search

italia / eudi-wallet-it-docs

Italian EUDI Wallet Technical Specifications
Creative Commons Zero v1.0 Universal
51 stars 15 forks source link

[Status Assertions Request] - Credential PoP #341

Open pietroACN opened 1 week ago

pietroACN commented 1 week ago

The Credential Proof of Possession includes the hash value of a Digital Credential to allow Credential Issuer proper attestation binding to the previously issued credential. As the Status Attestation requires the Credential Issuer to request the Authentic Source to verify the credential and respond with a status information, there's a need for the Credential Issuer to store locally additional information needed by the Authentic Source to perform such verification (driving license verification would for example require user ID and driving license number). A large Credential Issuer therefore will need to store, for each credential hash, a set of extra data, including the type of credential (PersonIdentificationData, EuropeanDisabilityCard, EuropeanHealthInsuranceCard,MDL...) and the corresponding fields required to obtain status verification from the Authentic Source.

To minimize the amount of personal data stored at Credential Issuer side, the Credential Proof of Possession should include some extra information, for example:

1) The type of credential: this allows at Credential Issuer side to avoid linking the credential hash to the typology, thus reducing linking credential owner to it (very sensitive for example in case of Disability Card) 2) The used Identifier: this this allows at Credential Issuer side to avoid linking the credential hash to the owner. 3) The document Id: the unique identifier of the document the attestation is related to

To improve security, the previous data can be provided encrypted with the public key of the Credential Issuer.

peppelinux commented 4 days ago

As the Status Attestation requires the Credential Issuer to request the Authentic Source to verify the credential and respond with a status information, there's a need for the Credential Issuer to store locally additional information needed by the Authentic Source to perform such verification (driving license verification would for example require user ID and driving license number).

not necessarly, if the authentic source's entry contained in its response contains a unique identifier, as traditionally required in the databases entries.

we can add this as an implementation consideration

@fmarino-ipzs ^

pietroACN commented 4 days ago

As it is, the actual implementation will create a situation where the entire framework will not work properly: 1) Credential Issuer will be forced to store locally privacy-sensitive information about the attestation, thus violating Art5- point 16 of the regulation 2) Will make impossible to issue Status Assertion/Attestation whenever Credential Issuer would change (due to loss of certification or any other reason) as the only entity that would be able to relate the credential hash with additional information would be the Credential Issuer 3) would create a lack-in situation for the AS in relation to the credential issuer