draft-ietf-oauth-selective-disclosure-jwt-07
·
90 commits
to master
since this release
-07
- Reference RFC4086 in security considerations about salt entropy
- Update change controller for the Structured Syntax Suffix registration from IESG to IETF per IANA suggestion
- Strengthen security considerations around claims controlling the validity of the SD-JWT not being selectively disclosable
- Expand/rework considerations on the choice of hash algorithm
- Clarify validation around no duplicate digests in the payload (directly or recursively) and no unused disclosures at the end of processing
- Better describe and illustrate the tilde separated format
- Change claim name from
_sd_hashtosd_hash