Revocation Service Implementation

openwallet-foundation-labs / credhub

a cloud wallet for natural persons + minimal issuer and verifier implementations

https://credhub.eu

Apache License 2.0

6 stars 5 forks source link

Revocation Service Implementation #24

Closed mustafasalfiti closed 1 month ago

cre8 commented 2 months ago

We should follow this RFC

Right now the issuer does not track the issued credentials, this is relevant for him to revoke them, see #25
The oid4vp instance can be passed a revocationcheck function, but I am not sure if it i already compliant to sd-jwt-vc. If not, we can validate the revocation inside the normal validation function.
The wallet backend can check the revocation in an interval or each time the credential gets requested from the server

cre8 commented 2 months ago

PR is out to the sd-jwt-vc. Once this is merged, we can use the next version and implement it.

cre8 commented 2 months ago

The wallet should check in an interval if a credential is still valid. If not, a flag needs to be set in the DB to show the user that the credential got revoked. We should then move it to the archive since the credential can not be used for presentation anymore