digeorgi
commented
1 month ago Thank you very much for your comment. A DTC in an EUDI Wallet cannot comply with all requirements in ICAO Doc 9303. This is because ICAO Doc 9303 specifies passports in the form of contactless smart cards complying with ISO/IEC 14443 and ISO/IEC 7816-4. The communication protocol defined in these standards is not compatible with the standards required for requesting and presenting attestations in the EUDI Wallet, namely ISO/IEC 18013-5 and OpenID4VP.
We note that in this context the effort to standardize the "Photo ID" document as part of ISO/IEC 23220-4 is promising. This would allow the presentation of the various Data Groups defined in ICAO Doc 9303 as attributes, using the abovementioned standards for the EUDI Wallet. The specification of these Data Groups (i.e. their TLV structure) would not be changed with regard to ICAO Doc 9303, only the manner in which they are requested and presented. However, since ISO/IEC 23220-4 is still in preparation and is not public, ARF 1.5.0 will not reference the "Photo ID" specification.
Description
Name: Heather Dahl, Indicio
ARF Chapter: 2.5.4 Digital Travel Credential “Digital Travel Credential (DTC) Providers may issue DTCs to EUDI Wallets in a supported format enabling Relying Parties to identify Users and their travel, thus facilitating the travel experience and the User journey in this dynamic sector.”
Recommendation: It should be stated that the DTC must be based upon the International Civil Aviation Organization Digital Travel Credential technical specification document 9303. This is to ensure that such credentials are interoperable and that they are globally acceptable in the same way as physical paper passports are today.