Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DCQL: absence of claims element #367

Open
martijnharing opened this issue Dec 9, 2024 · 1 comment
Open

DCQL: absence of claims element #367

martijnharing opened this issue Dec 9, 2024 · 1 comment
Labels
query language

Comments

@martijnharing
Copy link

I think we discussed this in the past, but couldn't find an open issue for it. If it does exist (i.e. this is a duplicate), this issue can be closed.

DCQL says that if the claims parameter is absent: 'If claims is absent, the Verifier requests all claims existing in the Credential.' The existence of this option has a number of privacy problems and UI/UX issues which include:

  • It makes the easiest request option from an RP perspective (just request everything) the least privacy preserving option.
  • It allows an RP to make a request for sensitive claims seem less intrusive by not explicitly requesting the sensitive claims.

Given these privacy issues, we should either remove the option for 'claims' being absent, or define that when that's the case no claims are requested.
@Sakurann
Copy link
Collaborator

isn't this the duplicate of #304 ?

@c2bo c2bo mentioned this issue Dec 11, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
query language
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Sakurann @martijnharing