peppelinux
commented
1 month ago It sounds really resonable. Please provide a PR for this proposal
at the same time, please, bring all your awareness about the evidence that a wallet provider, in particular a public solution, carries the national first level domain (eg: .it) and this imply that a wallet attestation, by disclosing its wallet provider (issuer) discloses also the domain ...
The actual requirement 4 states: " The Wallet Attestation MUST be issued and signed by an accredited and reliable Wallet Provider, thereby providing integrity and authenticity to the attestation." Link
The text could be misleading and should be updated as follows: "The Wallet Attestation must be signed by the SAME Wallet Provider that is authoritative for (thus has issued) that wallet, as indicated by the overseeing Accreditation Body/Authority, so that the Attestation will uniquely bind the Wallet Provider to this Wallet Instance"