New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposal for blinding claim names #124
Conversation
…authstuff/draft-selective-disclosure-jwt into danielfett/blinded-claim-names
Spec text updated, please review! |
2. For each claim in the SD-JWT Release: | ||
1. Ensure that the claim is present as well in `sd_release` in the SD-JWT. | ||
If `sd_release` is structured, the claim MUST be present at the same | ||
place within the structure. | ||
2. Compute the base64url-encoded hash digest of the JSON literal released | ||
by the Holder using the `hash_alg` in SD-JWT. | ||
by the Holder using the `sd_hash_alg` in SD-JWT. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@danielfett fixed conflicts and updated this def committing directly in your branch
then I have pushed another commit to fix the previous typo (weird movement on the keyboard?) anyway feel free to rebase these
George during OAuth side mtg pointed out that it is important for the verifier not to change anything in the JSON object in the Release (ie SVC )that is being hashed so that the hash output is the same from the one in SD-JWT |
…e-disclosure-jwt into danielfett/blinded-claim-names
…authstuff/draft-selective-disclosure-jwt into danielfett/blinded-claim-names
@@ -184,6 +188,8 @@ SD-CLAIMS = ( | |||
)* | |||
``` | |||
|
|||
The claim name (`CLAIM-NAME`) is an optional |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this looks like an unfinished text?
…authstuff/draft-selective-disclosure-jwt into danielfett/blinded-claim-names
No description provided.