Distinguish SD-JWT from SD-JWT+KB

[bifurcation]

This PR limits the scope of the term "SD-JWT" so that it refers only to an Issuer-signed JWT and a set of disclosures. We introduce the term "Fnord" to refer to an SD-JWT with key binding. As a bonus, we are able to clean up stale uses of Presentation, which mostly, but not always align with Fnord.

"Fnord" is deliberately nonsensical, of course. We should replace this with a more intuitive word. We could reintroduce "Presentation" for this, with the allowance that one might "present" either a Presentation or an SD-JWT. Or we could pick another term, suggestions welcome.

I have tried to be fairly minimal in the changes here. In particular, I have not changed any of the algorithms, though I suspect they would be clearer if a bit more separate. I have rewritten a few paragraphs, especially close to the top and in the Security Considerations.

Fixes #374
Fixes #392

[OR13]

Its very confusing when communicating regarding SD-JWT.

You really can't ever use the term by itself.

You must use the term with:

"Issuer Signed SD-JWT" and "Holder Disclosed SD-JWT".

If you don't make this clear, its easy to imagine scenarios where implementers accidentally disclose more than they should.

[OR13]

I think the terminology direction is good, details will need to be sorted out.

I will add a wrinkle, that "presentation" is sorta "owned" by W3C, and it means something every different.

• https://www.w3.org/2017/vc/WG/Meetings/Minutes/2023-12-05-vcwg-special

In W3C terms a "presentation" is a special kind of RDF Graph Fragment, with or without integrity.

You can make "integrity protected" "presentations" with an SD-JWT.... and they look like this today:

• https://w3c.github.io/vc-jose-cose/#securing-json-ld-verifiable-presentations-with-jose

I'd recommend choosing another word than presentation at this point, it will be safer than trying to square terms with W3C.

Here are some alternatives to "presentation disclosures with integrity and key binding" to consider:

• https://www.merriam-webster.com/thesaurus/declare
• https://www.merriam-webster.com/thesaurus/impart
• https://www.merriam-webster.com/thesaurus/offer
• https://www.merriam-webster.com/dictionary/confer
• https://www.merriam-webster.com/thesaurus/uncloak
• https://www.merriam-webster.com/thesaurus/reveal

[Sakurann]

I find it immensely challenging to read and review this PR with Fnord being used as a term. please replace it with some specific term that we can bikeshed.

[Sakurann]

@bifurcation can you please replace Fnord with SD-JWT/KB, which is a short form for SD-JWT with Key Binding (SD-JWT+KB could have worked too, but we were just worried it will be confused with media types, etc.), so that reviewing is easier.

[bifurcation]

@Sakurann - Changed to SD-JWT-KB, since the SD-JWT/KB looked weird to me (division seemed like the wrong metaphor) and SD-JWT~KB seemed a little too cute. Also merged master while I was at it.

[c2bo]

Not entirely sure about the SD-JWT-KB vs SD-JWT+KB part. Should the kb-jwt then also be renamed to kb+jwt (even outside the typ)?

[bc-pi]

pining for the fnords [edit: this was my comment on submitting approval]

[bc-pi]

Not entirely sure about the SD-JWT-KB vs SD-JWT+KB part. Should the kb-jwt then also be renamed to kb+jwt (even outside the typ)?

I'm gonna say no.

[selfissued]

Thanks for the updates.

I'd appreciate it if you'd merge my other suggestion, which is a clarification.

[bc-pi]

@bifurcation and @danielfett and @Sakurann to hopefully do a re-review soon(ish) and get this one merged soon(ish)

[danielfett]

I left some editorial suggestions.

I'll note that we need to make a few changes to the section on JWS JSON Serialization as well, but I filed a separate issue for that: #426

[bc-pi]

comments on comments (am I doing this right?)

[Sakurann]

Thank you, Richard "fnord" Barnes

[bc-pi]

Thank you, Richard "fnord" Barnes

It's the little things that keep me going