It consists of a new section "Security and Privacy Considerations" that provides an informal security analysis of the IT Wallet specification by analyzing the compliance with the security and privacy requirements identified in "Security and Trust in OpenID for Verifiable Credentials Ecosystems" specification.
For each requirement, we report its description and specifies whether the IT Wallet specification satisfies the requirement
(fully satisfied, partially satisfied, and not satisfied) and how/why. In case of partially or not satisfied, we provide also some tips on how to be compliant.
Editorial Note: Currently, we provide each requirement as a subsection in order to better navigate the analysis. However, this causes a long index. We should evaluate this aspect together.
This PR closes #125
It consists of a new section "Security and Privacy Considerations" that provides an informal security analysis of the IT Wallet specification by analyzing the compliance with the security and privacy requirements identified in "Security and Trust in OpenID for Verifiable Credentials Ecosystems" specification.
For each requirement, we report its description and specifies whether the IT Wallet specification satisfies the requirement (fully satisfied, partially satisfied, and not satisfied) and how/why. In case of partially or not satisfied, we provide also some tips on how to be compliant.
Editorial Note: Currently, we provide each requirement as a subsection in order to better navigate the analysis. However, this causes a long index. We should evaluate this aspect together.