JSON Web Proofs (JWP)
|Document||Type||Approved BOF request|
|Title||JSON Web Proofs (JWP)|
|Responsible leadership||Roman Danyliw|
|Send notices to||(None)|
Name: JSON Web Proofs (JWP)
-- placeholder for IETF 115 pending interim BoF on topic --
The JOSE RFCs and JWT, have been widely adopted for identity use cases, including for the widely-deployed OpenID Connect protocol and STIR. Concurrent to the growth of adoption of these standards has been an increasing societal focus on privacy. Common privacy themes in identity solutions that intersect with JWT are user consent and minimal disclosure.
In recent years, newer solutions have been evolving such as Verifiable Credentials that formalize the entities of Issuer, Holder, and Verifier. A Verifiable Credential lifecycle has three accompanying phases: issuance, storage, and presentation. The JOSE and JWT standards have also been adopted by Verifiable Credentials (for the JWT-VC representation), but JWS and JWT have limitations that make privacy protection challenging.
The first limitation is handling selective disclosure (or data minimization), where the Holder is able to limit how much information is being shared with a Verifier – in particular, which JWT claims are disclosed. Using JWTs for selective disclosure requires asking the Issuer to create a JWT containing only the selected claims in real time, based on the user consent, which limits the transaction to being online with an available issuer, and informs the issuer of the subject’s choices.
The second limitation is unlinkability. While it is a common experience to share unique trackable identifiers, such as e-mail addresses, names, and locations, there are also many identity-related exchanges that only involve an access control decision or capability without needing to uniquely identify a person. The only solution today using a JWT is to request a new token per Verifier from the issuer each time, or ahead of time in batches to be able to use a different one per Verifier – such that they are single-use tokens.
Accomplishing both goals efficiently and securely has been a multi-decade research activity for a sizeable academic and applied cryptography community, often referred to as anonymous credentials. Some of the cryptographic techniques developed in this space involve pairing-friendly curves and zero-knowledge proofs (to name just a few). Simple selective disclosure techniques using well-established cryptographic algorithms, such as the salted hashes used by the ISO Mobile Driver License (mDL) spec, are also in scope. The current JOSE and JWT specifications are not sufficiently general to enable use of these newer techniques.
This BoF proposes to re-form the JSON Object Signing and Encryption (JOSE) working group. The reconstituted JOSE working group will build on what came before but also rectify these shortcomings. Specifically, it will develop a set of companion specifications to the existing JOSE specs that are designed to support the privacy-enhancing primitives of selective disclosure and unlinkability. These specifications will utilize defined cryptographic schemes, standardizing their use in a JSON-based serializable container format; creation or standardization of new cryptographic algorithms would not be in scope. Parallel CBOR-based representations may also be developed.
- Status: WG Forming
- Responsible AD: Roman Danyliw
- BOF proponents: TBD
- BOF chairs: TBD
- Number of people expected to attend: 100
- Length of session (1 or 2 hours): 2 hours
- Conflicts (whole Areas and/or WGs)
- Chair Conflicts: TBD
- Technology Overlap: TBD
- Key Participant Conflict: TBD