eu-digital-identity-wallet / eudi-doc-architecture-and-reference-framework

The European Digital Identity Wallet
https://eu-digital-identity-wallet.github.io/eudi-doc-architecture-and-reference-framework/
Other
431 stars 60 forks source link

WSCD and HSM relationship #237

Open GSMA-EIG opened 4 months ago

GSMA-EIG commented 4 months ago

§ 4.2: We appreciate the fact that WSCD can have several form factors. It is mentioned that “One WSCA is associated with at most one Wallet Instance,…”. However, we do not understand this statement as an HSM will address several Wallets and it is not clear how multiple WSCA will be associated to a single WSCD. This needs to be clarified.

Annex §A.2.3.33: This paragraph does not take into account the case where WSCD is an HSM and where the private key remains available even after a device loss.

vilmosa commented 3 months ago

This one-to-one association of the Wallet instance and the WSCA is also an issue when both online and offline use cases need to be supported with a single wallet. (Obviously an HSM cannot support offline transactions, while presently there are no in-phone LoA High WSCDs which could be accessible for wallet issuers.) More about this issue at: https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/issues/197

digeorgi commented 3 days ago

Thank you very much for your input, we agree. The sentence "One WSCA is associated with at most one Wallet Instance..." should have read 'at least one Wallet Instance". This will be corrected. See also #197