You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The usage of a Key Binding JWT (KB-JWT) is a key element as it needs to be tied to a specific SD-JWT when its payload includes a hash of the SD-JWT in its sd_hash claim.
At the same time it needs prove possession of of the private key of the associated key pair.
To enforce this a Key Binding JWT (KB-JWT) signature must be verified by the same public key included (or referenced) in the SD-JWT.
The actual 0.8.0 documentation misses to provide such signature requirement, thus there's need to explicitly describe and require such key-binding detail.
The text was updated successfully, but these errors were encountered:
The usage of a Key Binding JWT (KB-JWT) is a key element as it needs to be tied to a specific SD-JWT when its payload includes a hash of the SD-JWT in its sd_hash claim.
At the same time it needs prove possession of of the private key of the associated key pair.
To enforce this a Key Binding JWT (KB-JWT) signature must be verified by the same public key included (or referenced) in the SD-JWT.
The actual 0.8.0 documentation misses to provide such signature requirement, thus there's need to explicitly describe and require such key-binding detail.
The text was updated successfully, but these errors were encountered: