rfc9901v1.txt   rfc9901.txt 
Internet Engineering Task Force (IETF) D. Fett Internet Engineering Task Force (IETF) D. Fett
Request for Comments: 9901 Authlete Request for Comments: 9901 Authlete
Category: Standards Track K. Yasuda Category: Standards Track K. Yasuda
ISSN: 2070-1721 Keio University ISSN: 2070-1721 Keio University
B. Campbell B. Campbell
Ping Identity Ping Identity
November 2025 November 2025
Selective Disclosure for JSON Web Tokens (SD-JWTs) Selective Disclosure for JSON Web Token (SD-JWT)
Abstract Abstract
This specification defines a mechanism for the selective disclosure This specification defines a mechanism for the selective disclosure
of individual elements of a JSON data structure used as the payload of individual elements of a JSON data structure used as the payload
of a JSON Web Signature (JWS). The primary use case is the selective of a JSON Web Signature (JWS). The primary use case is the selective
disclosure of JSON Web Token (JWT) claims. disclosure of JSON Web Token (JWT) claims.
Status of This Memo Status of This Memo
skipping to change at line 112 skipping to change at line 112
9.12. Key Pair Generation and Lifecycle Management 9.12. Key Pair Generation and Lifecycle Management
10. Privacy Considerations 10. Privacy Considerations
10.1. Unlinkability 10.1. Unlinkability
10.2. Storage of User Data 10.2. Storage of User Data
10.3. Confidentiality During Transport 10.3. Confidentiality During Transport
10.4. Decoy Digests 10.4. Decoy Digests
10.5. Issuer Identifier 10.5. Issuer Identifier
11. IANA Considerations 11. IANA Considerations
11.1. JSON Web Token Claims Registration 11.1. JSON Web Token Claims Registration
11.2. Media Type Registrations 11.2. Media Type Registrations
11.2.1. SD-JWT Content
11.2.2. JWS JSON Serialized SD-JWT Content
11.2.3. Key Binding JWT Content
11.3. Structured Syntax Suffixes Registration 11.3. Structured Syntax Suffixes Registration
12. References 12. References
12.1. Normative References 12.1. Normative References
12.2. Informative References 12.2. Informative References
Appendix A. Additional Examples Appendix A. Additional Examples
A.1. Simple Structured SD-JWT A.1. Simple Structured SD-JWT
A.2. Complex Structured SD-JWT A.2. Complex Structured SD-JWT
A.3. SD-JWT-Based Verifiable Credentials (SD-JWT VC) A.3. SD-JWT-Based Verifiable Credentials (SD-JWT VC)
A.4. W3C Verifiable Credentials Data Model v2.0 A.4. W3C Verifiable Credentials Data Model v2.0
A.5. Elliptic Curve Key Used in the Examples A.5. Elliptic Curve Key Used in the Examples
skipping to change at line 187 skipping to change at line 184
in the SD-JWT itself. It usually does so by signing over a data in the SD-JWT itself. It usually does so by signing over a data
structure containing transaction-specific data, herein defined as the structure containing transaction-specific data, herein defined as the
Key Binding JWT. An SD-JWT with a Key Binding JWT is called "SD- Key Binding JWT. An SD-JWT with a Key Binding JWT is called "SD-
JWT+KB" in this specification. JWT+KB" in this specification.
1.1. Feature Summary 1.1. Feature Summary
This specification defines two primary data formats: This specification defines two primary data formats:
1. SD-JWT is a composite structure, consisting of a JWS plus 1. SD-JWT is a composite structure, consisting of a JWS plus
optional disclosures, enabling selective disclosure of portions optional Disclosures, enabling selective disclosure of portions
of the JWS payload. It comprises the following: of the JWS payload. It comprises the following:
* A format for enabling selective disclosure in nested JSON data * A format for enabling selective disclosure in nested JSON data
structures, supporting selectively disclosable object structures, supporting selectively disclosable object
properties (name/value pairs) and array elements. properties (name/value pairs) and array elements.
* A format for encoding the selectively disclosable data items. * A format for encoding the selectively disclosable data items.
* A format extending the JWS Compact Serialization, allowing for * A format extending the JWS Compact Serialization, allowing for
the combined transport of the Issuer-signed JSON data the combined transport of the Issuer-signed JSON data
structure and the disclosable data items. structure and the disclosable data items.
* An alternate format extending the JWS JSON Serialization, also * An alternate format extending the JWS JSON Serialization, also
allowing for transport of the Issuer-signed JSON data allowing for transport of the Issuer-signed JSON data
structure and disclosure data. structure and Disclosure data.
2. SD-JWT+KB is a composite structure of an SD-JWT and a 2. SD-JWT+KB is a composite structure of an SD-JWT and a
cryptographic key binding that can be presented to and verified cryptographic Key Binding that can be presented to and verified
by the Verifier. It comprises the following: by the Verifier. It comprises the following:
* A mechanism for associating an SD-JWT with a key pair. * A mechanism for associating an SD-JWT with a key pair.
* A format for a Key Binding JWT (KB-JWT) that allows proof of * A format for a Key Binding JWT (KB-JWT) that allows proof of
possession of the private key of the associated key pair. possession of the private key of the associated key pair.
* A format extending the SD-JWT format for the combined * A format extending the SD-JWT format for the combined
transport of the SD-JWT and the KB-JWT. transport of the SD-JWT and the KB-JWT.
skipping to change at line 409 skipping to change at line 406
* an SD-JWT (i.e., an Issuer-signed JWT and zero or more * an SD-JWT (i.e., an Issuer-signed JWT and zero or more
Disclosures), and Disclosures), and
* a Key Binding JWT. * a Key Binding JWT.
The Issuer-signed JWT, Disclosures, and Key Binding JWT are explained The Issuer-signed JWT, Disclosures, and Key Binding JWT are explained
in Sections 4.1, 4.2, and 4.3, respectively. in Sections 4.1, 4.2, and 4.3, respectively.
The compact serialized format for the SD-JWT is the concatenation of The compact serialized format for the SD-JWT is the concatenation of
each part delineated with a single tilde ('~') character as follows: each part delineated with a single tilde ('~') character as follows,
where “D.1” to “D.N” represent the respective Disclosures:
<Issuer-signed JWT>~<Disclosure 1>~<Disclosure 2>~...~<Disclosure N>~ <Issuer-signed JWT>~<D.1>~<D.2>~...~<D.N>~
The order of the concatenated parts MUST be the Issuer-signed JWT, a The order of the concatenated parts MUST be the Issuer-signed JWT, a
tilde character, zero or more Disclosures each followed by a tilde tilde character, zero or more Disclosures each followed by a tilde
character, and lastly the optional Key Binding JWT. In the case that character, and lastly the optional Key Binding JWT. In the case that
there is no Key Binding JWT, the last element MUST be an empty string there is no Key Binding JWT, the last element MUST be an empty string
and the last separating tilde character MUST NOT be omitted. and the last separating tilde character MUST NOT be omitted.
The serialized format for an SD-JWT+KB extends the SD-JWT format by The serialized format for an SD-JWT+KB extends the SD-JWT format by
concatenating a Key Binding JWT. concatenating a Key Binding JWT.
<Issuer-signed JWT>~<Disclosure 1>~<Disclosure 2>~...~<Disclosure N>~<KB-JWT> <Issuer-signed JWT>~<D.1>~<D.2>~...~<D.N>~”<KB-JWT>
The two formats can be distinguished by the final ~ character that is The two formats can be distinguished by the final ~ character that is
present on an SD-JWT. A Verifier that expects an SD-JWT MUST verify present on an SD-JWT. A Verifier that expects an SD-JWT MUST verify
that the final tilde-separated component is empty. A Verifier that that the final tilde-separated component is empty. A Verifier that
expects an SD-JWT+KB MUST verify that its final tilde-separated expects an SD-JWT+KB MUST verify that its final tilde-separated
component is a valid KB-JWT. component is a valid KB-JWT.
The Disclosures are linked to the Issuer-signed JWT through the The Disclosures are linked to the Issuer-signed JWT through the
digest values included therein. digest values included therein.
skipping to change at line 705 skipping to change at line 703
| particular instance. | particular instance.
4.2.3. Hashing Disclosures 4.2.3. Hashing Disclosures
For embedding references to the Disclosures in the SD-JWT, each For embedding references to the Disclosures in the SD-JWT, each
Disclosure is hashed using the hash algorithm specified in the Disclosure is hashed using the hash algorithm specified in the
_sd_alg claim described in Section 4.1.1, or SHA-256 if no algorithm _sd_alg claim described in Section 4.1.1, or SHA-256 if no algorithm
is specified. The resultant digest is then included in the SD-JWT is specified. The resultant digest is then included in the SD-JWT
payload instead of the original claim value, as described next. payload instead of the original claim value, as described next.
The digest MUST be taken over the US-ASCII bytes of the base64url- The digest MUST be computed over the US-ASCII bytes of the base64url-
encoded value that is the Disclosure. This follows the convention in encoded value that is the Disclosure. This follows the convention in
JWS [RFC7515] and JWE [RFC7516]. The bytes of the digest MUST then JWS [RFC7515] and JWE [RFC7516]. The bytes of the digest MUST then
be base64url encoded. be base64url encoded.
It is important to note that: It is important to note that:
* The input to the hash function MUST be the base64url-encoded * The input to the hash function MUST be the base64url-encoded
Disclosure, not the bytes encoded by the base64url string. Disclosure, not the bytes encoded by the base64url string.
* The bytes of the output of the hash function MUST be base64url * The bytes of the output of the hash function MUST be base64url
skipping to change at line 743 skipping to change at line 741
* For a claim that is an array element, the Issuer creates a * For a claim that is an array element, the Issuer creates a
Disclosure digest as described in Section 4.2.4.2. Disclosure digest as described in Section 4.2.4.2.
4.2.4.1. Object Properties 4.2.4.1. Object Properties
Digests of Disclosures for object properties are added to an array Digests of Disclosures for object properties are added to an array
under the new key _sd in the object. The _sd key MUST refer to an under the new key _sd in the object. The _sd key MUST refer to an
array of strings, each string being a digest of a Disclosure or a array of strings, each string being a digest of a Disclosure or a
decoy digest as described in Section 4.2.5. An _sd key can be decoy digest as described in Section 4.2.5. An _sd key can be
present at any level of the JSON object hierarchy, including the top- present at any level of the JSON object hierarchy, including at the
level, nested deeper as described in Section 6, or in recursive top-level, nested deeper as described in Section 6, or in recursive
disclosures as described in Section 4.2.6. disclosures as described in Section 4.2.6.
The array MAY be empty in case the Issuer decided not to selectively The array MAY be empty in case the Issuer decided not to selectively
disclose any of the claims at that level. However, it is RECOMMENDED disclose any of the claims at that level. However, it is RECOMMENDED
to omit the _sd key in this case to save space. to omit the _sd key in this case to save space.
The Issuer MUST hide the original order of the claims in the array. The Issuer MUST hide the original order of the claims in the array.
To ensure this, it is RECOMMENDED to shuffle the array of hashes, To ensure this, it is RECOMMENDED to shuffle the array of hashes,
e.g., by sorting it alphanumerically or randomly, after potentially e.g., by sorting it alphanumerically or randomly, after potentially
adding decoy digests as described in Section 4.2.5. The precise adding decoy digests as described in Section 4.2.5. The precise
skipping to change at line 786 skipping to change at line 784
typically entered as three period characters, is commonly used in typically entered as three period characters, is commonly used in
places where content is omitted from the present context. places where content is omitted from the present context.
For example, using the digest of the array element Disclosure created For example, using the digest of the array element Disclosure created
in Section 4.2.2, the Issuer could create the following SD-JWT in Section 4.2.2, the Issuer could create the following SD-JWT
payload to make the second element of the nationalities array payload to make the second element of the nationalities array
selectively disclosable: selectively disclosable:
{ {
"nationalities": "nationalities":
["DE", {"...":"w0I8EKcdCtUPkGCNUrfwVp2xEgNjtoIDlOxc9-PlOhs"}, "US"] ["DE", {"...":"w0I8EKcdCtUPkGCNUrfwVp2xEgNjtoIDlOxc9-PlOhs"},
"US"]
} }
As described in Section 7.3, Verifiers ignore all selectively As described in Section 7.3, Verifiers ignore all selectively
disclosable array elements for which they did not receive a disclosable array elements for which they did not receive a
Disclosure. In the example above, the verification process would Disclosure. In the example above, the verification process would
output an array with only two elements, ["DE", "US"], unless the output an array with only two elements, ["DE", "US"], unless the
matching Disclosure for the second element is received, in which case matching Disclosure for the second element is received, in which case
the output would be a three-element array, ["DE", "FR", "US"]. the output would be a three-element array, ["DE", "FR", "US"].
4.2.5. Decoy Digests 4.2.5. Decoy Digests
skipping to change at line 832 skipping to change at line 831
selectively disclosable fields. For example, consider the following selectively disclosable fields. For example, consider the following
JSON structure: JSON structure:
{ {
"family_name": "Möbius", "family_name": "Möbius",
"nationalities": ["DE", "FR", "UK"] "nationalities": ["DE", "FR", "UK"]
} }
When the Holder has multiple nationalities, the Issuer may wish to When the Holder has multiple nationalities, the Issuer may wish to
conceal the presence of any statement regarding nationalities while conceal the presence of any statement regarding nationalities while
also allowing the holder to reveal each of those nationalities also allowing the Holder to reveal each of those nationalities
individually. This can be accomplished by first making the entries individually. This can be accomplished by first making the entries
within the "nationalities" array selectively disclosable, and then within the "nationalities" array selectively disclosable, and then
making the whole "nationalities" field selectively disclosable. making the whole "nationalities" field selectively disclosable.
The following shows each of the entries within the "nationalities" The following shows each of the entries within the "nationalities"
array being made selectively disclosable: array being made selectively disclosable:
{ {
"family_name": "Möbius", "family_name": "Möbius",
"nationalities": [ "nationalities": [
skipping to change at line 863 skipping to change at line 863
Followed by making the whole "nationalities" array selectively Followed by making the whole "nationalities" array selectively
disclosable: disclosable:
{ {
"family_name": "Möbius", "family_name": "Möbius",
"_sd": [ "5G1srw3RG5W4pVTwSsYxeOWosRBbzd18ZoWKkC-hBL4" ] "_sd": [ "5G1srw3RG5W4pVTwSsYxeOWosRBbzd18ZoWKkC-hBL4" ]
} }
Content of Disclosures: Content of Disclosures:
PmnlrRj... = ["16_mAd0GiwaZokU26_0i0h","DE"] PmnlrRj... = ["16_mAd0GiwaZokU26_0i0h","DE"]
r823HFN... = ["fn9fN0rD-fFs2n303ZI-0c","FR"] r823HFN... = ["fn9fN0rD-fFs2n303ZI-0c","FR"]
nP5GYjw... = ["YIKesqOkXXNzMQtsX_-_lw","UK"] nP5GYjw... = ["YIKesqOkXXNzMQtsX_-_lw","UK"]
5G1srw3... = ["4drfeTtSUK3aY_-PF12gcX","nationalities", 5G1srw3... = ["4drfeTtSUK3aY_-PF12gcX","nationalities",
[ [
{ "...": "PmnlrRjhLcwf8zTDdK15HVGwHtPYjddvD362WjBLwro" }, { "...": "PmnlrRjhLcwf8zTDdK15HVGwHtPYjddvD362WjBLwro" },
{ "...": "r823HFN6Ba_lpSANYtXqqCBAH-TsQlIzfOK0lRAFLCM" }, { "...": "r823HFN6Ba_lpSANYtXqqCBAH-TsQlIzfOK0lRAFLCM" },
{ "...": "nP5GYjwhFm6ESlAeC4NCaIliW4tz0hTrUeoJB3lb5TA" } { "...": "nP5GYjwhFm6ESlAeC4NCaIliW4tz0hTrUeoJB3lb5TA" }
] ]
] ]
With this set of disclosures, the holder could include the disclosure With this set of Disclosures, the Holder could include the Disclosure
with hash PmnlrRj... to disclose only the "DE" nationality, or with hash PmnlrRj... to disclose only the "DE" nationality, or
include both PmnlrRj... and r823HFN... to disclose both the "DE" and include both PmnlrRj... and r823HFN... to disclose both the "DE" and
"FR" nationalities, but hide the "UK" nationality. In either case, "FR" nationalities, but hide the "UK" nationality. In either case,
the holder would also need to include the disclosure with hash the Holder would also need to include the Disclosure with hash
5G1srw3... to disclose the nationalities field that contains the 5G1srw3... to disclose the nationalities field that contains the
respective elements. respective elements.
Note that making recursive redactions introduces dependencies between Note that making recursive redactions introduces dependencies between
the disclosure objects in an SD-JWT. The r823HFN... disclosure the Disclosure objects in an SD-JWT. The r823HFN... Disclosure
cannot be used without the 5G1srw3... disclosure; since a Verifier cannot be used without the 5G1srw3... Disclosure; since a Verifier
would not have a matching hash that would tell it where the content would not have a matching hash that would tell it where the content
of the r823HFN... disclosure should be inserted. If a disclosure of the r823HFN... Disclosure should be inserted. If a Disclosure
object is included in an SD-JWT, then the SD-JWT MUST include any object is included in an SD-JWT, then the SD-JWT MUST include any
other disclosure objects necessary to process the first disclosure other Disclosure objects necessary to process the first Disclosure
object. In other words, any disclosure object in an SD-JWT must object. In other words, any Disclosure object in an SD-JWT must
"connect" to the claims in the issuer-signed JWT, possibly via an "connect" to the claims in the issuer-signed JWT, possibly via an
intermediate disclosure object. In the above example, it would be intermediate Disclosure object. In the above example, it would be
illegal to include any one of the PmnlrRj..., r823HFN..., nP5GYjw.. illegal to include any one of the PmnlrRj..., r823HFN..., nP5GYjw...
disclosure objects without also including the 5G1srw3... disclosure Disclosure objects without also including the 5G1srw3... Disclosure
object. object.
