the spec currently allows to use short cuts for defining the claims to be attested in the verified_claims structure
“Note: A claims sub-element with value null is interpreted as a request for all possible Claims. An example is shown in the following …”
Feedback indicates this leads to ambiguity and does not foster privacy preserving behaviour of RPs
I suggest to drop the short cut.