- changed status to open
Restate data minimisation claims a little
Issue #1368
resolved
As discussed on https://bitbucket.org/openid/ekyc-ida/issues/1366/requesting-sub-claims-of-address-claims it’s not currently possible to request subclaims of the address claim - I think we should more explicitly call this out. e.g. https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html#section-6.1 currently says:
Use of the
claimsparameter allows the RP to exactly select the Claims about the End-User needed for its use case. This extension therefore allows RPs to fulfill the requirement for data minimization.
“exactly” could be removed, and I think this could have an additional sentence added something along the lines of:
”Note that it is currently only possible to request entire claims, for example there is no syntax that allows only the ‘country’ subclaim of the ‘address’ claim to be returned.”
Comments (6)
-
-
- changed milestone to IDA Final
-
I have re-written this as follows to allow for a potential future stae where it is possible (AKA Advanced Syntax for Claims)…
“
Use of the `claims` parameter allows the RP to request specified Claims about the End-User needed for its use case. This allows RPs to fulfill the requirements for data minimization by requesting only required Claims. Note: it is not possible to request sub-claims (for example the ‘country’ subclaim of the ‘address’ claim) using mechanisms from OpenID Connect Core or this draft.“ -
reporter
Sounds good to me.
-
Addressed by PR #166
-
- changed status to resolved
Addressed by PR#166
- Log in to comment
- Assignee
- –
- Type
- Priority
- Status
- resolved
- Component
- Core eKYC&IDA
- Milestone
- IDA Final
- Votes
- 0
- Watchers
- 1