4.3. Key Binding JWT 4.3. Key Binding JWT
This section defines the Key Binding JWT, which encodes a signature This section defines the Key Binding JWT, which encodes a signature
over an SD-JWT by the Holder's private key. over an SD-JWT by the Holder's private key.
The Key Binding JWT MUST be a JWT according to [RFC7519], and it MUST The Key Binding JWT MUST be a JWT according to [RFC7519], and it MUST
contain the following elements: contain the following elements:
* in the JOSE header, * in the JOSE header,
- typ: REQUIRED. MUST be kb+jwt, which explicitly types the Key - typ: REQUIRED. MUST be kb+jwt, which explicitly types the Key
Binding JWT as recommended in Section 3.11 of [RFC8725]. Binding JWT as recommended in Section 3.11 of [RFC8725].
- alg: REQUIRED. A digital signature algorithm identifier such - alg: REQUIRED. A digital signature algorithm identifier such
as per the IANA "JSON Web Signature and Encryption Algorithms" as per the IANA "JSON Web Signature and Encryption Algorithms"
registry. It MUST NOT be none. registry. It MUST NOT be "none".
* in the JWT payload, * in the JWT payload,
- iat: REQUIRED. The value of this claim MUST be the time at - iat: REQUIRED. The value of this claim MUST be the time at
which the Key Binding JWT was issued using the syntax defined which the Key Binding JWT was issued using the syntax defined
in [RFC7519]. in [RFC7519].
- aud: REQUIRED. The value MUST be a single string that - aud: REQUIRED. The value MUST be a single string that
identifies the intended receiver of the Key Binding JWT. How identifies the intended receiver of the Key Binding JWT. How
the value is represented is up to the protocol used and is out the value is represented is up to the protocol used and is out
of scope for this specification. of scope for this specification.
- nonce: REQUIRED. Ensures the freshness of the signature or its - "nonce": REQUIRED. Ensures the freshness of the signature or
binding to the given transaction. The value type of this claim its binding to the given transaction. The value type of this
MUST be a string. How this value is obtained is up to the claim MUST be a string. How this value is obtained is up to
protocol used and is out of scope for this specification. the protocol used and is out of scope for this specification.
- sd_hash: REQUIRED. The base64url-encoded hash value over the - sd_hash: REQUIRED. The base64url-encoded hash value over the
Issuer-signed JWT and the selected Disclosures as defined Issuer-signed JWT and the selected Disclosures as defined
below. below.
The general extensibility model of JWT means that additional claims The general extensibility model of JWT means that additional claims
and header parameters can be added to the Key Binding JWT. However, and header parameters can be added to the Key Binding JWT. However,
unless there is a compelling reason, this SHOULD be avoided, as it unless there is a compelling reason, this SHOULD be avoided, as it
may harm interoperability and burden conceptual integrity. may harm interoperability and burden conceptual integrity.
4.3.1. Binding to an SD-JWT 4.3.1. Binding to an SD-JWT
The hash value in the sd_hash claim binds the KB-JWT to the specific The hash value in the sd_hash claim binds the KB-JWT to the specific
SD-JWT. The sd_hash value MUST be taken over the US-ASCII bytes of SD-JWT. The sd_hash value MUST be computed over the US-ASCII bytes
the encoded SD-JWT, i.e., the Issuer-signed JWT, a tilde character, of the encoded SD-JWT, i.e., the Issuer-signed JWT, a tilde
and zero or more Disclosures selected for presentation to the character, and zero or more Disclosures selected for presentation to
Verifier, each followed by a tilde character: the Verifier, each followed by a tilde character:
<Issuer-signed JWT>~<Disclosure 1>~<Disclosure 2>~...~<Disclosure N>~ <Issuer-signed JWT>~<Disclosure 1>~<Disclosure 2>~...~<Disclosure N>~
The bytes of the digest MUST then be base64url encoded. The bytes of the digest MUST then be base64url encoded.
The same hash algorithm as for the Disclosures MUST be used (defined The same hash algorithm as for the Disclosures MUST be used (defined
by the _sd_alg element in the Issuer-signed JWT or the default value, by the _sd_alg element in the Issuer-signed JWT or the default value,
as defined in Section 4.1.1). as defined in Section 4.1.1).
4.3.2. Validating the Key Binding JWT 4.3.2. Validating the Key Binding JWT
skipping to change at line 1076 skipping to change at line 1077
- Disclosure: - Disclosure:
WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJ WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJ
d d
- Contents: - Contents:
["2GLC42sKQveCfGfryNRN9w", "given_name", "John"] ["2GLC42sKQveCfGfryNRN9w", "given_name", "John"]
*Claim family_name*: * Claim family_name:
* SHA-256 Hash: - SHA-256 Hash:
TGf4oLbgwd5JQaHyKVQZU9UdGE0w5rtDsrZzfUaomLo TGf4oLbgwd5JQaHyKVQZU9UdGE0w5rtDsrZzfUaomLo
* Disclosure: - Disclosure:
WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uYW1lIiwgIkRvZSJd WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uYW1lIiwgIkRvZSJ
d
* Contents: - Contents:
["eluV5Og3gSNII8EYnsxA_A", "family_name", "Doe"] ["eluV5Og3gSNII8EYnsxA_A", "family_name", "Doe"]
*Claim email*: * Claim email:
* SHA-256 Hash: - SHA-256 Hash:
JzYjH4svliH0R3PyEMfeZu6Jt69u5qehZo7F7EPYlSE JzYjH4svliH0R3PyEMfeZu6Jt69u5qehZo7F7EPYlSE
* Disclosure: - Disclosure:
WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImVtYWlsIiwgImpvaG5kb2VAZXhhbX WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImVtYWlsIiwgImpvaG5kb2VAZXh
BsZS5jb20iXQ hbXBsZS5jb20iXQ
* Contents: - Contents:
["6Ij7tM-a5iVPGboS5tmvVA", "email", "johndoe@example.com"] ["6Ij7tM-a5iVPGboS5tmvVA", "email", "johndoe@example.com"]
*Claim phone_number*: * Claim phone_number:
* SHA-256 Hash: - SHA-256 Hash:
PorFbpKuVu6xymJagvkFsFXAbRoc2JGlAUA2BA4o7cI PorFbpKuVu6xymJagvkFsFXAbRoc2JGlAUA2BA4o7cI
* Disclosure: - Disclosure:
WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgInBob25lX251bWJlciIsICIrMS0yMD WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgInBob25lX251bWJlciIsICIrMS0
ItNTU1LTAxMDEiXQ yMDItNTU1LTAxMDEiXQ
* Contents: - Contents:
["eI8ZWm9QnKPpNPeNenHdhQ", "phone_number", "+1-202-555-0101"] ["eI8ZWm9QnKPpNPeNenHdhQ", "phone_number", "+1-202-555-0101"]
*Claim phone_number_verified*: * Claim phone_number_verified:
* SHA-256 Hash: - SHA-256 Hash:
XQ_3kPKt1XyX7KANkqVR6yZ2Va5NrPIvPYbyMvRKBMM XQ_3kPKt1XyX7KANkqVR6yZ2Va5NrPIvPYbyMvRKBMM
* Disclosure: - Disclosure:
WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgInBob25lX251bWJlcl92ZXJpZmllZC WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgInBob25lX251bWJlcl92ZXJpZml
IsIHRydWVd lZCIsIHRydWVd
* Contents: - Contents:
["Qg_O64zqAxe412a108iroA", "phone_number_verified", true] ["Qg_O64zqAxe412a108iroA", "phone_number_verified", true]
*Claim address*: * Claim address:
* SHA-256 Hash: - SHA-256 Hash:
XzFrzwscM6Gn6CJDc6vVK8BkMnfG8vOSKfpPIZdAfdE XzFrzwscM6Gn6CJDc6vVK8BkMnfG8vOSKfpPIZdAfdE
* Disclosure: - Disclosure:
WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImFkZHJlc3MiLCB7InN0cmVldF9hZG WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImFkZHJlc3MiLCB7InN0cmVldF9
RyZXNzIjogIjEyMyBNYWluIFN0IiwgImxvY2FsaXR5IjogIkFueXRvd24iLCAicmVn hZGRyZXNzIjogIjEyMyBNYWluIFN0IiwgImxvY2FsaXR5IjogIkFueXRvd24iLC
aW9uIjogIkFueXN0YXRlIiwgImNvdW50cnkiOiAiVVMifV0 AicmVnaW9uIjogIkFueXN0YXRlIiwgImNvdW50cnkiOiAiVVMifV0
* Contents: - Contents:
["AJx-095VPrpTtN4QMOqROA", "address", {"street_address": "123 Main ["AJx-095VPrpTtN4QMOqROA", "address", {"street_address": "123
St", "locality": "Anytown", "region": "Anystate", "country": Main St", "locality": "Anytown", "region": "Anystate",
"US"}] "country": "US"}]
*Claim birthdate*: * Claim birthdate:
* SHA-256 Hash: - SHA-256 Hash:
gbOsI4Edq2x2Kw-w5wPEzakob9hV1cRD0ATN3oQL9JM gbOsI4Edq2x2Kw-w5wPEzakob9hV1cRD0ATN3oQL9JM
* Disclosure: - Disclosure:
WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImJpcnRoZGF0ZSIsICIxOTQwLTAxLT WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImJpcnRoZGF0ZSIsICIxOTQwLTA
AxIl0 xLTAxIl0
* Contents: - Contents:
["Pc33JM2LchcU_lHggv_ufQ", "birthdate", "1940-01-01"] ["Pc33JM2LchcU_lHggv_ufQ", "birthdate", "1940-01-01"]
*Claim updated_at*: * Claim updated_at:
* SHA-256 Hash: - SHA-256 Hash:
CrQe7S5kqBAHt-nMYXgc6bdt2SH5aTY1sU_M-PgkjPI CrQe7S5kqBAHt-nMYXgc6bdt2SH5aTY1sU_M-PgkjPI
* Disclosure: - Disclosure:
WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgInVwZGF0ZWRfYXQiLCAxNTcwMDAwMD WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgInVwZGF0ZWRfYXQiLCAxNTcwMDA
AwXQ wMDAwXQ
* Contents: - Contents:
["G02NSrQfjFXQ7Io09syajA", "updated_at", 1570000000] ["G02NSrQfjFXQ7Io09syajA", "updated_at", 1570000000]
*Array Entry*: * Array Entry:
* SHA-256 Hash: - SHA-256 Hash:
pFndjkZ_VCzmyTa6UjlZo3dh-ko8aIKQc9DlGzhaVYo pFndjkZ_VCzmyTa6UjlZo3dh-ko8aIKQc9DlGzhaVYo
* Disclosure: - Disclosure:
WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgIlVTIl0 WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgIlVTIl0
* Contents: - Contents:
["lklxF5jMYlGTPUovMNIvCA", "US"] ["lklxF5jMYlGTPUovMNIvCA", "US"]
*Array Entry*: * Array Entry:
* SHA-256 Hash: - SHA-256 Hash:
7Cf6JkPudry3lcbwHgeZ8khAv1U1OSlerP0VkBJrWZ0 7Cf6JkPudry3lcbwHgeZ8khAv1U1OSlerP0VkBJrWZ0
* Disclosure: - Disclosure:
WyJuUHVvUW5rUkZxM0JJZUFtN0FuWEZBIiwgIkRFIl0 WyJuUHVvUW5rUkZxM0JJZUFtN0FuWEZBIiwgIkRFIl0
* Contents: - Contents:
["nPuoQnkRFq3BIeAm7AnXFA", "DE"] ["nPuoQnkRFq3BIeAm7AnXFA", "DE"]
The payload is then signed by the Issuer to create the following The payload is then signed by the Issuer to create the following
Issuer-signed JWT: Issuer-signed JWT:
eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImV4YW1wbGUrc2Qtand0In0.eyJfc2QiOiBb eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImV4YW1wbGUrc2Qtand0In0.eyJfc2QiOiBb
IkNyUWU3UzVrcUJBSHQtbk1ZWGdjNmJkdDJTSDVhVFkxc1VfTS1QZ2tqUEkiLCAiSnpZ IkNyUWU3UzVrcUJBSHQtbk1ZWGdjNmJkdDJTSDVhVFkxc1VfTS1QZ2tqUEkiLCAiSnpZ
akg0c3ZsaUgwUjNQeUVNZmVadTZKdDY5dTVxZWhabzdGN0VQWWxTRSIsICJQb3JGYnBL akg0c3ZsaUgwUjNQeUVNZmVadTZKdDY5dTVxZWhabzdGN0VQWWxTRSIsICJQb3JGYnBL
dVZ1Nnh5bUphZ3ZrRnNGWEFiUm9jMkpHbEFVQTJCQTRvN2NJIiwgIlRHZjRvTGJnd2Q1 dVZ1Nnh5bUphZ3ZrRnNGWEFiUm9jMkpHbEFVQTJCQTRvN2NJIiwgIlRHZjRvTGJnd2Q1
SlFhSHlLVlFaVTlVZEdFMHc1cnREc3JaemZVYW9tTG8iLCAiWFFfM2tQS3QxWHlYN0tB SlFhSHlLVlFaVTlVZEdFMHc1cnREc3JaemZVYW9tTG8iLCAiWFFfM2tQS3QxWHlYN0tB
TmtxVlI2eVoyVmE1TnJQSXZQWWJ5TXZSS0JNTSIsICJYekZyendzY002R242Q0pEYzZ2 TmtxVlI2eVoyVmE1TnJQSXZQWWJ5TXZSS0JNTSIsICJYekZyendzY002R242Q0pEYzZ2
skipping to change at line 1385 skipping to change at line 1387
"street_address": "Schulstr. 12", "street_address": "Schulstr. 12",
"locality": "Schulpforta", "locality": "Schulpforta",
"region": "Sachsen-Anhalt", "region": "Sachsen-Anhalt",
"country": "DE" "country": "DE"
} }
} }
| Note: The following examples of the structures are non- | Note: The following examples of the structures are non-
| normative and are not intended to represent all possible | normative and are not intended to represent all possible
| options. They are also not meant to define or restrict how | options. They are also not meant to define or restrict how
| address can be represented in an SD-JWT. | address claim can be represented in an SD-JWT.
6.1. Example: Flat SD-JWT 6.1. Example: Flat SD-JWT
The Issuer can decide to treat the address claim as a block that can The Issuer can decide to treat the address claim as a block that can
either be disclosed completely or not at all. The following example either be disclosed completely or not at all. The following example
shows that in this case, the entire address claim is treated as an shows that in this case, the entire address claim is treated as an
object in the Disclosure. object in the Disclosure.
