Markdown Version | Session Recording

Session Date/Time: 05 Nov 2024 13:00

SPICE Meeting Minutes

Summary

This meeting focused on three drafts: Selective Disclosure for C Seabor Web Tokens, Glue IDs, and OIDC Claims. Key discussions revolved around the technical challenges of implementing Selective Disclosure within the CWT ecosystem, specifically addressing how to represent redactions in C-BOR data structures while maintaining compatibility with existing CWT processors. The meeting also explored the utility of Glue IDs for representing identifiers with added context, and the registration of OIDC claims for use with Seabor.

Key Discussion Points

• Selective Disclosure for C Seabor Web Tokens (SDCWT):
  • Challenges in representing redactions within CWT claim sets while adhering to the integer or string key requirement.
  • Discussion on different approaches, including using a large, weird-looking integer, tagged values, and potential updates to CWT specifications.
  • Debate on where to put SD hash and disclosures. Proposed signed key binding token with the entire issue or signed original token with disclosures.
• Glue IDs:
  • Discussion on the structure and purpose of Glue IDs as wrappers providing context for identifiers.
  • Debate on whether the scheme identifier for Glue IDs should be domain-scoped.
  • Questions about the relationship to existing URN constructs and registries.
  • Discussion about corporate identity with the same reference point as other issuing authorities.
• OIDC Claims:
  • Proposal to register commonly used OIDC claims for use in CWTs, aiming for standard claims registration in the two-byte range.
  • Discussion on potential overlap between user-focused and corporate-focused identities.
  • Consideration about prefixing OIDC claims and defining new claims for org IDs.
• Tools:
  • Suggestion for SDCWT test examples with input and output in the IETF GitHub organization.

Decisions and Action Items

• Selective Disclosure for C Seabor Web Tokens (SDCWT):
  • Continue discussions on the mailing list to determine the best approach for representing redactions and disclosing SD hash.
  • Consider allowing key binding token to sign the entire issued document and sign over the whole thing.
• Glue IDs:
  • Further discussion is needed to determine the value add compared to URNs.
  • The chairs will determine the proper home for the draft based on the outcome of the discussions.
• OIDC Claims:
  • Adopt the draft for OIDC Claims into the SPICE working group.
  • Confirm the decision on the mailing list.
• Tools:
  • Create test examples and test fixtures for SDCWT.

Next Steps

• Selective Disclosure for C Seabor Web Tokens (SDCWT): Continue discussions on the mailing list regarding redaction representations and disclosure placement.
• Glue IDs: Further discussion with the chairs and related working groups to determine the scope and best location for the draft.
• OIDC Claims: Update the draft for IANA submission and address feedback regarding potential overlap with other identity types.
• Tools: Create the SDCWT Test Examples and Test Fixtures.