Security Considerations

[jceb]

This is a placeholder issue for collecting security related topics that should be considered. The following come to my mind:

• A signed Verifiable Presentation can't be modified without the verifier noticing. However, it could be swapped out for another VP that has been previously signed by the holder.
  • ~The expiration date of a VP could be helpful to limit its use~
  • A storage medium like IPFS or a Blockchain with built-in guarantees solves the issue
  • Hashlinks that guarantee the integrity but it puts an additional burden on the client that's used by the verifier to unpack and verify the data against the has
  • did:webs' integrity information in the storage path would work for HTTP servers while putting an additional burden on the client that's used by the verifier

[jceb]

Update: an expiration date can't be used on a VP. The widely supported fields are listed here an expiration date is not part of it: https://w3c.github.io/vc-data-model/#presentations-0

[brianorwhatever]

RE: hashlinks

• VCWG is debating a property relatedResources which is the approach we should take https://www.w3.org/TR/vc-data-model-2.0/#integrity-of-related-resources

We shouldn't require IPFS or blockchain but leave that available as a possible approach. If web URLs are used we should recommend the related resources thing I mention above

[jceb]

For relatedResources to work for this spec, my understanding is that we'd need to add a similar mechanism to the DID document service entry. Let's talk about it in the upcoming meeting a create another issue for it.