{ {
"_sd": [ "_sd": [
skipping to change at line 1408 skipping to change at line 1410
"iss": "https://issuer.example.com", "iss": "https://issuer.example.com",
"iat": 1683000000, "iat": 1683000000,
"exp": 1883000000, "exp": 1883000000,
"sub": "6c5c0a49-b589-431d-bae7-219122a9ec2c", "sub": "6c5c0a49-b589-431d-bae7-219122a9ec2c",
"_sd_alg": "sha-256" "_sd_alg": "sha-256"
} }
The Issuer would create the following Disclosure referenced by the The Issuer would create the following Disclosure referenced by the
one hash in the SD-JWT: one hash in the SD-JWT:
*Claim address*: * Claim address:
* SHA-256 Hash: - SHA-256 Hash:
fOBUSQvo46yQO-wRwXBcGqvnbKIueISEL961_Sjd4do fOBUSQvo46yQO-wRwXBcGqvnbKIueISEL961_Sjd4do
* Disclosure: - Disclosure:
WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImFkZHJlc3MiLCB7InN0cmVldF9hZG WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImFkZHJlc3MiLCB7InN0cmVldF9
RyZXNzIjogIlNjaHVsc3RyLiAxMiIsICJsb2NhbGl0eSI6ICJTY2h1bHBmb3J0YSIs hZGRyZXNzIjogIlNjaHVsc3RyLiAxMiIsICJsb2NhbGl0eSI6ICJTY2h1bHBmb3
ICJyZWdpb24iOiAiU2FjaHNlbi1BbmhhbHQiLCAiY291bnRyeSI6ICJERSJ9XQ J0YSIsICJyZWdpb24iOiAiU2FjaHNlbi1BbmhhbHQiLCAiY291bnRyeSI6ICJER
SJ9XQ
* Contents: - Contents:
["2GLC42sKQveCfGfryNRN9w", "address", {"street_address": ["2GLC42sKQveCfGfryNRN9w", "address", {"street_address":
"Schulstr. 12", "locality": "Schulpforta", "region": "Sachsen- "Schulstr. 12", "locality": "Schulpforta", "region": "Sachsen-
Anhalt", "country": "DE"}] Anhalt", "country": "DE"}]
6.2. Example: Structured SD-JWT 6.2. Example: Structured SD-JWT
The Issuer may instead decide to make the address claim contents The Issuer may instead decide to make the address claim contents
selectively disclosable individually: selectively disclosable individually:
{ {
"iss": "https://issuer.example.com", "iss": "https://issuer.example.com",
"iat": 1683000000, "iat": 1683000000,
"exp": 1883000000, "exp": 1883000000,
skipping to change at line 1450 skipping to change at line 1453
"KURDPh4ZC19-3tiz-Df39V8eidy1oV3a3H1Da2N0g88", "KURDPh4ZC19-3tiz-Df39V8eidy1oV3a3H1Da2N0g88",
"WN9r9dCBJ8HTCsS2jKASxTjEyW5m5x65_Z_2ro2jfXM" "WN9r9dCBJ8HTCsS2jKASxTjEyW5m5x65_Z_2ro2jfXM"
] ]
}, },
"_sd_alg": "sha-256" "_sd_alg": "sha-256"
} }
In this case, the Issuer would use the following data in the In this case, the Issuer would use the following data in the
Disclosures for the address sub-claims: Disclosures for the address sub-claims:
*Claim street_address*: * Claim street_address:
* SHA-256 Hash: - SHA-256 Hash:
9gjVuXtdFROCgRrtNcGUXmF65rdezi_6Er_j76kmYyM 9gjVuXtdFROCgRrtNcGUXmF65rdezi_6Er_j76kmYyM
* Disclosure: - Disclosure:
WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgInN0cmVldF9hZGRyZXNzIiwgIlNjaH WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgInN0cmVldF9hZGRyZXNzIiwgIlN
Vsc3RyLiAxMiJd jaHVsc3RyLiAxMiJd
* Contents: - Contents:
["2GLC42sKQveCfGfryNRN9w", "street_address", "Schulstr. 12"] ["2GLC42sKQveCfGfryNRN9w", "street_address", "Schulstr. 12"]
*Claim locality*: * Claim locality:
* SHA-256 Hash: - SHA-256 Hash:
6vh9bq-zS4GKM_7GpggVbYzzu6oOGXrmNVGPHP75Ud0 6vh9bq-zS4GKM_7GpggVbYzzu6oOGXrmNVGPHP75Ud0
* Disclosure: - Disclosure:
WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImxvY2FsaXR5IiwgIlNjaHVscGZvcn WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImxvY2FsaXR5IiwgIlNjaHVscGZ
RhIl0 vcnRhIl0
* Contents: - Contents:
["eluV5Og3gSNII8EYnsxA_A", "locality", "Schulpforta"] ["eluV5Og3gSNII8EYnsxA_A", "locality", "Schulpforta"]
*Claim region*: * Claim region:
* SHA-256 Hash: - SHA-256 Hash:
KURDPh4ZC19-3tiz-Df39V8eidy1oV3a3H1Da2N0g88 KURDPh4ZC19-3tiz-Df39V8eidy1oV3a3H1Da2N0g88
* Disclosure: - Disclosure:
WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgInJlZ2lvbiIsICJTYWNoc2VuLUFuaG WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgInJlZ2lvbiIsICJTYWNoc2VuLUF
FsdCJd uaGFsdCJd
* Contents: - Contents:
["6Ij7tM-a5iVPGboS5tmvVA", "region", "Sachsen-Anhalt"] ["6Ij7tM-a5iVPGboS5tmvVA", "region", "Sachsen-Anhalt"]
*Claim country*: * Claim country:
* SHA-256 Hash: - SHA-256 Hash:
WN9r9dCBJ8HTCsS2jKASxTjEyW5m5x65_Z_2ro2jfXM WN9r9dCBJ8HTCsS2jKASxTjEyW5m5x65_Z_2ro2jfXM
* Disclosure: - Disclosure:
WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgImNvdW50cnkiLCAiREUiXQ WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgImNvdW50cnkiLCAiREUiXQ
* Contents: - Contents:
["eI8ZWm9QnKPpNPeNenHdhQ", "country", "DE"] ["eI8ZWm9QnKPpNPeNenHdhQ", "country", "DE"]
The Issuer may also make one sub-claim of address permanently The Issuer may also make one sub-claim of address permanently
disclosed and hide only the other sub-claims: disclosed and hide only the other sub-claims:
{ {
"iss": "https://issuer.example.com", "iss": "https://issuer.example.com",
"iat": 1683000000, "iat": 1683000000,
"exp": 1883000000, "exp": 1883000000,
"sub": "6c5c0a49-b589-431d-bae7-219122a9ec2c", "sub": "6c5c0a49-b589-431d-bae7-219122a9ec2c",
"address": { "address": {
skipping to change at line 1551 skipping to change at line 1554
"iss": "https://issuer.example.com", "iss": "https://issuer.example.com",
"iat": 1683000000, "iat": 1683000000,
"exp": 1883000000, "exp": 1883000000,
"sub": "6c5c0a49-b589-431d-bae7-219122a9ec2c", "sub": "6c5c0a49-b589-431d-bae7-219122a9ec2c",
"_sd_alg": "sha-256" "_sd_alg": "sha-256"
} }
The Issuer first creates Disclosures for the sub-claims and then The Issuer first creates Disclosures for the sub-claims and then
includes their digests in the Disclosure for the address claim: includes their digests in the Disclosure for the address claim:
*Claim street_address*: * Claim street_address:
* SHA-256 Hash: - SHA-256 Hash:
9gjVuXtdFROCgRrtNcGUXmF65rdezi_6Er_j76kmYyM 9gjVuXtdFROCgRrtNcGUXmF65rdezi_6Er_j76kmYyM
* Disclosure: - Disclosure:
WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgInN0cmVldF9hZGRyZXNzIiwgIlNjaH WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgInN0cmVldF9hZGRyZXNzIiwgIlN
Vsc3RyLiAxMiJd jaHVsc3RyLiAxMiJd
* Contents: - Contents:
["2GLC42sKQveCfGfryNRN9w", "street_address", "Schulstr. 12"] ["2GLC42sKQveCfGfryNRN9w", "street_address", "Schulstr. 12"]
*Claim locality*: * Claim locality:
* SHA-256 Hash: - SHA-256 Hash:
6vh9bq-zS4GKM_7GpggVbYzzu6oOGXrmNVGPHP75Ud0 6vh9bq-zS4GKM_7GpggVbYzzu6oOGXrmNVGPHP75Ud0
* Disclosure: - Disclosure:
WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImxvY2FsaXR5IiwgIlNjaHVscGZvcn WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImxvY2FsaXR5IiwgIlNjaHVscGZ
RhIl0 vcnRhIl0
* Contents: - Contents:
["eluV5Og3gSNII8EYnsxA_A", "locality", "Schulpforta"] ["eluV5Og3gSNII8EYnsxA_A", "locality", "Schulpforta"]
*Claim region*: * Claim region:
* SHA-256 Hash: - SHA-256 Hash:
KURDPh4ZC19-3tiz-Df39V8eidy1oV3a3H1Da2N0g88 KURDPh4ZC19-3tiz-Df39V8eidy1oV3a3H1Da2N0g88
* Disclosure: - Disclosure:
WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgInJlZ2lvbiIsICJTYWNoc2VuLUFuaG WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgInJlZ2lvbiIsICJTYWNoc2VuLUF
FsdCJd uaGFsdCJd
* Contents: - Contents:
["6Ij7tM-a5iVPGboS5tmvVA", "region", "Sachsen-Anhalt"] ["6Ij7tM-a5iVPGboS5tmvVA", "region", "Sachsen-Anhalt"]
*Claim country*: * Claim country:
* SHA-256 Hash: - SHA-256 Hash:
WN9r9dCBJ8HTCsS2jKASxTjEyW5m5x65_Z_2ro2jfXM WN9r9dCBJ8HTCsS2jKASxTjEyW5m5x65_Z_2ro2jfXM
* Disclosure: - Disclosure:
WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgImNvdW50cnkiLCAiREUiXQ WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgImNvdW50cnkiLCAiREUiXQ
* Contents: - Contents:
["eI8ZWm9QnKPpNPeNenHdhQ", "country", "DE"] ["eI8ZWm9QnKPpNPeNenHdhQ", "country", "DE"]
*Claim address*: * Claim address:
* SHA-256 Hash: - SHA-256 Hash:
HvrKX6fPV0v9K_yCVFBiLFHsMaxcD_114Em6VT8x1lg HvrKX6fPV0v9K_yCVFBiLFHsMaxcD_114Em6VT8x1lg
* Disclosure: - Disclosure:
WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImFkZHJlc3MiLCB7Il9zZCI6IFsiNn WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImFkZHJlc3MiLCB7Il9zZCI6IFs
ZoOWJxLXpTNEdLTV83R3BnZ1ZiWXp6dTZvT0dYcm1OVkdQSFA3NVVkMCIsICI5Z2pW iNnZoOWJxLXpTNEdLTV83R3BnZ1ZiWXp6dTZvT0dYcm1OVkdQSFA3NVVkMCIsIC
dVh0ZEZST0NnUnJ0TmNHVVhtRjY1cmRlemlfNkVyX2o3NmttWXlNIiwgIktVUkRQaD I5Z2pWdVh0ZEZST0NnUnJ0TmNHVVhtRjY1cmRlemlfNkVyX2o3NmttWXlNIiwgI
RaQzE5LTN0aXotRGYzOVY4ZWlkeTFvVjNhM0gxRGEyTjBnODgiLCAiV045cjlkQ0JK ktVUkRQaDRaQzE5LTN0aXotRGYzOVY4ZWlkeTFvVjNhM0gxRGEyTjBnODgiLCAi
OEhUQ3NTMmpLQVN4VGpFeVc1bTV4NjVfWl8ycm8yamZYTSJdfV0 V045cjlkQ0JKOEhUQ3NTMmpLQVN4VGpFeVc1bTV4NjVfWl8ycm8yamZYTSJdfV0
* Contents: - Contents:
["Qg_O64zqAxe412a108iroA", "address", {"_sd": ["6vh9bq- ["Qg_O64zqAxe412a108iroA", "address", {"_sd": ["6vh9bq-
zS4GKM_7GpggVbYzzu6oOGXrmNVGPHP75Ud0", zS4GKM_7GpggVbYzzu6oOGXrmNVGPHP75Ud0",
"9gjVuXtdFROCgRrtNcGUXmF65rdezi_6Er_j76kmYyM", "KURDPh4ZC19-3tiz- "9gjVuXtdFROCgRrtNcGUXmF65rdezi_6Er_j76kmYyM", "KURDPh4ZC19-
Df39V8eidy1oV3a3H1Da2N0g88", 3tiz-Df39V8eidy1oV3a3H1Da2N0g88",
"WN9r9dCBJ8HTCsS2jKASxTjEyW5m5x65_Z_2ro2jfXM"]}] "WN9r9dCBJ8HTCsS2jKASxTjEyW5m5x65_Z_2ro2jfXM"]}]
7. Verification and Processing 7. Verification and Processing
7.1. Verification of the SD-JWT 7.1. Verification of the SD-JWT
Upon receiving an SD-JWT, either directly or as a component of an SD- Upon receiving an SD-JWT, either directly or as a component of an SD-
JWT+KB, a Holder or Verifier needs to ensure that: JWT+KB, a Holder or Verifier needs to ensure that:
* the Issuer-signed JWT is valid, and * the Issuer-signed JWT is valid, and
skipping to change at line 1655 skipping to change at line 1658
The Holder or the Verifier MUST perform the following checks when The Holder or the Verifier MUST perform the following checks when
receiving an SD-JWT to validate the SD-JWT and extract the payload: receiving an SD-JWT to validate the SD-JWT and extract the payload:
1. Separate the SD-JWT into the Issuer-signed JWT and the 1. Separate the SD-JWT into the Issuer-signed JWT and the
Disclosures (if any). Disclosures (if any).
2. Validate the Issuer-signed JWT: 2. Validate the Issuer-signed JWT:
a. Ensure that the used signing algorithm was deemed secure for a. Ensure that the used signing algorithm was deemed secure for
the application. Refer to [RFC8725], Sections 3.1 and 3.2 the application. Refer to [RFC8725], Sections 3.1 and 3.2
for details. The none algorithm MUST NOT be accepted. for details. The "none" algorithm MUST NOT be accepted.
b. Validate the signature over the Issuer-signed JWT per b. Validate the signature over the Issuer-signed JWT per
Section 5.2 of [RFC7515]. Section 5.2 of [RFC7515].
c. Validate the Issuer and that the signing key belongs to this c. Validate the Issuer and that the signing key belongs to this
Issuer. Issuer.
d. Check that the _sd_alg claim value is understood and the hash d. Check that the _sd_alg claim value is understood and the hash
algorithm is deemed secure according to the Holder or algorithm is deemed secure according to the Holder or
Verifier's policy (see Section 4.1.1). Verifier's policy (see Section 4.1.1).
skipping to change at line 1841 skipping to change at line 1844
4. Process the SD-JWT as defined in Section 7.1 to validate the 4. Process the SD-JWT as defined in Section 7.1 to validate the
presentation and extract the payload. presentation and extract the payload.
5. If Key Binding is required: 5. If Key Binding is required:
a. Determine the public key for the Holder from the SD-JWT (see a. Determine the public key for the Holder from the SD-JWT (see
Section 4.1.2). Section 4.1.2).
b. Ensure that a signing algorithm was used that was deemed b. Ensure that a signing algorithm was used that was deemed
secure for the application. Refer to [RFC8725], Sections 3.1 secure for the application. Refer to [RFC8725], Sections 3.1
and 3.2 for details. The none algorithm MUST NOT be and 3.2 for details. The "none" algorithm MUST NOT be
accepted. accepted.
c. Validate the signature over the Key Binding JWT per c. Validate the signature over the Key Binding JWT per
Section 5.2 of [RFC7515]. Section 5.2 of [RFC7515].
d. Check that the typ of the Key Binding JWT is kb+jwt (see d. Check that the typ of the Key Binding JWT is kb+jwt (see
Section 4.3). Section 4.3).
e. Check that the creation time of the Key Binding JWT, as e. Check that the creation time of the Key Binding JWT, as
determined by the iat claim, is within an acceptable window. determined by the iat claim, is within an acceptable window.
skipping to change at line 1891 skipping to change at line 1894
[RFC7515]. The following new unprotected header parameters are [RFC7515]. The following new unprotected header parameters are
defined: defined:
disclosures: An array of strings where each element is an individual disclosures: An array of strings where each element is an individual
Disclosure as described in Section 4.2. Disclosure as described in Section 4.2.
kb_jwt: Present only in an SD-JWT+KB, the Key Binding JWT as kb_jwt: Present only in an SD-JWT+KB, the Key Binding JWT as
described in Section 4.3. described in Section 4.3.
In an SD-JWT+KB, kb_jwt MUST be present when using the JWS JSON In an SD-JWT+KB, kb_jwt MUST be present when using the JWS JSON
Serialization, and the digest in the sd_hash claim MUST be taken over Serialization, and the digest in the sd_hash claim MUST be computed
the SD-JWT as described in Section 4.3.1. This means that even when over the SD-JWT as described in Section 4.3.1. This means that even
using the JWS JSON Serialization, the representation as a regular SD- when using the JWS JSON Serialization, the representation as a
JWT Compact Serialization MUST be created temporarily to calculate regular SD-JWT Compact Serialization MUST be created temporarily to
the digest. In detail, the SD-JWT Compact Serialization part is calculate the digest. In detail, the SD-JWT Compact Serialization
built by concatenating the protected header, the payload, and the part is built by concatenating the protected header, the payload, and
signature of the JWS JSON serialized SD-JWT using a . character as a the signature of the JWS JSON serialized SD-JWT using a . character
separator, and using the Disclosures from the disclosures member of as a separator, and using the Disclosures from the disclosures member
the unprotected header. of the unprotected header.
Unprotected headers other than disclosures are not covered by the Unprotected headers other than disclosures are not covered by the
digest, and therefore, as usual, are not protected against tampering. digest, and therefore, as usual, are not protected against tampering.
8.2. Flattened JSON Serialization 8.2. Flattened JSON Serialization
In the case of Flattened JSON Serialization, there is only one In the case of Flattened JSON Serialization, there is only one
unprotected header. unprotected header.
The following is a non-normative example of a JWS JSON serialized SD- The following is a non-normative example of a JWS JSON serialized SD-
skipping to change at line 2047 skipping to change at line 2050
of the unprotected header. of the unprotected header.
* To verify the digest in sd_hash in the Key Binding JWT of an SD- * To verify the digest in sd_hash in the Key Binding JWT of an SD-
JWT+KB, the Verifier MUST assemble the string to be hashed as JWT+KB, the Verifier MUST assemble the string to be hashed as
described in Section 8.1. described in Section 8.1.
9. Security Considerations 9. Security Considerations
The security considerations help achieve the following properties: The security considerations help achieve the following properties:
*Selective Disclosure:* Selective Disclosure:
An adversary in the role of the Verifier cannot obtain information An adversary in the role of the Verifier cannot obtain information
from an SD-JWT about any claim name or claim value that was not from an SD-JWT about any claim name or claim value that was not
explicitly disclosed by the Holder unless that information can be explicitly disclosed by the Holder unless that information can be
derived from other disclosed claims or sources other than the derived from other disclosed claims or sources other than the
presented SD-JWT. presented SD-JWT.
