSYKf5i67EjayhT9A
We can link to CL01, but I think there might be some easier to
understand presentations. Will look.
-dhs
--
Dean H. Saxe, CIDPRO
Principal Engineer
Office of the CTO
Beyond Identity
[email protected]
On Jan 9, 2025 at 10:20:56 AM, Paul Bastian <[email protected]> wrote:
Hi Watson,
Could you please link the standard security notation for anonymous credentials that you are referring to?
Best, Paul
_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]
_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]
|
_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]
