Open peppelinux opened 9 months ago
if the design is where access token is sender constrained and the DPoP key is cloud HSM protected, if the user sets up a PIN that needs to be typed to generate DPoP proof, that addresses 1, and if access token is sender constrained, that would mitigate 2. (but honestly if DPoP proof is cloud HSM protected and Wallet backend key for WIA as well and the attacker can steal both, that is a bigger problem and seems to be a no-go...)