woutslakhorst
commented
1 year ago Accept all credentials requires no config and supports all future use cases. But this would enable credential spamming by untrusted issuers. The type of credential is not the problem here.
Any network participant could spam any other participant. There are two approaches to solve this problem: prevent or fix. Prevention focusses on not accepting offers from certain parties. Fixing focusses on blocking and deleting after the fact. Prevention is done by using an allowlist based on:
- manually added DID/type combo's
- allowing DIDs based on attestations In all cases this would not block a node that started out nicely and then starts to spam. A fix is always needed. So let's focus on the fix first.
Detection:
- warnings in logs when a lot of VCs are offered
- statistics on VCs per issuer/subject/type
- rules per type for the above two rules
Fix:
- block spammer via firewall (x509 based)
- delete VCs based on params
reinkrul
Although this is a more involved problem in a server-to-server flow (since there's no user to accept the VC into the wallet), the least it should do is filter credential offers for credentials it wants. This should be a configurable list.
For now, it should accept
NutsAuthorizationCredentialby default.It should also handle all of the offers (if applicable), instead of just one.