SID-DATA-01 — SD-JWT Selective Disclosure

Property	Value
Owner	platform
Category	technical
CSF Function	protect
Group	Data Protection Controls

Description

SD-JWT VC issuance/verification with per-claim selective disclosure. Claims hidden via salted SHA-256 hashes. Key Binding JWT (KB-JWT) proves holder possession with nonce, audience, iat, and sd_hash validation. Full verification: signature → disclosure reconstruction → time validation → trust.

Components

VC Issuer/Verifier

Source References

vc/sdjwtvc/

Framework Requirements

EUDI Security Requirements: WUP-8.2.3-Fun-11, WUP-8.2.3-Sec-14

FitCEM Wallet Instance: FIT-AU-14

ISO 27001 Annex A: A.5.12, A.5.34, A.8.11

GDPR Checklist: Take data protection into account at all times, Encrypt, pseudonymize, or anonymize

STRIDE Threat Model: WB-I-2, VC-I-1, FT-I-1, FT-I-2

Description​

Components​

Source References​

Framework Requirements​

Description

Components

Source References

Framework Requirements