JSONPath/Pointer changes for 2.1
Opened this issue · 5 comments
kimdhamilton commented
Concerns
- JSONPath: security issues
- 2.1 breaking change
Structure of PE spec
- base: simple stuff
- features: advanced, under-defined
Structurally better to have jsonpointer at the base layer, but breaking change
Decision:
- Add a new
pointer
property at same level of path. Strong preference for this in implementation notes - Soft launch with preference for jsonpointer that falls back to jsonpath
- In 3.0, path becomes a feature
pmhsfelix commented
What does it mean In 3.0, path becomes a feature
?
colbyharrison commented
I believe this means that in the 3.0 release Json Path will become an extension on the spec and not required to be conformant with the spec. See: https://identity.foundation/presentation-exchange/#structure-of-this-document
OR13 commented
You should update your references to this nice shiny new RFC:
kimdhamilton commented
So shiny, thanks!
Sakurann commented
as discussed in openid/OpenID4VCI#266, even JSON Pointer might not meet all the requirements like indexing array entries. alternative mechanism could be something like proposed here: openid/OpenID4VCI#276