digeorgi
commented
2 days ago Thank you very much for your comments. Most of them seem to be aimed at ETSI 119 476, which is document different from the ARF and not authored by the European Commission. We would encourage you to bring your comments to the attention of ETSI.
Regarding the Cryptographers Feedback: please see our response in the relevant discussion #211
Good to see that efforts have gone into improving ETSI 119 476 (v 1.21) https://www.etsi.org/deliver/etsi_tr/119400_119499/119476/01.02.01_60/tr_119476v010201p.pdf
However, it is also clear that there is still far to go before even minimum security requirements are addressed. Fact is that this technical report does not contain a single solution to support even the most obvious digital processes.
Main remarks:
Surprising how biased the discussion Camenisch-Lysyanskaya vs e.g. U-prove is. Deploying multi-show unlinkable proofs are outright dangerous - especially when you deploy these in such an unsafe smartphone based setup as ARF where citizens do not have means to control the keys. I support the Cryptographers Feedback on this warning to depend on revocation.
There is not even an attempt to address the basic problem that issuers are assumed to be surveillance-based. Huge gaps.
Handling of biometrics is non-existing and in itself a massive threat to fundamentals
Atomic credentials are insufficient handled. More work on Trustworthy PKI is critical as the presently only way we see to square the circle making ends meet. This is however also possible within the existing standards so we might need to consider if there is a paradigme problem desperately trying to make some magic crypto that does not exist without considering engineering solutions?
ARF still need to go back and upgrade every single Use Case as they are all surveillance-based.