oauth-selective-disclosure-jwt icon indicating copy to clipboard operation
oauth-selective-disclosure-jwt copied to clipboard

Published 20 hours ago verified publisher icon oauth-wg

"Presentation" is capitalised as if it's a defined term, but I can't find a definition

Open jogu opened this issue 2 years ago • 4 comments

There are various sentences like:

When Key Binding is not enforced, any entity in possession of an SD-JWT Presentation can forward the contents to third parties

where presentation has a capital P as if it's a defined term. Probably it should have an actual definition (I can't find one) but if not it should probably be lower cased?

jogu avatar Oct 23 '23 14:10 jogu

This is how Presentation is defined in OID4VP:

Presentation: Data that is presented to a specific Verifier, derived from one or more Verifiable Credentials that can be from the same or different Credential Issuers.

https://openid.github.io/OpenID4VP/openid-4-verifiable-presentations-wg-draft.html#section-2-3.8

and I think it's better define it than just make it lower-case, as the term is used pretty frequently.

Sakurann avatar Oct 23 '23 15:10 Sakurann

I don't think just removing the capitalization helps. It's still an undefined term. In the spirit of #374, it seems like we actually want two concepts here, (1) handing someone an Issuer JWT + disclosures, where they can verify its integrity, drop disclosures and/or hand it to someone else, and (2) handing someone an Issuer JWT + disclosures + KB JWT, where the only thing they can do is verify it.

bifurcation avatar Nov 22 '23 16:11 bifurcation

I think ~~https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/384~~ goes a long way towards addressing this.

I meant #394, sorry.

bc-pi avatar Mar 01 '24 21:03 bc-pi

(I think you meant 394, @bc-pi..?)

Sakurann avatar Mar 04 '24 02:03 Sakurann

I believe the merging of https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/394 clears this one up

bc-pi avatar Jun 12 '24 12:06 bc-pi