*Integrity:* Integrity:
A malicious Holder cannot modify names or values of selectively A malicious Holder cannot modify names or values of selectively
disclosable claims without detection by the Verifier. disclosable claims without detection by the Verifier.
Additionally, as described in Section 9.5, the application of Key Additionally, as described in Section 9.5, the application of Key
Binding can ensure that the presenter of an SD-JWT credential is Binding can ensure that the presenter of an SD-JWT credential is the
the Holder of the credential. Holder of the credential.
9.1. Mandatory Signing of the Issuer-Signed JWT 9.1. Mandatory Signing of the Issuer-Signed JWT
The JWT MUST be signed by the Issuer to protect the integrity of the The JWT MUST be signed by the Issuer to protect the integrity of the
issued claims. An attacker can modify or add claims if this JWT is issued claims. An attacker can modify or add claims if this JWT is
not signed (e.g., change the "email" attribute to take over the not signed (e.g., change the "email" attribute to take over the
victim's account or add an attribute indicating a fake academic victim's account or add an attribute indicating a fake academic
qualification). qualification).
The Verifier MUST always check the signature of the Issuer-signed JWT The Verifier MUST always check the signature of the Issuer-signed JWT
skipping to change at line 2132 skipping to change at line 2135
in the structure of the SD-JWT. This can be seen in the example in in the structure of the SD-JWT. This can be seen in the example in
Appendix A.2, where multiple claims with the name type appear, but Appendix A.2, where multiple claims with the name type appear, but
each of them has a different salt. each of them has a different salt.
9.4. Choice of a Hash Algorithm 9.4. Choice of a Hash Algorithm
To ensure privacy of claims that are selectively disclosable but are To ensure privacy of claims that are selectively disclosable but are
not being disclosed in a given presentation, the hash function MUST not being disclosed in a given presentation, the hash function MUST
ensure that it is infeasible to calculate any portion of the three ensure that it is infeasible to calculate any portion of the three
elements (salt, claim name, claim value) from a particular digest. elements (salt, claim name, claim value) from a particular digest.
This implies the hash function MUST be preimage resistant, but should This implies the hash function MUST be preimage resistant and should
also not allow an observer to infer any partial information about the also not allow an observer to infer any partial information about the
undisclosed content. In the terminology of cryptographic commitment undisclosed content. In the terminology of cryptographic commitment
schemes, the hash function needs to be computationally hiding. schemes, the hash function needs to be computationally hiding.
To ensure the integrity of selectively disclosable claims, the hash To ensure the integrity of selectively disclosable claims, the hash
function MUST be second-preimage resistant. That is, for any function MUST be second-preimage resistant. That is, for any
combination of salt, claim name, and claim value, it is infeasible to combination of salt, claim name, and claim value, it is infeasible to
find a different combination of salt, claim name, and claim value find a different combination of salt, claim name, and claim value
that results in the same digest. that results in the same digest.
The hash function SHOULD also be collision resistant. Although not The hash function SHOULD also be collision resistant. Although not
essential to the anticipated uses of SD-JWT, without collision essential to the anticipated uses of SD-JWT, without collision
resistance an Issuer may be able to find multiple disclosures that resistance an Issuer may be able to find multiple Disclosures that
have the same hash value. In which case, the signature over the SD- have the same hash value. In which case, the signature over the SD-
JWT would not then commit the Issuer to the contents of the JWT. The JWT would not then commit the Issuer to the contents of the JWT. The
collision resistance of the hash function used to generate digests collision resistance of the hash function used to generate digests
SHOULD match the collision resistance of the hash function used by SHOULD match the collision resistance of the hash function used by
the signature scheme. For example, use of the ES512 signature the signature scheme. For example, use of the ES512 signature
algorithm would require a disclosure hash function with at least algorithm would require a disclosure hash function with at least
256-bit collision resistance, such as SHA-512. 256-bit collision resistance, such as SHA-512.
Inclusion in the "Named Information Hash Algorithm Registry" Inclusion in the "Named Information Hash Algorithm Registry"
[Hash.Algs] alone does not indicate a hash algorithm's suitability [Hash.Algs] alone does not indicate a hash algorithm's suitability
skipping to change at line 2436 skipping to change at line 2439
manner that preserves privacy and does not disclose details about the manner that preserves privacy and does not disclose details about the
credential to the Issuer (the mechanism described in [TSL] is an credential to the Issuer (the mechanism described in [TSL] is an
example of an approach that discloses minimal information towards the example of an approach that discloses minimal information towards the
Issuer). It is important to note that the timing of such requests Issuer). It is important to note that the timing of such requests
could potentially serve as a side channel. could potentially serve as a side channel.
Verifier/Verifier unlinkability and presentation unlinkability can be Verifier/Verifier unlinkability and presentation unlinkability can be
achieved using batch issuance: A batch of credentials based on the achieved using batch issuance: A batch of credentials based on the
same claims is issued to the Holder instead of just a single same claims is issued to the Holder instead of just a single
credential. The Holder can then use a different credential for each credential. The Holder can then use a different credential for each
Verifier or even for each session with a Verifier. New key binding Verifier or even for each session with a Verifier. New Key Binding
keys and salts MUST be used for each credential in the batch to keys and salts MUST be used for each credential in the batch to
ensure that the Verifiers cannot link the credentials using these ensure that the Verifiers cannot link the credentials using these
values. Likewise, claims carrying time information, like iat, exp, values. Likewise, claims carrying time information, like iat, exp,
and nbf, MUST either be randomized within a time period considered and nbf, MUST either be randomized within a time period considered
appropriate (e.g., randomize iat within the last 24 hours and appropriate (e.g., randomize iat within the last 24 hours and
calculate exp accordingly) or rounded (e.g., rounded down to the calculate exp accordingly) or rounded (e.g., rounded down to the
beginning of the day). beginning of the day).
SD-JWT only conceals the value of claims that are not revealed. It SD-JWT only conceals the value of claims that are not revealed. It
does not meet the security properties for anonymous credentials does not meet the security properties for anonymous credentials
skipping to change at line 2556 skipping to change at line 2559
For example, if a cancer research institute only issued SD-JWTs with For example, if a cancer research institute only issued SD-JWTs with
cancer registry information, it is possible to deduce that the Holder cancer registry information, it is possible to deduce that the Holder
owning its SD-JWT is a cancer patient. owning its SD-JWT is a cancer patient.
Moreover, the Issuer identifier alone may reveal information about Moreover, the Issuer identifier alone may reveal information about
the user. the user.
For example, when a military organization or a drug rehabilitation For example, when a military organization or a drug rehabilitation
center issues a vaccine credential, Verifiers can deduce that the center issues a vaccine credential, Verifiers can deduce that the
holder is a military member or may have a substance use disorder. Holder is a military member or may have a substance use disorder.
To mitigate this issue, a group of issuers may elect to use a common To mitigate this issue, a group of issuers may elect to use a common
Issuer identifier. A group signature scheme outside the scope of Issuer identifier. A group signature scheme outside the scope of
this specification may also be used, instead of an individual this specification may also be used, instead of an individual
signature. signature.
11. IANA Considerations 11. IANA Considerations
11.1. JSON Web Token Claims Registration 11.1. JSON Web Token Claims Registration
skipping to change at line 2814 skipping to change at line 2817
DOI 10.17487/RFC8725, February 2020, DOI 10.17487/RFC8725, February 2020,
<https://www.rfc-editor.org/info/rfc8725>. <https://www.rfc-editor.org/info/rfc8725>.
12.2. Informative References 12.2. Informative References
[CL01] Camenisch, J. and A. Lysyanskaya, "An Efficient System for [CL01] Camenisch, J. and A. Lysyanskaya, "An Efficient System for
Non-Transferable Anonymous Credentials with Optional Non-Transferable Anonymous Credentials with Optional
Anonymity Revocation", Cryptology ePrint Archive, Paper Anonymity Revocation", Cryptology ePrint Archive, Paper
2001/019, 2001, <https://eprint.iacr.org/2001/019.pdf>. 2001/019, 2001, <https://eprint.iacr.org/2001/019.pdf>.
[EUDIW.ARF]
European Commission, "The European Digital Identity Wallet
Architecture and Reference Framework", <https://eu-
digital-identity-wallet.github.io/eudi-doc-architecture-
and-reference-framework>.
[Hash.Algs] [Hash.Algs]
IANA, "Named Information Hash Algorithm Registry", IANA, "Named Information Hash Algorithm Registry",
<https://www.iana.org/assignments/named-information>. <https://www.iana.org/assignments/named-information>.
[ISO.18013-5] [ISO.18013-5]
ISO/IEC, "Personal identification - ISO-compliant driving ISO/IEC, "Personal identification - ISO-compliant driving
license — Part 5: Mobile driving license (mDL) license — Part 5: Mobile driving license (mDL)
application", ISO/IEC 18013-5:2021, September 2021, application", ISO/IEC 18013-5:2021, September 2021,
<https://www.iso.org/standard/69084.html>. <https://www.iso.org/standard/69084.html>.
skipping to change at line 2978 skipping to change at line 2975
"rvJd6iq6T5ejmsBMoGwuNXh9qAAFATAci40oidEeVsA", "rvJd6iq6T5ejmsBMoGwuNXh9qAAFATAci40oidEeVsA",
"uNHoWYhXsZhVJCNE2Dqy-zqt7t69gJKy5QaFv7GrMX4" "uNHoWYhXsZhVJCNE2Dqy-zqt7t69gJKy5QaFv7GrMX4"
] ]
}, },
"_sd_alg": "sha-256" "_sd_alg": "sha-256"
} }
The digests in the SD-JWT payload reference the following The digests in the SD-JWT payload reference the following
Disclosures: Disclosures:
*Claim sub*: * Claim sub:
* SHA-256 Hash: - SHA-256 Hash:
X6ZAYOII2vPN40V7xExZwVwz7yRmLNcVwt5DL8RLv4g X6ZAYOII2vPN40V7xExZwVwz7yRmLNcVwt5DL8RLv4g
* Disclosure: - Disclosure:
WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgInN1YiIsICI2YzVjMGE0OS1iNTg5LT WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgInN1YiIsICI2YzVjMGE0OS1iNTg
QzMWQtYmFlNy0yMTkxMjJhOWVjMmMiXQ 5LTQzMWQtYmFlNy0yMTkxMjJhOWVjMmMiXQ
* Contents: - Contents:
["2GLC42sKQveCfGfryNRN9w", "sub", "6c5c0a49-b589-431d- ["2GLC42sKQveCfGfryNRN9w", "sub", "6c5c0a49-b589-431d-
bae7-219122a9ec2c"] bae7-219122a9ec2c"]
*Claim given_name*: * Claim given_name:
* SHA-256 Hash: - SHA-256 Hash:
ommFAicVT8LGHCB0uywx7fYuo3MHYKO15cz-RZEYM5Q ommFAicVT8LGHCB0uywx7fYuo3MHYKO15cz-RZEYM5Q
* Disclosure: - Disclosure:
WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImdpdmVuX25hbWUiLCAiXHU1OTJhXH WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImdpdmVuX25hbWUiLCAiXHU1OTJ
U5MGNlIl0 hXHU5MGNlIl0
* Contents: - Contents:
["eluV5Og3gSNII8EYnsxA_A", "given_name", "\u592a\u90ce"] ["eluV5Og3gSNII8EYnsxA_A", "given_name", "\u592a\u90ce"]
*Claim family_name*: * Claim family_name:
* SHA-256 Hash: - SHA-256 Hash:
C9inp6YoRaEXR427zYJP7Qrk1WH_8bdwOA_YUrUnGQU C9inp6YoRaEXR427zYJP7Qrk1WH_8bdwOA_YUrUnGQU
* Disclosure: - Disclosure:
WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImZhbWlseV9uYW1lIiwgIlx1NWM3MV WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImZhbWlseV9uYW1lIiwgIlx1NWM
x1NzUzMCJd 3MVx1NzUzMCJd
* Contents: - Contents:
["6Ij7tM-a5iVPGboS5tmvVA", "family_name", "\u5c71\u7530"] ["6Ij7tM-a5iVPGboS5tmvVA", "family_name", "\u5c71\u7530"]
*Claim email*: * Claim email:
* SHA-256 Hash: - SHA-256 Hash:
Kuet1yAa0HIQvYnOVd59hcViO9Ug6J2kSfqYRBeowvE Kuet1yAa0HIQvYnOVd59hcViO9Ug6J2kSfqYRBeowvE
* Disclosure: - Disclosure:
WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgImVtYWlsIiwgIlwidW51c3VhbCBlbW WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgImVtYWlsIiwgIlwidW51c3VhbCB
FpbCBhZGRyZXNzXCJAZXhhbXBsZS5qcCJd lbWFpbCBhZGRyZXNzXCJAZXhhbXBsZS5qcCJd
* Contents: - Contents:
["eI8ZWm9QnKPpNPeNenHdhQ", "email", "\"unusual email ["eI8ZWm9QnKPpNPeNenHdhQ", "email", "\"unusual email
address\"@example.jp"] address\"@example.jp"]
*Claim phone_number*: * Claim phone_number:
* SHA-256 Hash: - SHA-256 Hash:
s0BKYsLWxQQeU8tVlltM7MKsIRTrEIa1PkJmqxBBf5U s0BKYsLWxQQeU8tVlltM7MKsIRTrEIa1PkJmqxBBf5U
* Disclosure: - Disclosure:
WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgInBob25lX251bWJlciIsICIrODEtOD WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgInBob25lX251bWJlciIsICIrODE
AtMTIzNC01Njc4Il0 tODAtMTIzNC01Njc4Il0
* Contents: - Contents:
["Qg_O64zqAxe412a108iroA", "phone_number", "+81-80-1234-5678"] ["Qg_O64zqAxe412a108iroA", "phone_number", "+81-80-1234-5678"]
*Claim street_address*: * Claim street_address:
* SHA-256 Hash: - SHA-256 Hash:
6aUhzYhZ7SJ1kVmagQAO3u2ETN2CC1aHheZpKnaF0_E 6aUhzYhZ7SJ1kVmagQAO3u2ETN2CC1aHheZpKnaF0_E
* Disclosure: - Disclosure:
WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgInN0cmVldF9hZGRyZXNzIiwgIlx1Nj WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgInN0cmVldF9hZGRyZXNzIiwgIlx
c3MVx1NGVhY1x1OTBmZFx1NmUyZlx1NTMzYVx1ODI5ZFx1NTE2Y1x1NTcxMlx1ZmYx 1Njc3MVx1NGVhY1x1OTBmZFx1NmUyZlx1NTMzYVx1ODI5ZFx1NTE2Y1x1NTcxMl
NFx1NGUwMVx1NzZlZVx1ZmYxMlx1MjIxMlx1ZmYxOCJd x1ZmYxNFx1NGUwMVx1NzZlZVx1ZmYxMlx1MjIxMlx1ZmYxOCJd
* Contents: - Contents:
["AJx-095VPrpTtN4QMOqROA", "street_address", "\u6771\u4eac\u90fd\u ["AJx-095VPrpTtN4QMOqROA", "street_address", "\u6771\u4eac\u90f
6e2f\u533a\u829d\u516c\u5712\uff14\u4e01\u76ee\uff12\u2212\uff18"] d\u6e2f\u533a\u829d\u516c\u5712\uff14\u4e01\u76ee\uff12\u2212\u
ff18"]
*Claim locality*: * Claim locality:
* SHA-256 Hash: - SHA-256 Hash:
rvJd6iq6T5ejmsBMoGwuNXh9qAAFATAci40oidEeVsA rvJd6iq6T5ejmsBMoGwuNXh9qAAFATAci40oidEeVsA
* Disclosure: - Disclosure:
WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImxvY2FsaXR5IiwgIlx1Njc3MVx1NG WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImxvY2FsaXR5IiwgIlx1Njc3MVx
VhY1x1OTBmZCJd 1NGVhY1x1OTBmZCJd
* Contents: - Contents:
["Pc33JM2LchcU_lHggv_ufQ", "locality", "\u6771\u4eac\u90fd"] ["Pc33JM2LchcU_lHggv_ufQ", "locality", "\u6771\u4eac\u90fd"]
*Claim region*: * Claim region:
* SHA-256 Hash: - SHA-256 Hash:
PzzcVu0qbMuBGSjulfewzkesD9zutOExn5EWNwkrQ-k PzzcVu0qbMuBGSjulfewzkesD9zutOExn5EWNwkrQ-k
* Disclosure: - Disclosure:
WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgInJlZ2lvbiIsICJcdTZlMmZcdTUzM2 WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgInJlZ2lvbiIsICJcdTZlMmZcdTU
EiXQ zM2EiXQ
* Contents: - Contents:
["G02NSrQfjFXQ7Io09syajA", "region", "\u6e2f\u533a"] ["G02NSrQfjFXQ7Io09syajA", "region", "\u6e2f\u533a"]
*Claim country*: * Claim country:
* SHA-256 Hash: - SHA-256 Hash:
uNHoWYhXsZhVJCNE2Dqy-zqt7t69gJKy5QaFv7GrMX4 uNHoWYhXsZhVJCNE2Dqy-zqt7t69gJKy5QaFv7GrMX4
* Disclosure: - Disclosure:
WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImNvdW50cnkiLCAiSlAiXQ WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImNvdW50cnkiLCAiSlAiXQ
* Contents: - Contents:
["lklxF5jMYlGTPUovMNIvCA", "country", "JP"] ["lklxF5jMYlGTPUovMNIvCA", "country", "JP"]
*Claim birthdate*: * Claim birthdate:
* SHA-256 Hash: - SHA-256 Hash:
MMldOFFzB2d0umlmpTIaGerhWdU_PpYfLvKhh_f_9aY MMldOFFzB2d0umlmpTIaGerhWdU_PpYfLvKhh_f_9aY
* Disclosure: - Disclosure:
WyJ5eXRWYmRBUEdjZ2wyckk0QzlHU29nIiwgImJpcnRoZGF0ZSIsICIxOTQwLTAxLT WyJ5eXRWYmRBUEdjZ2wyckk0QzlHU29nIiwgImJpcnRoZGF0ZSIsICIxOTQwLTA
AxIl0 xLTAxIl0
* Contents: - Contents:
["yytVbdAPGcgl2rI4C9GSog", "birthdate", "1940-01-01"] ["yytVbdAPGcgl2rI4C9GSog", "birthdate", "1940-01-01"]
The following decoy digests are added: The following decoy digests are added:
* AzLlFobkJ2xiaupREPyoJz-9-NSldB6Cgjr7fUyoHzg * AzLlFobkJ2xiaupREPyoJz-9-NSldB6Cgjr7fUyoHzg
* cPYJHIZ8Vu-f9CCyVub2UfgEk8jvvXezwK1p_JneeXQ * cPYJHIZ8Vu-f9CCyVub2UfgEk8jvvXezwK1p_JneeXQ
* glT3hrSU7fSWgwF5UDZmWwBTw32gnUldIhi8hGVCaV4 * glT3hrSU7fSWgwF5UDZmWwBTw32gnUldIhi8hGVCaV4
* b2Dkw0jcIF9rGg8_PF8ZcvncW7zwZj5ryBWvXfrpzek * b2Dkw0jcIF9rGg8_PF8ZcvncW7zwZj5ryBWvXfrpzek
skipping to change at line 3282 skipping to change at line 3280
"hvDXhwmGcJQsBCA2OtjuLAcwAMpDsaU0nkovcKOqWNE" "hvDXhwmGcJQsBCA2OtjuLAcwAMpDsaU0nkovcKOqWNE"
] ]
} }
}, },
"_sd_alg": "sha-256" "_sd_alg": "sha-256"
} }
The digests in the SD-JWT payload reference the following The digests in the SD-JWT payload reference the following
Disclosures: Disclosures:
*Claim time*: * Claim time:
* SHA-256 Hash: - SHA-256 Hash:
vTwe3raHIFYgFA3xaUD2aMxFz5oDo8iBu05qKlOg9Lw vTwe3raHIFYgFA3xaUD2aMxFz5oDo8iBu05qKlOg9Lw
* Disclosure: - Disclosure:
WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgInRpbWUiLCAiMjAxMi0wNC0yM1QxOD WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgInRpbWUiLCAiMjAxMi0wNC0yM1Q
oyNVoiXQ xODoyNVoiXQ
* Contents: - Contents:
["2GLC42sKQveCfGfryNRN9w", "time", "2012-04-23T18:25Z"] ["2GLC42sKQveCfGfryNRN9w", "time", "2012-04-23T18:25Z"]
*Claim verification_process*: * Claim verification_process:
* SHA-256 Hash: - SHA-256 Hash:
7h4UE9qScvDKodXVCuoKfKBJpVBfXMF_TmAGVaZe3Sc 7h4UE9qScvDKodXVCuoKfKBJpVBfXMF_TmAGVaZe3Sc
* Disclosure: - Disclosure:
WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgInZlcmlmaWNhdGlvbl9wcm9jZXNzIi WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgInZlcmlmaWNhdGlvbl9wcm9jZXN
wgImYyNGM2Zi02ZDNmLTRlYzUtOTczZS1iMGQ4NTA2ZjNiYzciXQ zIiwgImYyNGM2Zi02ZDNmLTRlYzUtOTczZS1iMGQ4NTA2ZjNiYzciXQ
* Contents: - Contents:
["eluV5Og3gSNII8EYnsxA_A", "verification_process", "f24c6f-6d3f- ["eluV5Og3gSNII8EYnsxA_A", "verification_process", "f24c6f-
4ec5-973e-b0d8506f3bc7"] 6d3f-4ec5-973e-b0d8506f3bc7"]
*Claim type*: * Claim type:
* SHA-256 Hash: - SHA-256 Hash:
G5EnhOAOoU9X_6QMNvzFXjpEA_Rc-AEtm1bG_wcaKIk G5EnhOAOoU9X_6QMNvzFXjpEA_Rc-AEtm1bG_wcaKIk
* Disclosure: - Disclosure:
WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgInR5cGUiLCAiZG9jdW1lbnQiXQ WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgInR5cGUiLCAiZG9jdW1lbnQiXQ
* Contents: - Contents:
["6Ij7tM-a5iVPGboS5tmvVA", "type", "document"] ["6Ij7tM-a5iVPGboS5tmvVA", "type", "document"]
*Claim method*: * Claim method:
* SHA-256 Hash: - SHA-256 Hash:
WpxQ4HSoEtcTmCCKOeDslB_emucYLz2oO8oHNr1bEVQ WpxQ4HSoEtcTmCCKOeDslB_emucYLz2oO8oHNr1bEVQ
* Disclosure: - Disclosure:
WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgIm1ldGhvZCIsICJwaXBwIl0 WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgIm1ldGhvZCIsICJwaXBwIl0
* Contents: - Contents:
["eI8ZWm9QnKPpNPeNenHdhQ", "method", "pipp"] ["eI8ZWm9QnKPpNPeNenHdhQ", "method", "pipp"]
*Claim time*: * Claim time:
* SHA-256 Hash: - SHA-256 Hash:
9wpjVPWuD7PK0nsQDL8B06lmdgV3LVybhHydQpTNyLI 9wpjVPWuD7PK0nsQDL8B06lmdgV3LVybhHydQpTNyLI
* Disclosure: - Disclosure:
WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgInRpbWUiLCAiMjAxMi0wNC0yMlQxMT WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgInRpbWUiLCAiMjAxMi0wNC0yMlQ
ozMFoiXQ xMTozMFoiXQ
* Contents: - Contents:
["Qg_O64zqAxe412a108iroA", "time", "2012-04-22T11:30Z"] ["Qg_O64zqAxe412a108iroA", "time", "2012-04-22T11:30Z"]
*Claim document*: * Claim document:
* SHA-256 Hash: - SHA-256 Hash:
IhwFrWUB63RcZq9yvgZ0XPc7Gowh3O2kqXeBIswg1B4 IhwFrWUB63RcZq9yvgZ0XPc7Gowh3O2kqXeBIswg1B4
* Disclosure: - Disclosure:
WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImRvY3VtZW50IiwgeyJ0eXBlIjogIm WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImRvY3VtZW50IiwgeyJ0eXBlIjo
lkY2FyZCIsICJpc3N1ZXIiOiB7Im5hbWUiOiAiU3RhZHQgQXVnc2J1cmciLCAiY291 gImlkY2FyZCIsICJpc3N1ZXIiOiB7Im5hbWUiOiAiU3RhZHQgQXVnc2J1cmciLC
bnRyeSI6ICJERSJ9LCAibnVtYmVyIjogIjUzNTU0NTU0IiwgImRhdGVfb2ZfaXNzdW AiY291bnRyeSI6ICJERSJ9LCAibnVtYmVyIjogIjUzNTU0NTU0IiwgImRhdGVfb
FuY2UiOiAiMjAxMC0wMy0yMyIsICJkYXRlX29mX2V4cGlyeSI6ICIyMDIwLTAzLTIy 2ZfaXNzdWFuY2UiOiAiMjAxMC0wMy0yMyIsICJkYXRlX29mX2V4cGlyeSI6ICIy
In1d MDIwLTAzLTIyIn1d
* Contents: - Contents:
["AJx-095VPrpTtN4QMOqROA", "document", {"type": "idcard", ["AJx-095VPrpTtN4QMOqROA", "document", {"type": "idcard",
"issuer": {"name": "Stadt Augsburg", "country": "DE"}, "number": "issuer": {"name": "Stadt Augsburg", "country": "DE"},
"53554554", "date_of_issuance": "2010-03-23", "date_of_expiry": "number": "53554554", "date_of_issuance": "2010-03-23",
"2020-03-22"}] "date_of_expiry": "2020-03-22"}]
*Array Entry*: * Array Entry:
* SHA-256 Hash: - SHA-256 Hash:
tYJ0TDucyZZCRMbROG4qRO5vkPSFRxFhUELc18CSl3k tYJ0TDucyZZCRMbROG4qRO5vkPSFRxFhUELc18CSl3k
* Disclosure: - Disclosure:
WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgeyJfc2QiOiBbIjl3cGpWUFd1RDdQSz WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgeyJfc2QiOiBbIjl3cGpWUFd1RDd
Buc1FETDhCMDZsbWRnVjNMVnliaEh5ZFFwVE55TEkiLCAiRzVFbmhPQU9vVTlYXzZR QSzBuc1FETDhCMDZsbWRnVjNMVnliaEh5ZFFwVE55TEkiLCAiRzVFbmhPQU9vVT
TU52ekZYanBFQV9SYy1BRXRtMWJHX3djYUtJayIsICJJaHdGcldVQjYzUmNacTl5dm lYXzZRTU52ekZYanBFQV9SYy1BRXRtMWJHX3djYUtJayIsICJJaHdGcldVQjYzU
daMFhQYzdHb3doM08ya3FYZUJJc3dnMUI0IiwgIldweFE0SFNvRXRjVG1DQ0tPZURz mNacTl5dmdaMFhQYzdHb3doM08ya3FYZUJJc3dnMUI0IiwgIldweFE0SFNvRXRj
bEJfZW11Y1lMejJvTzhvSE5yMWJFVlEiXX1d VG1DQ0tPZURzbEJfZW11Y1lMejJvTzhvSE5yMWJFVlEiXX1d
* Contents: - Contents:
["Pc33JM2LchcU_lHggv_ufQ", {"_sd": ["Pc33JM2LchcU_lHggv_ufQ", {"_sd":
["9wpjVPWuD7PK0nsQDL8B06lmdgV3LVybhHydQpTNyLI", ["9wpjVPWuD7PK0nsQDL8B06lmdgV3LVybhHydQpTNyLI",
"G5EnhOAOoU9X_6QMNvzFXjpEA_Rc-AEtm1bG_wcaKIk", "G5EnhOAOoU9X_6QMNvzFXjpEA_Rc-AEtm1bG_wcaKIk",
"IhwFrWUB63RcZq9yvgZ0XPc7Gowh3O2kqXeBIswg1B4", "IhwFrWUB63RcZq9yvgZ0XPc7Gowh3O2kqXeBIswg1B4",
"WpxQ4HSoEtcTmCCKOeDslB_emucYLz2oO8oHNr1bEVQ"]}] "WpxQ4HSoEtcTmCCKOeDslB_emucYLz2oO8oHNr1bEVQ"]}]
*Claim given_name*: * Claim given_name:
* SHA-256 Hash: - SHA-256 Hash:
S_498bbpKzB6Eanftss0xc7cOaoneRr3pKr7NdRmsMo S_498bbpKzB6Eanftss0xc7cOaoneRr3pKr7NdRmsMo
* Disclosure: - Disclosure:
WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImdpdmVuX25hbWUiLCAiTWF4Il0 WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImdpdmVuX25hbWUiLCAiTWF4Il0
* Contents: - Contents:
["G02NSrQfjFXQ7Io09syajA", "given_name", "Max"] ["G02NSrQfjFXQ7Io09syajA", "given_name", "Max"]
*Claim family_name*: * Claim family_name:
* SHA-256 Hash: - SHA-256 Hash:
Wxh_sV3iRH9bgrTBJi-aYHNCLt-vjhX1sd-igOf_9lk Wxh_sV3iRH9bgrTBJi-aYHNCLt-vjhX1sd-igOf_9lk
* Disclosure: - Disclosure:
WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImZhbWlseV9uYW1lIiwgIk1cdTAwZm WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImZhbWlseV9uYW1lIiwgIk1cdTA
NsbGVyIl0 wZmNsbGVyIl0
* Contents: - Contents:
["lklxF5jMYlGTPUovMNIvCA", "family_name", "M\u00fcller"] ["lklxF5jMYlGTPUovMNIvCA", "family_name", "M\u00fcller"]
*Claim nationalities*: * Claim nationalities:
* SHA-256 Hash: - SHA-256 Hash:
hvDXhwmGcJQsBCA2OtjuLAcwAMpDsaU0nkovcKOqWNE hvDXhwmGcJQsBCA2OtjuLAcwAMpDsaU0nkovcKOqWNE
* Disclosure: - Disclosure:
WyJuUHVvUW5rUkZxM0JJZUFtN0FuWEZBIiwgIm5hdGlvbmFsaXRpZXMiLCBbIkRFIl WyJuUHVvUW5rUkZxM0JJZUFtN0FuWEZBIiwgIm5hdGlvbmFsaXRpZXMiLCBbIkR
1d FIl1d
* Contents: - Contents:
["nPuoQnkRFq3BIeAm7AnXFA", "nationalities", ["DE"]] ["nPuoQnkRFq3BIeAm7AnXFA", "nationalities", ["DE"]]
*Claim birthdate*: * Claim birthdate:
* SHA-256 Hash: - SHA-256 Hash:
WNA-UNK7F_zhsAb9syWO6IIQ1uHlTmOU8r8CvJ0cIMk WNA-UNK7F_zhsAb9syWO6IIQ1uHlTmOU8r8CvJ0cIMk
* Disclosure: - Disclosure:
WyI1YlBzMUlxdVpOYTBoa2FGenp6Wk53IiwgImJpcnRoZGF0ZSIsICIxOTU2LTAxLT WyI1YlBzMUlxdVpOYTBoa2FGenp6Wk53IiwgImJpcnRoZGF0ZSIsICIxOTU2LTA
I4Il0 xLTI4Il0
* Contents: - Contents:
["5bPs1IquZNa0hkaFzzzZNw", "birthdate", "1956-01-28"] ["5bPs1IquZNa0hkaFzzzZNw", "birthdate", "1956-01-28"]
*Claim place_of_birth*: * Claim place_of_birth:
* SHA-256 Hash: - SHA-256 Hash:
RiOiCn6_w5ZHaadkQMrcQJf0Jte5RwurRs54231DTlo RiOiCn6_w5ZHaadkQMrcQJf0Jte5RwurRs54231DTlo
* Disclosure: - Disclosure:
WyI1YTJXMF9OcmxFWnpmcW1rXzdQcS13IiwgInBsYWNlX29mX2JpcnRoIiwgeyJjb3 WyI1YTJXMF9OcmxFWnpmcW1rXzdQcS13IiwgInBsYWNlX29mX2JpcnRoIiwgeyJ
VudHJ5IjogIklTIiwgImxvY2FsaXR5IjogIlx1MDBkZXlra3ZhYlx1MDBlNmphcmts jb3VudHJ5IjogIklTIiwgImxvY2FsaXR5IjogIlx1MDBkZXlra3ZhYlx1MDBlNm
YXVzdHVyIn1d phcmtsYXVzdHVyIn1d
* Contents: - Contents:
["5a2W0_NrlEZzfqmk_7Pq-w", "place_of_birth", {"country": "IS", ["5a2W0_NrlEZzfqmk_7Pq-w", "place_of_birth", {"country": "IS",
"locality": "\u00deykkvab\u00e6jarklaustur"}] "locality": "\u00deykkvab\u00e6jarklaustur"}]
*Claim address*: * Claim address:
* SHA-256 Hash: - SHA-256 Hash:
_O-wJiH3enSB4ROHntToQT8JmLtz-mhO2f1c89XoerQ _O-wJiH3enSB4ROHntToQT8JmLtz-mhO2f1c89XoerQ
* Disclosure: - Disclosure:
WyJ5MXNWVTV3ZGZKYWhWZGd3UGdTN1JRIiwgImFkZHJlc3MiLCB7ImxvY2FsaXR5Ij WyJ5MXNWVTV3ZGZKYWhWZGd3UGdTN1JRIiwgImFkZHJlc3MiLCB7ImxvY2FsaXR
ogIk1heHN0YWR0IiwgInBvc3RhbF9jb2RlIjogIjEyMzQ0IiwgImNvdW50cnkiOiAi 5IjogIk1heHN0YWR0IiwgInBvc3RhbF9jb2RlIjogIjEyMzQ0IiwgImNvdW50cn
REUiLCAic3RyZWV0X2FkZHJlc3MiOiAiV2VpZGVuc3RyYVx1MDBkZmUgMjIifV0 kiOiAiREUiLCAic3RyZWV0X2FkZHJlc3MiOiAiV2VpZGVuc3RyYVx1MDBkZmUgM
jIifV0
* Contents: - Contents:
["y1sVU5wdfJahVdgwPgS7RQ", "address", {"locality": "Maxstadt", ["y1sVU5wdfJahVdgwPgS7RQ", "address", {"locality": "Maxstadt",
"postal_code": "12344", "country": "DE", "street_address": "postal_code": "12344", "country": "DE", "street_address":
"Weidenstra\u00dfe 22"}] "Weidenstra\u00dfe 22"}]
*Claim birth_middle_name*: * Claim birth_middle_name:
* SHA-256 Hash: - SHA-256 Hash:
otkxuT14nBiwzNJ3MPaOitOl9pVnXOaEHal_xkyNfKI otkxuT14nBiwzNJ3MPaOitOl9pVnXOaEHal_xkyNfKI
* Disclosure: - Disclosure:
WyJIYlE0WDhzclZXM1FEeG5JSmRxeU9BIiwgImJpcnRoX21pZGRsZV9uYW1lIiwgIl WyJIYlE0WDhzclZXM1FEeG5JSmRxeU9BIiwgImJpcnRoX21pZGRsZV9uYW1lIiw
RpbW90aGV1cyJd gIlRpbW90aGV1cyJd
* Contents: - Contents:
["HbQ4X8srVW3QDxnIJdqyOA", "birth_middle_name", "Timotheus"] ["HbQ4X8srVW3QDxnIJdqyOA", "birth_middle_name", "Timotheus"]
*Claim salutation*: * Claim salutation:
* SHA-256 Hash: - SHA-256 Hash:
-aSznId9mWM8ocuQolCllsxVggq1-vHW4OtnhUtVmWw -aSznId9mWM8ocuQolCllsxVggq1-vHW4OtnhUtVmWw
* Disclosure: - Disclosure:
WyJDOUdTb3VqdmlKcXVFZ1lmb2pDYjFBIiwgInNhbHV0YXRpb24iLCAiRHIuIl0 WyJDOUdTb3VqdmlKcXVFZ1lmb2pDYjFBIiwgInNhbHV0YXRpb24iLCAiRHIuIl0
* Contents: - Contents:
["C9GSoujviJquEgYfojCb1A", "salutation", "Dr."] ["C9GSoujviJquEgYfojCb1A", "salutation", "Dr."]
