From e4e3b6996780e390912a4f04ff80816fd4ee6458 Mon Sep 17 00:00:00 2001 From: Brian Campbell <71398439+bc-pi@users.noreply.github.com> Date: Tue, 27 Feb 2024 12:05:13 -0700 Subject: [PATCH] Clarify the optionality of the cnf claim (#213) Clarify the optionality of the cnf claim (to fix #196) --- draft-ietf-oauth-sd-jwt-vc.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/draft-ietf-oauth-sd-jwt-vc.md b/draft-ietf-oauth-sd-jwt-vc.md index 85a3022..672c27f 100644 --- a/draft-ietf-oauth-sd-jwt-vc.md +++ b/draft-ietf-oauth-sd-jwt-vc.md @@ -240,7 +240,7 @@ accepted before validating. See [@!RFC7519] for more information. Verifiable Credential is no longer valid. See [@!RFC7519] for more information. * `cnf` - * REQUIRED when cryptographic Key Binding is to be supported. Contains the confirmation method as defined in [@!RFC7800]. It is RECOMMENDED that this contains a JWK as defined in Section 3.2 of [@!RFC7800]. For proof of cryptographic Key Binding, the Key Binding JWT in the presentation of the SD-JWT MUST be signed by the key identified in this claim. + * OPTIONAL unless cryptographic Key Binding is to be supported, in which case it is REQUIRED. Contains the confirmation method identifying the proof of possession key as defined in [@!RFC7800]. It is RECOMMENDED that this contains a JWK as defined in Section 3.2 of [@!RFC7800]. For proof of cryptographic Key Binding, the Key Binding JWT in the presentation of the SD-JWT MUST be signed by the key identified in this claim. * `vct` * REQUIRED. The type of the Verifiable Credential, e.g., `https://credentials.example.com/identity_credential`, as defined in (#type-claim). @@ -743,6 +743,7 @@ for their contributions (some of which substantial) to this draft and to the ini * Fix inconstancy in the .well-known path construction * Added registration request to IANA for the well-known URI * Fix some formatting and text in the media type and JWT claim registration requests +* Clarify the optionality of the `cnf` claim * Added relationships to other documents -01