You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: draft-ietf-oauth-status-list.md
+12-10
Original file line number
Diff line number
Diff line change
@@ -393,7 +393,7 @@ See section [](#test-vectors) for more test vectors.
393
393
394
394
# Status List Token {#status-list-token}
395
395
396
-
A Status List Token embeds the Status List into a token that is cryptographically signed and protects the integrity of the Status List. This allows for the Status List Token to be hosted by third parties or be transferred for offline use cases.
396
+
A Status List Token embeds a Status List into a token that is cryptographically signed and protects the integrity of the Status List. This allows for the Status List Token to be hosted by third parties or be transferred for offline use cases.
397
397
398
398
This section specifies Status List Tokens in JSON Web Token (JWT) and CBOR Web Token (CWT) format.
399
399
@@ -727,7 +727,7 @@ This document creates a registry in [](#iana-status-types) that includes the mos
727
727
728
728
- 0x00 - "VALID" - The status of the Referenced Token is valid, correct or legal.
729
729
- 0x01 - "INVALID" - The status of the Referenced Token is revoked, annulled, taken back, recalled or cancelled.
730
-
- 0x02 - "SUSPENDED" - The status of the Referenced Token is temporarily invalid, hanging, debarred from privilege. This state is reversible.
730
+
- 0x02 - "SUSPENDED" - The status of the Referenced Token is temporarily invalid, hanging, debarred from privilege. This state is usually temporary.
731
731
732
732
The Status Type value 0x03 and Status Type values in the range 0x0B until 0x0F are permanently reserved as application specific. Meaning the processing of Status Types using these values is application specific. All other Status Type values are reserved for future registration.
733
733
@@ -1050,9 +1050,9 @@ There are strong privacy concerns that have to be carefully taken into considera
1050
1050
1051
1051
## Status Types {#privacy-status-types}
1052
1052
1053
-
As previously explained, there is the potential risk of observability by Relying Parties (see [](#privacy-relying-party)) and Outsiders (see [](#privacy-outsider)). That means that any Status Type that transports special information about a Token can leak information to other parties. This documents defines one additional Status Type with "SUSPENDED" that conveys such additional information. Depending on the use-case, suspended could for example provide information that an authorization in the Token is suspended, but the token itself is still valid.
1053
+
As previously explained, there is the potential risk of observability by Relying Parties (see [](#privacy-relying-party)) and Outsiders (see [](#privacy-outsider)). That means that any Status Type that transports special information about a Referenced Token can leak information to other parties. This document defines one additional Status Type with "SUSPENDED" that conveys such additional information.
1054
1054
1055
-
A concrete example would be a driver's license, where the digital driver's license might still be useful to prove other information about its holder, but suspended could signal that it should not be considered valid in the scope of being allowed to drive a car. This case could be solved by either introducing a special status type, or by revoking the Token and re-issuing with changed attributes. For such a case, the status type suspended might be dangerous as it would leak the information of a suspended driver's license even if the driver's license is used as a mean of identification and not in the context of driving a car. This could also allow for the unwanted collection of statistical data on the status of driver's licenses.
1055
+
A concrete example for "SUSPENDED" would be a driver's license, where the digital driver's license might still be useful to prove other information about its holder, but suspended could signal that it should not be considered valid in the scope of being allowed to drive a car. This case could be solved by either introducing a special status type, or by revoking the Referenced Token and re-issuing with changed attributes. For such a case, the status type suspended might be dangerous as it would leak the information of a suspended driver's license even if the driver's license is used as a mean of identification and not in the context of driving a car. This could also allow for the unwanted collection of statistical data on the status of driver's licenses.
1056
1056
1057
1057
Ecosystems that want to use other Status Types than "VALID" and "INVALID" should consider the possible leakage of data and profiling possibilities before doing so and evaluate if revocation and re-issuance might a better fit for their use-case.
1058
1058
@@ -1068,9 +1068,10 @@ Referenced Tokens may also be issued in batches and be presented by Holders in a
1068
1068
1069
1069
## Default Values and Double Allocation
1070
1070
1071
-
Implementations producing Status Lists are RECOMMENDED to initialize the Status List byte array with a default value and provide this as an initialization parameter to the Issuer. The Issuer is RECOMMENDED to use a default value that represents the most common value for its Referenced Tokens to avoid an update during issuance.
1071
+
The Status Issuer is RECOMMENDED to initialize the Status List byte array with a default value provided as
1072
+
an initialization parameter by the Issuer of the Referenced Token. The Issuer is RECOMMENDED to use a default value that represents the most common value for its Referenced Tokens to avoid an update during issuance.
1072
1073
1073
-
Implementations producing Status Lists are RECOMMENDED to prevent double allocation, i.e. re-using the same `uri` and `index` for multiple Referenced Tokens. The Issuer MUST prevent any unintended double allocation by using the Status List.
1074
+
The Status Issuer is RECOMMENDED to prevent double allocation, i.e. re-using the same `uri` and `index` for multiple Referenced Tokens. The Status Issuer MUST prevent any unintended double allocation.
1074
1075
1075
1076
## Status List Size
1076
1077
@@ -1137,10 +1138,10 @@ The following diagram illustrates the relationship between these claims and how
1137
1138
1138
1139
## Relying Parties avoiding correlatable Information
1139
1140
1140
-
If the Relying Party does not require the Referenced Token and the Status List Token after the presentation, e.g. for subsequent status checks or audit trail, it is RECOMMENDED to delete correlatable information, in particular:
1141
+
If the Relying Party does not require the Referenced Token or the Status List Token, e.g. for subsequent status checks or audit trail, it is RECOMMENDED to delete correlatable information, in particular:
1141
1142
1142
-
- the `status` claim in the Referenced Token
1143
-
- the Status List Token itself
1143
+
- the `status` claim in the Referenced Token (after the presentation)
1144
+
- the Status List Token itself (after expiration or update)
1144
1145
1145
1146
The Relying Party should instead only keep the relevant payload from the Referenced Token.
1146
1147
@@ -1359,7 +1360,7 @@ Specification Document(s):
1359
1360
<br/>
1360
1361
1361
1362
* Status Type Name: SUSPENDED
1362
-
* Status Type Description: The status of the Referenced Token is temporarily invalid, hanging or debarred from privilege. This state is reversible.
1363
+
* Status Type Description: The status of the Referenced Token is temporarily invalid, hanging or debarred from privilege. This state is usually temporary.
1363
1364
* Status Type value: `0x02`
1364
1365
* Change Controller: IETF
1365
1366
* Specification Document(s): [](#status-types) of this specification
@@ -1895,6 +1896,7 @@ CBOR encoding:
1895
1896
-11
1896
1897
1897
1898
* Allow for extended key usage OID to be used for other status mechanisms
0 commit comments