*Claim msisdn*: * Claim msisdn:
* SHA-256 Hash: - SHA-256 Hash:
IKbrYNn3vA7WEFrysvbdBJjDDU_EvQIr0W18vTRpUSg IKbrYNn3vA7WEFrysvbdBJjDDU_EvQIr0W18vTRpUSg
* Disclosure: - Disclosure:
WyJreDVrRjE3Vi14MEptd1V4OXZndnR3IiwgIm1zaXNkbiIsICI0OTEyMzQ1Njc4OS WyJreDVrRjE3Vi14MEptd1V4OXZndnR3IiwgIm1zaXNkbiIsICI0OTEyMzQ1Njc
Jd 4OSJd
* Contents: - Contents:
["kx5kF17V-x0JmwUx9vgvtw", "msisdn", "49123456789"] ["kx5kF17V-x0JmwUx9vgvtw", "msisdn", "49123456789"]
The following is a presentation of the SD-JWT: The following is a presentation of the SD-JWT:
eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImV4YW1wbGUrc2Qtand0In0.eyJfc2QiOiBb eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImV4YW1wbGUrc2Qtand0In0.eyJfc2QiOiBb
Ii1hU3puSWQ5bVdNOG9jdVFvbENsbHN4VmdncTEtdkhXNE90bmhVdFZtV3ciLCAiSUti Ii1hU3puSWQ5bVdNOG9jdVFvbENsbHN4VmdncTEtdkhXNE90bmhVdFZtV3ciLCAiSUti
cllObjN2QTdXRUZyeXN2YmRCSmpERFVfRXZRSXIwVzE4dlRScFVTZyIsICJvdGt4dVQx cllObjN2QTdXRUZyeXN2YmRCSmpERFVfRXZRSXIwVzE4dlRScFVTZyIsICJvdGt4dVQx
NG5CaXd6TkozTVBhT2l0T2w5cFZuWE9hRUhhbF94a3lOZktJIl0sICJpc3MiOiAiaHR0 NG5CaXd6TkozTVBhT2l0T2w5cFZuWE9hRUhhbF94a3lOZktJIl0sICJpc3MiOiAiaHR0
cHM6Ly9pc3N1ZXIuZXhhbXBsZS5jb20iLCAiaWF0IjogMTY4MzAwMDAwMCwgImV4cCI6 cHM6Ly9pc3N1ZXIuZXhhbXBsZS5jb20iLCAiaWF0IjogMTY4MzAwMDAwMCwgImV4cCI6
IDE4ODMwMDAwMDAsICJ2ZXJpZmllZF9jbGFpbXMiOiB7InZlcmlmaWNhdGlvbiI6IHsi IDE4ODMwMDAwMDAsICJ2ZXJpZmllZF9jbGFpbXMiOiB7InZlcmlmaWNhdGlvbiI6IHsi
X3NkIjogWyI3aDRVRTlxU2N2REtvZFhWQ3VvS2ZLQkpwVkJmWE1GX1RtQUdWYVplM1Nj X3NkIjogWyI3aDRVRTlxU2N2REtvZFhWQ3VvS2ZLQkpwVkJmWE1GX1RtQUdWYVplM1Nj
skipping to change at line 3603 skipping to change at line 3602
"street_address": "Weidenstraße 22" "street_address": "Weidenstraße 22"
} }
} }
} }
} }
A.3. SD-JWT-Based Verifiable Credentials (SD-JWT VC) A.3. SD-JWT-Based Verifiable Credentials (SD-JWT VC)
This example shows how the artifacts defined in this specification This example shows how the artifacts defined in this specification
could be used in the context of SD-JWT-based Verifiable Credentials could be used in the context of SD-JWT-based Verifiable Credentials
(SD-JWT VC) [SD-JWT-VC] to represent the concept of a Person (SD-JWT VC) [SD-JWT-VC] to represent a hypothetical identity
Identification Data (PID) as defined in the "PID Rulebook" in credential with the data of a fictional German citizen.
[EUDIW.ARF]. This example uses fictional data of a German citizen.
Key Binding is applied using the Holder's public key passed in a cnf Key Binding is applied using the Holder's public key passed in a cnf
claim in the SD-JWT. claim in the SD-JWT.
The following citizen data is the input JWT Claims Set: The following citizen data is the input JWT Claims Set:
{ {
"vct": "urn:eudi:pid:de:1", "vct": "urn:eudi:pid:de:1",
"iss": "https://pid-issuer.bund.de.example", "iss": "https://pid-issuer.bund.de.example",
"given_name": "Erika", "given_name": "Erika",
skipping to change at line 3749 skipping to change at line 3747
"crv": "P-256", "crv": "P-256",
"x": "TCAER19Zvu3OHF4j4W4vfSVoHIP1ILilDls7vCeGemc", "x": "TCAER19Zvu3OHF4j4W4vfSVoHIP1ILilDls7vCeGemc",
"y": "ZxjiWWbZMQGHVWKVQ4hbSIirsVfuecCE6t4jT9F2HZQ" "y": "ZxjiWWbZMQGHVWKVQ4hbSIirsVfuecCE6t4jT9F2HZQ"
} }
} }
} }
The digests in the SD-JWT payload reference the following The digests in the SD-JWT payload reference the following
Disclosures: Disclosures:
*Claim given_name*: * Claim given_name:
* SHA-256 Hash: - SHA-256 Hash:
0HZmnSIPz337kSWe7C34l--88gzJi-eBJ2Vz_HJwATg 0HZmnSIPz337kSWe7C34l--88gzJi-eBJ2Vz_HJwATg
* Disclosure: - Disclosure:
WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiRXJpa2EiXQ WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiRXJpa2E
iXQ
* Contents: - Contents:
["2GLC42sKQveCfGfryNRN9w", "given_name", "Erika"] ["2GLC42sKQveCfGfryNRN9w", "given_name", "Erika"]
*Claim family_name*: * Claim family_name:
* SHA-256 Hash: - SHA-256 Hash:
I00fcFUoDXCucp5yy2ujqPssDVGaWNiUliNz_awD0gc I00fcFUoDXCucp5yy2ujqPssDVGaWNiUliNz_awD0gc
* Disclosure: - Disclosure:
WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uYW1lIiwgIk11c3Rlcm WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uYW1lIiwgIk11c3R
1hbm4iXQ lcm1hbm4iXQ
* Contents: - Contents:
["eluV5Og3gSNII8EYnsxA_A", "family_name", "Mustermann"] ["eluV5Og3gSNII8EYnsxA_A", "family_name", "Mustermann"]
*Claim birthdate*: * Claim birthdate:
* SHA-256 Hash: - SHA-256 Hash:
Lai6IU6d7GQagXR7AvGTrnXgSld3z8EIg_fv3fOZ1Wg Lai6IU6d7GQagXR7AvGTrnXgSld3z8EIg_fv3fOZ1Wg
* Disclosure: - Disclosure:
WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImJpcnRoZGF0ZSIsICIxOTYzLTA4LT WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImJpcnRoZGF0ZSIsICIxOTYzLTA
EyIl0 4LTEyIl0
* Contents: - Contents:
["6Ij7tM-a5iVPGboS5tmvVA", "birthdate", "1963-08-12"] ["6Ij7tM-a5iVPGboS5tmvVA", "birthdate", "1963-08-12"]
*Claim street_address*: * Claim street_address:
* SHA-256 Hash: - SHA-256 Hash:
ALZERsSn5WNiEXdCksW8I5qQw3_NpAnRqpSAZDudgw8 ALZERsSn5WNiEXdCksW8I5qQw3_NpAnRqpSAZDudgw8
* Disclosure: - Disclosure:
WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgInN0cmVldF9hZGRyZXNzIiwgIkhlaW WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgInN0cmVldF9hZGRyZXNzIiwgIkh
Rlc3RyYVx1MDBkZmUgMTciXQ laWRlc3RyYVx1MDBkZmUgMTciXQ
* Contents: - Contents:
["eI8ZWm9QnKPpNPeNenHdhQ", "street_address", "Heidestra\u00dfe ["eI8ZWm9QnKPpNPeNenHdhQ", "street_address", "Heidestra\u00dfe
17"] 17"]
*Claim locality*: * Claim locality:
* SHA-256 Hash: - SHA-256 Hash:
D__W_uYcvRz3tvUnIJvBDHiTc7C__qHd0xNKwIs_w9k D__W_uYcvRz3tvUnIJvBDHiTc7C__qHd0xNKwIs_w9k
* Disclosure: - Disclosure:
WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImxvY2FsaXR5IiwgIktcdTAwZjZsbi WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImxvY2FsaXR5IiwgIktcdTAwZjZ
Jd sbiJd
* Contents: - Contents:
["Qg_O64zqAxe412a108iroA", "locality", "K\u00f6ln"] ["Qg_O64zqAxe412a108iroA", "locality", "K\u00f6ln"]
*Claim postal_code*: * Claim postal_code:
* SHA-256 Hash: - SHA-256 Hash:
xOPy9-gJALK6UbWKFLR85cOByUD3AbNwFg3I3YfQE_I xOPy9-gJALK6UbWKFLR85cOByUD3AbNwFg3I3YfQE_I
* Disclosure: - Disclosure:
WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgInBvc3RhbF9jb2RlIiwgIjUxMTQ3Il WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgInBvc3RhbF9jb2RlIiwgIjUxMTQ
0 3Il0
* Contents: - Contents:
["AJx-095VPrpTtN4QMOqROA", "postal_code", "51147"] ["AJx-095VPrpTtN4QMOqROA", "postal_code", "51147"]
*Claim country*: * Claim country:
* SHA-256 Hash: - SHA-256 Hash:
eBpCXU1J5dhH2g4t8QYNW5ExS9AxUVblUodoLYoPho0 eBpCXU1J5dhH2g4t8QYNW5ExS9AxUVblUodoLYoPho0
* Disclosure: - Disclosure:
WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImNvdW50cnkiLCAiREUiXQ WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImNvdW50cnkiLCAiREUiXQ
* Contents: - Contents:
["Pc33JM2LchcU_lHggv_ufQ", "country", "DE"] ["Pc33JM2LchcU_lHggv_ufQ", "country", "DE"]
*Claim address*: * Claim address:
* SHA-256 Hash: - SHA-256 Hash:
RTz3qTmFNHbpWrrOMZS41F474kFqRv3vIPqth6PUhlM RTz3qTmFNHbpWrrOMZS41F474kFqRv3vIPqth6PUhlM
* Disclosure: - Disclosure:
WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImFkZHJlc3MiLCB7Il9zZCI6IFsiQU WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImFkZHJlc3MiLCB7Il9zZCI6IFs
xaRVJzU241V05pRVhkQ2tzVzhJNXFRdzNfTnBBblJxcFNBWkR1ZGd3OCIsICJEX19X iQUxaRVJzU241V05pRVhkQ2tzVzhJNXFRdzNfTnBBblJxcFNBWkR1ZGd3OCIsIC
X3VZY3ZSejN0dlVuSUp2QkRIaVRjN0NfX3FIZDB4Tkt3SXNfdzlrIiwgImVCcENYVT JEX19XX3VZY3ZSejN0dlVuSUp2QkRIaVRjN0NfX3FIZDB4Tkt3SXNfdzlrIiwgI
FKNWRoSDJnNHQ4UVlOVzVFeFM5QXhVVmJsVW9kb0xZb1BobzAiLCAieE9QeTktZ0pB mVCcENYVTFKNWRoSDJnNHQ4UVlOVzVFeFM5QXhVVmJsVW9kb0xZb1BobzAiLCAi
TEs2VWJXS0ZMUjg1Y09CeVVEM0FiTndGZzNJM1lmUUVfSSJdfV0 eE9QeTktZ0pBTEs2VWJXS0ZMUjg1Y09CeVVEM0FiTndGZzNJM1lmUUVfSSJdfV0
* Contents: - Contents:
["G02NSrQfjFXQ7Io09syajA", "address", {"_sd": ["G02NSrQfjFXQ7Io09syajA", "address", {"_sd":
["ALZERsSn5WNiEXdCksW8I5qQw3_NpAnRqpSAZDudgw8", ["ALZERsSn5WNiEXdCksW8I5qQw3_NpAnRqpSAZDudgw8",
"D__W_uYcvRz3tvUnIJvBDHiTc7C__qHd0xNKwIs_w9k", "D__W_uYcvRz3tvUnIJvBDHiTc7C__qHd0xNKwIs_w9k",
"eBpCXU1J5dhH2g4t8QYNW5ExS9AxUVblUodoLYoPho0", "eBpCXU1J5dhH2g4t8QYNW5ExS9AxUVblUodoLYoPho0",
"xOPy9-gJALK6UbWKFLR85cOByUD3AbNwFg3I3YfQE_I"]}] "xOPy9-gJALK6UbWKFLR85cOByUD3AbNwFg3I3YfQE_I"]}]
*Claim nationalities*: * Claim nationalities:
* SHA-256 Hash: - SHA-256 Hash:
y50czc0ISChy_bsba1dMoUuAOQ5AMmOSfGoEe81v1FU y50czc0ISChy_bsba1dMoUuAOQ5AMmOSfGoEe81v1FU
* Disclosure: - Disclosure:
WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgIm5hdGlvbmFsaXRpZXMiLCBbIkRFIl WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgIm5hdGlvbmFsaXRpZXMiLCBbIkR
1d FIl1d
* Contents: - Contents:
["lklxF5jMYlGTPUovMNIvCA", "nationalities", ["DE"]] ["lklxF5jMYlGTPUovMNIvCA", "nationalities", ["DE"]]
*Claim sex*: * Claim sex:
* SHA-256 Hash: - SHA-256 Hash:
90CT8AaBPbn5X8nRXkesju1i0BqhWqZ3wqD4jF-qDGk 90CT8AaBPbn5X8nRXkesju1i0BqhWqZ3wqD4jF-qDGk
* Disclosure: - Disclosure:
WyJuUHVvUW5rUkZxM0JJZUFtN0FuWEZBIiwgInNleCIsIDJd WyJuUHVvUW5rUkZxM0JJZUFtN0FuWEZBIiwgInNleCIsIDJd
* Contents: - Contents:
["nPuoQnkRFq3BIeAm7AnXFA", "sex", 2] ["nPuoQnkRFq3BIeAm7AnXFA", "sex", 2]
*Claim birth_family_name*: * Claim birth_family_name:
* SHA-256 Hash: - SHA-256 Hash:
KjAXgAA9N5WHEDtRIh4u5Mn1ZsWixhhWAiX-A4QiwgA KjAXgAA9N5WHEDtRIh4u5Mn1ZsWixhhWAiX-A4QiwgA
* Disclosure: - Disclosure:
WyI1YlBzMUlxdVpOYTBoa2FGenp6Wk53IiwgImJpcnRoX2ZhbWlseV9uYW1lIiwgIk WyI1YlBzMUlxdVpOYTBoa2FGenp6Wk53IiwgImJpcnRoX2ZhbWlseV9uYW1lIiw
dhYmxlciJd gIkdhYmxlciJd
* Contents: - Contents:
["5bPs1IquZNa0hkaFzzzZNw", "birth_family_name", "Gabler"] ["5bPs1IquZNa0hkaFzzzZNw", "birth_family_name", "Gabler"]
*Claim locality*: * Claim locality:
* SHA-256 Hash: - SHA-256 Hash:
KUViaaLnY5jSML90G29OOLENPbbXfhSjSPMjZaGkxAE KUViaaLnY5jSML90G29OOLENPbbXfhSjSPMjZaGkxAE
* Disclosure: - Disclosure:
WyI1YTJXMF9OcmxFWnpmcW1rXzdQcS13IiwgImxvY2FsaXR5IiwgIkJlcmxpbiJd WyI1YTJXMF9OcmxFWnpmcW1rXzdQcS13IiwgImxvY2FsaXR5IiwgIkJlcmxpbiJ
d
* Contents: - Contents:
["5a2W0_NrlEZzfqmk_7Pq-w", "locality", "Berlin"] ["5a2W0_NrlEZzfqmk_7Pq-w", "locality", "Berlin"]
*Claim country*: * Claim country:
