decentralized-identity/presentation-exchange

Separating limit_disclosure from constraints

Opened this issue · 3 comments

kimdhamilton commented

Via email from @tlodderstedt :

I would desire a separate object listing the fields that shall be selectively disclosed, independent on the constraints structure, which is a filter.

11/2/23 discussion:

  • Reason it's like that: we cannot decouple limit_disclosure from fields because receiver must be able to very constraints are met as well
  • However, thinking about it differently, how would we represent SD-JWT limit disclosure in PE?

Actions:

  1. We strongly need examples of limit_disclosure; opened #453
  2. @kimdhamilton to follow up via email re SD-JWT question; perhaps that's the key point
kimdhamilton commented

Some more thoughts.

First, some context. In PE:

  • constraints.fields means must have at least these fields
  • constraints.limit_disclosure, if present + required, means must have no more than those fields

In its current state, limit_disclosure has nagged at me for a while, mostly because the "required" | "preferred" values are unintuitive -- evidenced by the fact that the editors/authors (especially myself) need to refresh their memory often. I'm hoping this issue can help is tease apart some of the design "ick" of this.

Moving to SD-JWT as a specific implementation of selective disclosure, I'm looking for feedback on the following question:

Would a RP want to specify that certain fields should be selectively disclosed, vs simply disclosed?

In other words, one way to think about it is the RP only cares that the data is revealed after decoding the SD-JWT, and would consider it an implementation detail whether it was selectively disclosed vs in the clear.

TimoGlastra commented

constraints.limit_disclosure, if present + required, means must have no more than those fields

I think this can be a tricky one to support, as that would mean the PD must describe all properties that always MUST be disclosed. E.g. if a SD-JWT is issued, and the address property MUST be disclosed (as decided by the issuer), then each PD should include a field entry for this, as otherwise it can't meet this requirement:

means must have no more than those fields

How I've interpreted this field in the past is that at least the properties that is described in the field MUST be present, as well as any fields that MUST always be disclosed (as indicated by the issuer in the case of an SD-JWT)

kimdhamilton commented

Clarifications needed by March 21; otherwise we will postpone to 3.0