[DCQL] Specify what selecting a selectively disclosable object means #679
Description
In Section 6.4 it is specified that DCQL allows [...] selecting a minimal dataset to fulfill the Verifier's request in a privacy-friendly manner [...]. Further Wallets MUST NOT send selectively disclosable claims that have not been selected according to the rules below.
The question now arose what happens with the following object
{
"birth_place" : { <------ as a whole selectively disclosable
"locality" : "somehting", <--- selectively disclosable
"street" : "something street", <----- selectively disclosable
"house_number" : 25 <---- _NOT_ selectively disclosable
}
[...]
}when the following claims pointer is requested:
["birth_place"]My interpretation of "selecting a minimal dataset to fulfill the verifiers request" would mean that only house_number would be revealed. I have asked this question to a very small non representative set of people, and intuitively all of them would agree with my interpretation.
The specification provides us with an example:
["address"]: The claim address with its sub-claims as the value is selected.
Which naively contradicts my interpretation...
I think it would make sense to clarify that "sub-claims" also includes selectively disclosable sub-claims (to clarify this is indeed the intention). If this was not the intention, then it should definitely be specified that it only includes "NON disclosable sub-claims".