* SHA-256 Hash: - SHA-256 Hash:
YbsT0S76VqXCVsd1jUSlwKPDgmALeB1uZclFHXf-USQ YbsT0S76VqXCVsd1jUSlwKPDgmALeB1uZclFHXf-USQ
* Disclosure: - Disclosure:
WyJ5MXNWVTV3ZGZKYWhWZGd3UGdTN1JRIiwgImNvdW50cnkiLCAiREUiXQ WyJ5MXNWVTV3ZGZKYWhWZGd3UGdTN1JRIiwgImNvdW50cnkiLCAiREUiXQ
* Contents: - Contents:
["y1sVU5wdfJahVdgwPgS7RQ", "country", "DE"] ["y1sVU5wdfJahVdgwPgS7RQ", "country", "DE"]
*Claim place_of_birth*: * Claim place_of_birth:
* SHA-256 Hash: - SHA-256 Hash:
1Crn03WmUeRWp4zwPvvCKXl9ZaQp-cdQV_gHdaGSWow 1Crn03WmUeRWp4zwPvvCKXl9ZaQp-cdQV_gHdaGSWow
* Disclosure: - Disclosure:
WyJIYlE0WDhzclZXM1FEeG5JSmRxeU9BIiwgInBsYWNlX29mX2JpcnRoIiwgeyJfc2 WyJIYlE0WDhzclZXM1FEeG5JSmRxeU9BIiwgInBsYWNlX29mX2JpcnRoIiwgeyJ
QiOiBbIktVVmlhYUxuWTVqU01MOTBHMjlPT0xFTlBiYlhmaFNqU1BNalphR2t4QUUi fc2QiOiBbIktVVmlhYUxuWTVqU01MOTBHMjlPT0xFTlBiYlhmaFNqU1BNalphR2
LCAiWWJzVDBTNzZWcVhDVnNkMWpVU2x3S1BEZ21BTGVCMXVaY2xGSFhmLVVTUSJdfV t4QUUiLCAiWWJzVDBTNzZWcVhDVnNkMWpVU2x3S1BEZ21BTGVCMXVaY2xGSFhmL
0 VVTUSJdfV0
* Contents: - Contents:
["HbQ4X8srVW3QDxnIJdqyOA", "place_of_birth", {"_sd": ["HbQ4X8srVW3QDxnIJdqyOA", "place_of_birth", {"_sd":
["KUViaaLnY5jSML90G29OOLENPbbXfhSjSPMjZaGkxAE", ["KUViaaLnY5jSML90G29OOLENPbbXfhSjSPMjZaGkxAE",
"YbsT0S76VqXCVsd1jUSlwKPDgmALeB1uZclFHXf-USQ"]}] "YbsT0S76VqXCVsd1jUSlwKPDgmALeB1uZclFHXf-USQ"]}]
*Claim 12*: * Claim 12:
* SHA-256 Hash: - SHA-256 Hash:
gkvy0FuvBBvj0hs2ZNwxcqOlf8mu2-kCE7-Nb2QxuBU gkvy0FuvBBvj0hs2ZNwxcqOlf8mu2-kCE7-Nb2QxuBU
* Disclosure: - Disclosure:
WyJDOUdTb3VqdmlKcXVFZ1lmb2pDYjFBIiwgIjEyIiwgdHJ1ZV0 WyJDOUdTb3VqdmlKcXVFZ1lmb2pDYjFBIiwgIjEyIiwgdHJ1ZV0
* Contents: - Contents:
["C9GSoujviJquEgYfojCb1A", "12", true] ["C9GSoujviJquEgYfojCb1A", "12", true]
*Claim 14*: * Claim 14:
* SHA-256 Hash: - SHA-256 Hash:
y6SFrVFRyq50IbRJviTZqqjQWz0tLiuCmMeO0KqazGI y6SFrVFRyq50IbRJviTZqqjQWz0tLiuCmMeO0KqazGI
* Disclosure: - Disclosure:
WyJreDVrRjE3Vi14MEptd1V4OXZndnR3IiwgIjE0IiwgdHJ1ZV0 WyJreDVrRjE3Vi14MEptd1V4OXZndnR3IiwgIjE0IiwgdHJ1ZV0
* Contents: - Contents:
["kx5kF17V-x0JmwUx9vgvtw", "14", true] ["kx5kF17V-x0JmwUx9vgvtw", "14", true]
*Claim 16*: * Claim 16:
* SHA-256 Hash: - SHA-256 Hash:
hrY4HnmF5b5JwC9eTzaFCUceIQAaIdhrqUXQNCWbfZI hrY4HnmF5b5JwC9eTzaFCUceIQAaIdhrqUXQNCWbfZI
* Disclosure: - Disclosure:
WyJIM28xdXN3UDc2MEZpMnllR2RWQ0VRIiwgIjE2IiwgdHJ1ZV0 WyJIM28xdXN3UDc2MEZpMnllR2RWQ0VRIiwgIjE2IiwgdHJ1ZV0
* Contents: - Contents:
["H3o1uswP760Fi2yeGdVCEQ", "16", true] ["H3o1uswP760Fi2yeGdVCEQ", "16", true]
*Claim 18*: * Claim 18:
* SHA-256 Hash: - SHA-256 Hash:
CVKnly5P90yJs3EwtxQiOtUczaXCYNA4IczRaohrMDg CVKnly5P90yJs3EwtxQiOtUczaXCYNA4IczRaohrMDg
* Disclosure: - Disclosure:
WyJPQktsVFZsdkxnLUFkd3FZR2JQOFpBIiwgIjE4IiwgdHJ1ZV0 WyJPQktsVFZsdkxnLUFkd3FZR2JQOFpBIiwgIjE4IiwgdHJ1ZV0
* Contents: - Contents:
["OBKlTVlvLg-AdwqYGbP8ZA", "18", true] ["OBKlTVlvLg-AdwqYGbP8ZA", "18", true]
*Claim 21*: * Claim 21:
* SHA-256 Hash: - SHA-256 Hash:
1tEiyzPRYOKsf7SsYGMgPZKsOT1lQZRxHXA0r5_Bwkk 1tEiyzPRYOKsf7SsYGMgPZKsOT1lQZRxHXA0r5_Bwkk
* Disclosure: - Disclosure:
WyJNMEpiNTd0NDF1YnJrU3V5ckRUM3hBIiwgIjIxIiwgdHJ1ZV0 WyJNMEpiNTd0NDF1YnJrU3V5ckRUM3hBIiwgIjIxIiwgdHJ1ZV0
* Contents: - Contents:
["M0Jb57t41ubrkSuyrDT3xA", "21", true] ["M0Jb57t41ubrkSuyrDT3xA", "21", true]
*Claim 65*: * Claim 65:
* SHA-256 Hash: - SHA-256 Hash:
a44-g2Gr8_3AmJw2XZ8kI1y0Qz_ze9iOcW2W3RLpXGg a44-g2Gr8_3AmJw2XZ8kI1y0Qz_ze9iOcW2W3RLpXGg
* Disclosure: - Disclosure:
WyJEc210S05ncFY0ZEFIcGpyY2Fvc0F3IiwgIjY1IiwgZmFsc2Vd WyJEc210S05ncFY0ZEFIcGpyY2Fvc0F3IiwgIjY1IiwgZmFsc2Vd
* Contents: - Contents:
["DsmtKNgpV4dAHpjrcaosAw", "65", false] ["DsmtKNgpV4dAHpjrcaosAw", "65", false]
*Claim age_equal_or_over*: * Claim age_equal_or_over:
* SHA-256 Hash: - SHA-256 Hash:
2r009dzvHuVrWrRXT5kJMmHnqEHHnWe0MLVZw8PATB8 2r009dzvHuVrWrRXT5kJMmHnqEHHnWe0MLVZw8PATB8
* Disclosure: - Disclosure:
WyJlSzVvNXBIZmd1cFBwbHRqMXFoQUp3IiwgImFnZV9lcXVhbF9vcl9vdmVyIiwgey WyJlSzVvNXBIZmd1cFBwbHRqMXFoQUp3IiwgImFnZV9lcXVhbF9vcl9vdmVyIiw
Jfc2QiOiBbIjF0RWl5elBSWU9Lc2Y3U3NZR01nUFpLc09UMWxRWlJ4SFhBMHI1X0J3 geyJfc2QiOiBbIjF0RWl5elBSWU9Lc2Y3U3NZR01nUFpLc09UMWxRWlJ4SFhBMH
a2siLCAiQ1ZLbmx5NVA5MHlKczNFd3R4UWlPdFVjemFYQ1lOQTRJY3pSYW9ock1EZy I1X0J3a2siLCAiQ1ZLbmx5NVA5MHlKczNFd3R4UWlPdFVjemFYQ1lOQTRJY3pSY
IsICJhNDQtZzJHcjhfM0FtSncyWFo4a0kxeTBRel96ZTlpT2NXMlczUkxwWEdnIiwg W9ock1EZyIsICJhNDQtZzJHcjhfM0FtSncyWFo4a0kxeTBRel96ZTlpT2NXMlcz
ImdrdnkwRnV2QkJ2ajBoczJaTnd4Y3FPbGY4bXUyLWtDRTctTmIyUXh1QlUiLCAiaH UkxwWEdnIiwgImdrdnkwRnV2QkJ2ajBoczJaTnd4Y3FPbGY4bXUyLWtDRTctTmI
JZNEhubUY1YjVKd0M5ZVR6YUZDVWNlSVFBYUlkaHJxVVhRTkNXYmZaSSIsICJ5NlNG yUXh1QlUiLCAiaHJZNEhubUY1YjVKd0M5ZVR6YUZDVWNlSVFBYUlkaHJxVVhRTk
clZGUnlxNTBJYlJKdmlUWnFxalFXejB0TGl1Q21NZU8wS3FhekdJIl19XQ NXYmZaSSIsICJ5NlNGclZGUnlxNTBJYlJKdmlUWnFxalFXejB0TGl1Q21NZU8wS
3FhekdJIl19XQ
* Contents: - Contents:
["eK5o5pHfgupPpltj1qhAJw", "age_equal_or_over", {"_sd": ["eK5o5pHfgupPpltj1qhAJw", "age_equal_or_over", {"_sd":
["1tEiyzPRYOKsf7SsYGMgPZKsOT1lQZRxHXA0r5_Bwkk", ["1tEiyzPRYOKsf7SsYGMgPZKsOT1lQZRxHXA0r5_Bwkk",
"CVKnly5P90yJs3EwtxQiOtUczaXCYNA4IczRaohrMDg", "CVKnly5P90yJs3EwtxQiOtUczaXCYNA4IczRaohrMDg",
"a44-g2Gr8_3AmJw2XZ8kI1y0Qz_ze9iOcW2W3RLpXGg", "a44-g2Gr8_3AmJw2XZ8kI1y0Qz_ze9iOcW2W3RLpXGg",
"gkvy0FuvBBvj0hs2ZNwxcqOlf8mu2-kCE7-Nb2QxuBU", "gkvy0FuvBBvj0hs2ZNwxcqOlf8mu2-kCE7-Nb2QxuBU",
"hrY4HnmF5b5JwC9eTzaFCUceIQAaIdhrqUXQNCWbfZI", "hrY4HnmF5b5JwC9eTzaFCUceIQAaIdhrqUXQNCWbfZI",
"y6SFrVFRyq50IbRJviTZqqjQWz0tLiuCmMeO0KqazGI"]}] "y6SFrVFRyq50IbRJviTZqqjQWz0tLiuCmMeO0KqazGI"]}]
*Claim age_in_years*: * Claim age_in_years:
* SHA-256 Hash: - SHA-256 Hash:
WTpI7RcM3gxZruRpXzezSbkbOr93PVFvWx8woJ3j1cE WTpI7RcM3gxZruRpXzezSbkbOr93PVFvWx8woJ3j1cE
* Disclosure: - Disclosure:
WyJqN0FEZGIwVVZiMExpMGNpUGNQMGV3IiwgImFnZV9pbl95ZWFycyIsIDYyXQ WyJqN0FEZGIwVVZiMExpMGNpUGNQMGV3IiwgImFnZV9pbl95ZWFycyIsIDYyXQ
* Contents: - Contents:
["j7ADdb0UVb0Li0ciPcP0ew", "age_in_years", 62] ["j7ADdb0UVb0Li0ciPcP0ew", "age_in_years", 62]
*Claim age_birth_year*: * Claim age_birth_year:
* SHA-256 Hash: - SHA-256 Hash:
LezjabRqiZOXzEYmVZf8RMi9xAkd3_M1LZ8U7E4s3u4 LezjabRqiZOXzEYmVZf8RMi9xAkd3_M1LZ8U7E4s3u4
* Disclosure: - Disclosure:
WyJXcHhKckZ1WDh1U2kycDRodDA5anZ3IiwgImFnZV9iaXJ0aF95ZWFyIiwgMTk2M1 WyJXcHhKckZ1WDh1U2kycDRodDA5anZ3IiwgImFnZV9iaXJ0aF95ZWFyIiwgMTk
0 2M10
* Contents: - Contents:
["WpxJrFuX8uSi2p4ht09jvw", "age_birth_year", 1963] ["WpxJrFuX8uSi2p4ht09jvw", "age_birth_year", 1963]
*Claim issuance_date*: * Claim issuance_date:
* SHA-256 Hash: - SHA-256 Hash:
W14XHbUffzuW4IFMjpSTb1melWxUWf4N_o2ldkkIqc8 W14XHbUffzuW4IFMjpSTb1melWxUWf4N_o2ldkkIqc8
* Disclosure: - Disclosure:
WyJhdFNtRkFDWU1iSlZLRDA1bzNKZ3RRIiwgImlzc3VhbmNlX2RhdGUiLCAiMjAyMC WyJhdFNtRkFDWU1iSlZLRDA1bzNKZ3RRIiwgImlzc3VhbmNlX2RhdGUiLCAiMjA
0wMy0xMSJd yMC0wMy0xMSJd
* Contents: - Contents:
["atSmFACYMbJVKD05o3JgtQ", "issuance_date", "2020-03-11"] ["atSmFACYMbJVKD05o3JgtQ", "issuance_date", "2020-03-11"]
*Claim expiry_date*: * Claim expiry_date:
* SHA-256 Hash: - SHA-256 Hash:
78jg77-GYBeX8IQfoELPyL0DYPdmfZo0JgViV0_lKCM 78jg77-GYBeX8IQfoELPyL0DYPdmfZo0JgViV0_lKCM
* Disclosure: - Disclosure:
WyI0S3lSMzJvSVp0LXprV3ZGcWJVTEtnIiwgImV4cGlyeV9kYXRlIiwgIjIwMzAtMD WyI0S3lSMzJvSVp0LXprV3ZGcWJVTEtnIiwgImV4cGlyeV9kYXRlIiwgIjIwMzA
MtMTIiXQ tMDMtMTIiXQ
* Contents: - Contents:
["4KyR32oIZt-zkWvFqbULKg", "expiry_date", "2030-03-12"] ["4KyR32oIZt-zkWvFqbULKg", "expiry_date", "2030-03-12"]
*Claim issuing_authority*: * Claim issuing_authority:
* SHA-256 Hash: - SHA-256 Hash:
6ZNISDst62ymlrOAkadjdD5ZulT5A299J78SLhM__Os 6ZNISDst62ymlrOAkadjdD5ZulT5A299J78SLhM__Os
* Disclosure: - Disclosure:
WyJjaEJDc3loeWgtSjg2SS1hd1FEaUNRIiwgImlzc3VpbmdfYXV0aG9yaXR5IiwgIk WyJjaEJDc3loeWgtSjg2SS1hd1FEaUNRIiwgImlzc3VpbmdfYXV0aG9yaXR5Iiw
RFIl0 gIkRFIl0
* Contents: - Contents:
["chBCsyhyh-J86I-awQDiCQ", "issuing_authority", "DE"] ["chBCsyhyh-J86I-awQDiCQ", "issuing_authority", "DE"]
*Claim issuing_country*: * Claim issuing_country:
* SHA-256 Hash: - SHA-256 Hash:
_ohJVIQIBsU4updNS4_w4Kb1MHqJ0L9qLGshWq6JXQs _ohJVIQIBsU4updNS4_w4Kb1MHqJ0L9qLGshWq6JXQs
* Disclosure: - Disclosure:
WyJmbE5QMW5jTXo5TGctYzlxTUl6XzlnIiwgImlzc3VpbmdfY291bnRyeSIsICJERS WyJmbE5QMW5jTXo5TGctYzlxTUl6XzlnIiwgImlzc3VpbmdfY291bnRyeSIsICJ
Jd ERSJd
* Contents: - Contents:
["flNP1ncMz9Lg-c9qMIz_9g", "issuing_country", "DE"] ["flNP1ncMz9Lg-c9qMIz_9g", "issuing_country", "DE"]
The following is an example of an SD-JWT+KB that discloses only The following is an example of an SD-JWT+KB that discloses only
nationality and the fact that the person is over 18 years old: nationality and the fact that the person is over 18 years old:
eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImRjK3NkLWp3dCJ9.eyJfc2QiOiBbIjBIWm1 eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImRjK3NkLWp3dCJ9.eyJfc2QiOiBbIjBIWm1
uU0lQejMzN2tTV2U3QzM0bC0tODhnekppLWVCSjJWel9ISndBVGciLCAiMUNybjAzV21 uU0lQejMzN2tTV2U3QzM0bC0tODhnekppLWVCSjJWel9ISndBVGciLCAiMUNybjAzV21
VZVJXcDR6d1B2dkNLWGw5WmFRcC1jZFFWX2dIZGFHU1dvdyIsICIycjAwOWR6dkh1VnJ VZVJXcDR6d1B2dkNLWGw5WmFRcC1jZFFWX2dIZGFHU1dvdyIsICIycjAwOWR6dkh1VnJ
XclJYVDVrSk1tSG5xRUhIbldlME1MVlp3OFBBVEI4IiwgIjZaTklTRHN0NjJ5bWxyT0F XclJYVDVrSk1tSG5xRUhIbldlME1MVlp3OFBBVEI4IiwgIjZaTklTRHN0NjJ5bWxyT0F
rYWRqZEQ1WnVsVDVBMjk5Sjc4U0xoTV9fT3MiLCAiNzhqZzc3LUdZQmVYOElRZm9FTFB rYWRqZEQ1WnVsVDVBMjk5Sjc4U0xoTV9fT3MiLCAiNzhqZzc3LUdZQmVYOElRZm9FTFB
5TDBEWVBkbWZabzBKZ1ZpVjBfbEtDTSIsICI5MENUOEFhQlBibjVYOG5SWGtlc2p1MWk 5TDBEWVBkbWZabzBKZ1ZpVjBfbEtDTSIsICI5MENUOEFhQlBibjVYOG5SWGtlc2p1MWk
skipping to change at line 4395 skipping to change at line 4396
"crv": "P-256", "crv": "P-256",
"x": "TCAER19Zvu3OHF4j4W4vfSVoHIP1ILilDls7vCeGemc", "x": "TCAER19Zvu3OHF4j4W4vfSVoHIP1ILilDls7vCeGemc",
"y": "ZxjiWWbZMQGHVWKVQ4hbSIirsVfuecCE6t4jT9F2HZQ" "y": "ZxjiWWbZMQGHVWKVQ4hbSIirsVfuecCE6t4jT9F2HZQ"
} }
} }
} }
The digests in the SD-JWT payload reference the following The digests in the SD-JWT payload reference the following
Disclosures: Disclosures:
*Claim atcCode*: * Claim atcCode:
* SHA-256 Hash: - SHA-256 Hash:
1cF5hLwkhMNIaqfWJrXI7NMWedL-9f6Y2PA52yPjSZI 1cF5hLwkhMNIaqfWJrXI7NMWedL-9f6Y2PA52yPjSZI
