From 9308455ecf0cbf851b4ee5bde15ab0e5c0858d3e Mon Sep 17 00:00:00 2001
From: Michael Fraser <mj.fraser99@icloud.com>
Date: Tue, 2 Apr 2024 23:45:00 +0800
Subject: [PATCH] Add specificity around handling of disclosure resulting in an
 empty object (#420)

---
 draft-ietf-oauth-selective-disclosure-jwt.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/draft-ietf-oauth-selective-disclosure-jwt.md b/draft-ietf-oauth-selective-disclosure-jwt.md
index f850b56a..ea09891c 100644
--- a/draft-ietf-oauth-selective-disclosure-jwt.md
+++ b/draft-ietf-oauth-selective-disclosure-jwt.md
@@ -714,7 +714,7 @@ an SD-JWT:
             2. Replace the array element with the value from the Disclosure.
             3. Recursively process the value using the steps described in (*) and (**).
     4. Remove all array elements for which the digest was not found in the previous step.
-    5. Remove all `_sd` keys and their contents from the Issuer-signed JWT payload.
+    5. Remove all `_sd` keys and their contents from the Issuer-signed JWT payload. If this results in an object with no properties, it should be represented as an empty object `{}`.
     6. Remove the claim `_sd_alg` from the SD-JWT payload.
 4. If any digest value is encountered more than once in the Issuer-signed JWT payload (directly or recursively via other Disclosures), the SD-JWT MUST be rejected.
 5. If any Disclosure was not referenced by digest value in the Issuer-signed JWT (directly or recursively via other Disclosures), the SD-JWT MUST be rejected.
@@ -1183,6 +1183,7 @@ John Mattsson,
 Justin Richer,
 Kushal Das,
 Matthew Miller,
+Michael Fraser,
 Mike Jones,
 Mike Prorock,
 Nat Sakimura,