You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: draft-ietf-oauth-status-list.md
+12-3Lines changed: 12 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -994,9 +994,14 @@ This behaviour may be mitigated by:
994
994
- private relay protocols or other mechanisms hiding the original sender like {{RFC9458}}.
995
995
- using trusted Third Party Hosting, see [](#third-party-hosting).
996
996
997
-
## Malicious Issuers
997
+
## Issuer Tracking of Reference Tokens
998
998
999
-
A malicious Issuer could bypass the privacy benefits of the herd privacy by generating a unique Status List for every Referenced Token. By these means, the Issuer could maintain a mapping between Referenced Tokens and Status Lists and thus track the usage of Referenced Tokens by utilizing this mapping for the incoming requests. This malicious behaviour could be detected by Relying Parties that request large amounts of Referenced Tokens by comparing the number of different Status Lists and their sizes.
999
+
An Issuer could maliciously or accidentally bypass the privacy benefits of the herd privacy by either:
1000
+
1001
+
- Generating a unique Status List for every Referenced Token. By these means, the Issuer could maintain a mapping between Referenced Tokens and Status Lists and thus track the usage of Referenced Tokens by utilizing this mapping for the incoming requests.
1002
+
- Encoding a unique URI in each Reference Token which points to the underlying Status List. This may involve using URI components such as query parameters, unique path segments, or fragments to make the URI unique.
1003
+
1004
+
This malicious behavior can be detected by Relying Parties that request large amounts of Referenced Tokens by comparing the number of different Status Lists and their sizes with the volume of Reference Tokens being verified.
1000
1005
1001
1006
## Observability of Relying Parties {#privacy-relying-party}
1002
1007
@@ -1464,6 +1469,7 @@ IANA is also requested to register the following OID "1.3.6.1.5.5.7.3.TBD" in th
1464
1469
{:numbered="false"}
1465
1470
1466
1471
We would like to thank
1472
+
Andrii Deinega,
1467
1473
Brian Campbell,
1468
1474
Dan Moore,
1469
1475
Denis Pinkas,
@@ -1900,6 +1906,10 @@ CBOR encoding:
1900
1906
# Document History
1901
1907
{:numbered="false"}
1902
1908
1909
+
-13
1910
+
1911
+
* added further privacy consideration around issuer tracking using unique URIs
1912
+
1903
1913
-12
1904
1914
1905
1915
* Allow for extended key usage OID to be used for other status mechanisms
@@ -1911,7 +1921,6 @@ CBOR encoding:
1911
1921
* clarifying description texts for status and status_list in CBOR
1912
1922
* splitting Linkability Mitigation from Token Lifecycle section in Implementation Consideration
1913
1923
* relax the accept header from must to should
1914
-
* added further privacy consideration around issuer tracking using unique URIs
0 commit comments