Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

clarify, add context, or otherwise improve examples #252

Merged
merged 2 commits into from
Sep 12, 2024
Merged

clarify, add context, or otherwise improve examples #252

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9825577
clarify, add context, or otherwise improve examples
bc-pi Aug 26, 2024
0ee3dac
Less space
bc-pi Sep 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 24 additions & 10 deletions draft-ietf-oauth-sd-jwt-vc.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -277,13 +277,13 @@ MUST NOT have any Disclosures.

## Example {#vc-sd-jwt-example}

The following is a non-normative example of an unsecured payload of an
The following is a non-normative example of the user data of an unsecured payload of an
SD-JWT VC.

<{{examples/01/user_claims.json}}

The following is a non-normative example of how the unsecured payload of the
SD-JWT VC above can be used in a SD-JWT where the resulting SD-JWT VC contains
SD-JWT VC above can be used in an SD-JWT where the resulting SD-JWT VC contains
only claims about the Subject that are selectively disclosable:

<{{examples/01/sd_jwt_payload.json}}
Expand All @@ -299,6 +299,8 @@ The SD-JWT and the Disclosures would then be serialized by the Issuer into the f

<{{examples/01/sd_jwt_issuance.txt}}

Examples of what presentations of SD-JWT VCs might look like are provided in (#presentation-examples).

## Verification and Processing {#vc-sd-jwt-verification-and-processing}

The recipient (Holder or Verifier) of an SD-JWT VC MUST process and verify an
Expand Down Expand Up @@ -356,19 +358,27 @@ JWT MUST adhere to the rules defined in Section 5.3 of
The Key Binding JWT MAY include additional claims which, when not understood, MUST
be ignored by the Verifier.

## Examples
## Examples {#presentation-examples}

The following is a non-normative example of a presentation of the SD-JWT shown in (#vc-sd-jwt-example) including a Key Binding JWT.
In this presentation, the Holder provides only the Disclosure for the `address` claim.
In this presentation, the Holder provides only the Disclosures for the `address` and `is_over_65` claims.
Other claims are not disclosed to the Verifier.

<{{examples/01/sd_jwt_presentation.txt}}

The following example shows a presentation of a (different) SD-JWT without a
After validation, the Verifier will have the following processed SD-JWT payload available for further handling:

<{{examples/01/verified_contents.json}}

The following example shows a presentation of a (similar but different) SD-JWT without a
Key Binding JWT:

<{{examples/02/sd_jwt_presentation.txt}}

The Verifier will have the following processed SD-JWT payload after validation:

<{{examples/02/verified_contents.json}}

# JWT VC Issuer Metadata {#jwt-vc-issuer-metadata}

This specification defines the JWT VC Issuer Metadata to retrieve the JWT VC
Expand Down Expand Up @@ -1101,31 +1111,31 @@ be used to represent the concept of a Person Identification Data (PID)
Key Binding is applied
using the Holder's public key passed in a `cnf` claim in the SD-JWT.

The Issuer is using the following input claims set:
The following data about the citizen comprises the input JWT Claims Set used by the Issuer:

<{{examples/03-pid/user_claims.json}}

The following is the issued SD-JWT:

<{{examples/03-pid/sd_jwt_issuance.txt}}

The following payload is used for the SD-JWT:
This is the payload of that SD-JWT:

<{{examples/03-pid/sd_jwt_payload.json}}

The following Disclosures are created by the Issuer:
The digests in the SD-JWT payload reference the following Disclosures:

{{examples/03-pid/disclosures.md}}

The following shows a presentation of the SD-JWT with a Key Binding JWT that discloses only nationality and the fact that the person is over 18 years old:
This shows a presentation of the SD-JWT with a Key Binding JWT that discloses only nationality and the fact that the person is over 18 years old:

<{{examples/03-pid/sd_jwt_presentation.txt}}

The following is the payload of a corresponding Key Binding JWT:

<{{examples/03-pid/kb_jwt_payload.json}}

After the validation, the Verifier will have the following data for further processing:
After validation, the Verifier will have the following processed SD-JWT payload available for further handling:

<{{examples/03-pid/verified_contents.json}}

Expand All @@ -1148,6 +1158,10 @@ for their contributions (some of which substantial) to this draft and to the ini

# Document History

-05

* Clarify, add context, or otherwise improved the examples

-04

* update reference to IETF Status List
Expand Down
1 change: 1 addition & 0 deletions examples/01/specification.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ user_claims:

holder_disclosed_claims:
address: true
is_over_65: true

key_binding: true

Expand Down
1 change: 1 addition & 0 deletions examples/02/specification.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ user_claims:

holder_disclosed_claims:
address: true
is_over_65: true

key_binding: false

Expand Down
Loading