* Disclosure: - Disclosure:
WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImF0Y0NvZGUiLCAiSjA3QlgwMyJd WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImF0Y0NvZGUiLCAiSjA3QlgwMyJ
d
* Contents: - Contents:
["2GLC42sKQveCfGfryNRN9w", "atcCode", "J07BX03"] ["2GLC42sKQveCfGfryNRN9w", "atcCode", "J07BX03"]
*Claim medicinalProductName*: * Claim medicinalProductName:
* SHA-256 Hash: - SHA-256 Hash:
Hiy6WWueLD5bn16298tPv7GXhmldMDOTnBi-CZbphNo Hiy6WWueLD5bn16298tPv7GXhmldMDOTnBi-CZbphNo
* Disclosure: - Disclosure:
WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgIm1lZGljaW5hbFByb2R1Y3ROYW1lIi WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgIm1lZGljaW5hbFByb2R1Y3ROYW1
wgIkNPVklELTE5IFZhY2NpbmUgTW9kZXJuYSJd lIiwgIkNPVklELTE5IFZhY2NpbmUgTW9kZXJuYSJd
* Contents: - Contents:
["eluV5Og3gSNII8EYnsxA_A", "medicinalProductName", "COVID-19 ["eluV5Og3gSNII8EYnsxA_A", "medicinalProductName", "COVID-19
Vaccine Moderna"] Vaccine Moderna"]
*Claim marketingAuthorizationHolder*: * Claim marketingAuthorizationHolder:
* SHA-256 Hash: - SHA-256 Hash:
Lb027q691jXXl-jC73vi8ebOj9smx3C-_og7gA4TBQE Lb027q691jXXl-jC73vi8ebOj9smx3C-_og7gA4TBQE
* Disclosure: - Disclosure:
WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgIm1hcmtldGluZ0F1dGhvcml6YXRpb2 WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgIm1hcmtldGluZ0F1dGhvcml6YXR
5Ib2xkZXIiLCAiTW9kZXJuYSBCaW90ZWNoIl0 pb25Ib2xkZXIiLCAiTW9kZXJuYSBCaW90ZWNoIl0
* Contents: - Contents:
["6Ij7tM-a5iVPGboS5tmvVA", "marketingAuthorizationHolder", ["6Ij7tM-a5iVPGboS5tmvVA", "marketingAuthorizationHolder",
"Moderna Biotech"] "Moderna Biotech"]
*Claim nextVaccinationDate*: * Claim nextVaccinationDate:
* SHA-256 Hash: - SHA-256 Hash:
R2fGbfA07Z_YlkqmNZyma1xyyx1XstIiS6B1Ybl2JZ4 R2fGbfA07Z_YlkqmNZyma1xyyx1XstIiS6B1Ybl2JZ4
* Disclosure: - Disclosure:
WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgIm5leHRWYWNjaW5hdGlvbkRhdGUiLC WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgIm5leHRWYWNjaW5hdGlvbkRhdGU
AiMjAyMS0wOC0xNlQxMzo0MDoxMloiXQ iLCAiMjAyMS0wOC0xNlQxMzo0MDoxMloiXQ
* Contents: - Contents:
["eI8ZWm9QnKPpNPeNenHdhQ", "nextVaccinationDate", ["eI8ZWm9QnKPpNPeNenHdhQ", "nextVaccinationDate",
"2021-08-16T13:40:12Z"] "2021-08-16T13:40:12Z"]
*Claim countryOfVaccination*: * Claim countryOfVaccination:
* SHA-256 Hash: - SHA-256 Hash:
JzjLgtP29dP-B3td12P674gFmK2zy81HMtBgf6CJNWg JzjLgtP29dP-B3td12P674gFmK2zy81HMtBgf6CJNWg
* Disclosure: - Disclosure:
WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImNvdW50cnlPZlZhY2NpbmF0aW9uIi WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImNvdW50cnlPZlZhY2NpbmF0aW9
wgIkdFIl0 uIiwgIkdFIl0
* Contents: - Contents:
["Qg_O64zqAxe412a108iroA", "countryOfVaccination", "GE"] ["Qg_O64zqAxe412a108iroA", "countryOfVaccination", "GE"]
*Claim dateOfVaccination*: * Claim dateOfVaccination:
* SHA-256 Hash: - SHA-256 Hash:
zJK_eSMXjwM8dXmMZLnI8FGM08zJ3_ubGeEMJ-5TBy0 zJK_eSMXjwM8dXmMZLnI8FGM08zJ3_ubGeEMJ-5TBy0
* Disclosure: - Disclosure:
WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImRhdGVPZlZhY2NpbmF0aW9uIiwgIj WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImRhdGVPZlZhY2NpbmF0aW9uIiw
IwMjEtMDYtMjNUMTM6NDA6MTJaIl0 gIjIwMjEtMDYtMjNUMTM6NDA6MTJaIl0
* Contents: - Contents:
["AJx-095VPrpTtN4QMOqROA", "dateOfVaccination", ["AJx-095VPrpTtN4QMOqROA", "dateOfVaccination",
"2021-06-23T13:40:12Z"] "2021-06-23T13:40:12Z"]
*Claim order*: * Claim order:
* SHA-256 Hash: - SHA-256 Hash:
b0eUsvGP-ODDdFoY4NlzlXc3tDslWJtCJF75Nw8Oj_g b0eUsvGP-ODDdFoY4NlzlXc3tDslWJtCJF75Nw8Oj_g
* Disclosure: - Disclosure:
WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgIm9yZGVyIiwgIjMvMyJd WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgIm9yZGVyIiwgIjMvMyJd
* Contents: - Contents:
["Pc33JM2LchcU_lHggv_ufQ", "order", "3/3"] ["Pc33JM2LchcU_lHggv_ufQ", "order", "3/3"]
*Claim gender*: * Claim gender:
* SHA-256 Hash: - SHA-256 Hash:
3nzLq81M2oN06wdv1shHvOEJVxZ5KLmdDkHEDJABWEI 3nzLq81M2oN06wdv1shHvOEJVxZ5KLmdDkHEDJABWEI
* Disclosure: - Disclosure:
WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImdlbmRlciIsICJGZW1hbGUiXQ WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImdlbmRlciIsICJGZW1hbGUiXQ
* Contents: - Contents:
["G02NSrQfjFXQ7Io09syajA", "gender", "Female"] ["G02NSrQfjFXQ7Io09syajA", "gender", "Female"]
*Claim birthDate*: * Claim birthDate:
* SHA-256 Hash: - SHA-256 Hash:
Pn1sWi06G4LJrnn-_RT0RbM_HTdxnPJQuX2fzWv_JOU Pn1sWi06G4LJrnn-_RT0RbM_HTdxnPJQuX2fzWv_JOU
* Disclosure: - Disclosure:
WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImJpcnRoRGF0ZSIsICIxOTYxLTA4LT WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImJpcnRoRGF0ZSIsICIxOTYxLTA
E3Il0 4LTE3Il0
* Contents: - Contents:
["lklxF5jMYlGTPUovMNIvCA", "birthDate", "1961-08-17"] ["lklxF5jMYlGTPUovMNIvCA", "birthDate", "1961-08-17"]
*Claim givenName*: * Claim givenName:
* SHA-256 Hash: - SHA-256 Hash:
lF9uzdsw7HplGLc714Tr4WO7MGJza7tt7QFleCX4Itw lF9uzdsw7HplGLc714Tr4WO7MGJza7tt7QFleCX4Itw
* Disclosure: - Disclosure:
WyJuUHVvUW5rUkZxM0JJZUFtN0FuWEZBIiwgImdpdmVuTmFtZSIsICJNYXJpb24iXQ WyJuUHVvUW5rUkZxM0JJZUFtN0FuWEZBIiwgImdpdmVuTmFtZSIsICJNYXJpb24
iXQ
* Contents: - Contents:
["nPuoQnkRFq3BIeAm7AnXFA", "givenName", "Marion"] ["nPuoQnkRFq3BIeAm7AnXFA", "givenName", "Marion"]
*Claim familyName*: * Claim familyName:
* SHA-256 Hash: - SHA-256 Hash:
1lSQBNY24q0Th6OGzthq-7-4l6cAaxrYXOGZpeW_lnA 1lSQBNY24q0Th6OGzthq-7-4l6cAaxrYXOGZpeW_lnA
* Disclosure: - Disclosure:
WyI1YlBzMUlxdVpOYTBoa2FGenp6Wk53IiwgImZhbWlseU5hbWUiLCAiTXVzdGVybW WyI1YlBzMUlxdVpOYTBoa2FGenp6Wk53IiwgImZhbWlseU5hbWUiLCAiTXVzdGV
FubiJd ybWFubiJd
* Contents: - Contents:
["5bPs1IquZNa0hkaFzzzZNw", "familyName", "Mustermann"] ["5bPs1IquZNa0hkaFzzzZNw", "familyName", "Mustermann"]
*Claim administeringCentre*: * Claim administeringCentre:
* SHA-256 Hash: - SHA-256 Hash:
TCmzrl7K2gev_du7pcMIyzRLHp-Yeg-Fl_cxtrUvPxg TCmzrl7K2gev_du7pcMIyzRLHp-Yeg-Fl_cxtrUvPxg
* Disclosure: - Disclosure:
WyI1YTJXMF9OcmxFWnpmcW1rXzdQcS13IiwgImFkbWluaXN0ZXJpbmdDZW50cmUiLC WyI1YTJXMF9OcmxFWnpmcW1rXzdQcS13IiwgImFkbWluaXN0ZXJpbmdDZW50cmU
AiUHJheGlzIFNvbW1lcmdhcnRlbiJd iLCAiUHJheGlzIFNvbW1lcmdhcnRlbiJd
* Contents: - Contents:
["5a2W0_NrlEZzfqmk_7Pq-w", "administeringCentre", "Praxis ["5a2W0_NrlEZzfqmk_7Pq-w", "administeringCentre", "Praxis
Sommergarten"] Sommergarten"]
*Claim batchNumber*: * Claim batchNumber:
* SHA-256 Hash: - SHA-256 Hash:
V7kJBLK78TmVDOmrfJ7ZuUPHuK_2cc7yZRa4qV1txwM V7kJBLK78TmVDOmrfJ7ZuUPHuK_2cc7yZRa4qV1txwM
* Disclosure: - Disclosure:
WyJ5MXNWVTV3ZGZKYWhWZGd3UGdTN1JRIiwgImJhdGNoTnVtYmVyIiwgIjE2MjYzOD WyJ5MXNWVTV3ZGZKYWhWZGd3UGdTN1JRIiwgImJhdGNoTnVtYmVyIiwgIjE2MjY
I3MzYiXQ zODI3MzYiXQ
* Contents: - Contents:
["y1sVU5wdfJahVdgwPgS7RQ", "batchNumber", "1626382736"] ["y1sVU5wdfJahVdgwPgS7RQ", "batchNumber", "1626382736"]
*Claim healthProfessional*: * Claim healthProfessional:
* SHA-256 Hash: - SHA-256 Hash:
1V_K-8lDQ8iFXBFXbZY9ehqR4HabWCi5T0ybIzZPeww 1V_K-8lDQ8iFXBFXbZY9ehqR4HabWCi5T0ybIzZPeww
* Disclosure: - Disclosure:
WyJIYlE0WDhzclZXM1FEeG5JSmRxeU9BIiwgImhlYWx0aFByb2Zlc3Npb25hbCIsIC WyJIYlE0WDhzclZXM1FEeG5JSmRxeU9BIiwgImhlYWx0aFByb2Zlc3Npb25hbCI
I4ODMxMTAwMDAwMTUzNzYiXQ sICI4ODMxMTAwMDAwMTUzNzYiXQ
* Contents: - Contents:
["HbQ4X8srVW3QDxnIJdqyOA", "healthProfessional", ["HbQ4X8srVW3QDxnIJdqyOA", "healthProfessional",
"883110000015376"] "883110000015376"]
This is an example of an SD-JWT+KB that discloses only type, This is an example of an SD-JWT+KB that discloses only type,
medicinalProductName, atcCode of the vaccine, type of the recipient, medicinalProductName, atcCode of the vaccine, type of the recipient,
type, order, and dateOfVaccination: type, order, and dateOfVaccination:
eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImV4YW1wbGUrc2Qtand0In0.eyJAY29udGV4 eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImV4YW1wbGUrc2Qtand0In0.eyJAY29udGV4
dCI6IFsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCAiaHR0 dCI6IFsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCAiaHR0
cHM6Ly93M2lkLm9yZy92YWNjaW5hdGlvbi92MSJdLCAidHlwZSI6IFsiVmVyaWZpYWJs cHM6Ly93M2lkLm9yZy92YWNjaW5hdGlvbi92MSJdLCAidHlwZSI6IFsiVmVyaWZpYWJs
ZUNyZWRlbnRpYWwiLCAiVmFjY2luYXRpb25DZXJ0aWZpY2F0ZSJdLCAiaXNzdWVyIjog ZUNyZWRlbnRpYWwiLCAiVmFjY2luYXRpb25DZXJ0aWZpY2F0ZSJdLCAiaXNzdWVyIjog
Imh0dHBzOi8vZXhhbXBsZS5jb20vaXNzdWVyIiwgImlzc3VhbmNlRGF0ZSI6ICIyMDIz Imh0dHBzOi8vZXhhbXBsZS5jb20vaXNzdWVyIiwgImlzc3VhbmNlRGF0ZSI6ICIyMDIz
skipping to change at line 4757 skipping to change at line 4760
... ...
"family_name": "M\u00f6bius", "family_name": "M\u00f6bius",
"address": { "address": {
"street_address": "Schulstr. 12", "street_address": "Schulstr. 12",
"locality": "Schulpforta" "locality": "Schulpforta"
} }
... ...
or as or as
... ...
"family_name": "Möbius", "family_name": "Möbius",
"address": {"locality":"Schulpforta", "street_address":"Schulstr. 12"} "address": {"locality":"Schulpforta", "street_address":"Schulstr. 12"}
... ...
The two representations of the value in family_name are very The two representations of the value in family_name are very
different on the byte level, but they yield equivalent objects. The different on the byte level, but they yield equivalent objects. The
same is true for the representations of address, which vary in white same is true for the representations of address, which vary in white
space and order of elements in the object. space and order of elements in the object.
The variations in white space, ordering of object properties, and The variations in white space, ordering of object properties, and
encoding of Unicode characters are all allowed by the JSON encoding of Unicode characters are all allowed by the JSON
specification, including further variations, e.g., concerning specification, including further variations, e.g., concerning
floating-point numbers, as described in [RFC8785]. Variations can be floating-point numbers, as described in [RFC8785]. Variations can be
 End of changes. 638 change blocks. 
795 lines changed or deleted 797 lines changed or added

This html diff was produced by rfcdiff 1.48.