openwallet-foundation / safe-wallet-sig

This special interest group (SIG) will create, distribute and promote a set of material that will become the de-facto way to determine how "safe" the new breed of digital wallets is, and be able to compare them effectively. This SIG is a sub-group reporting to the OpenWallet Foundation's Technical Advisory Committee.
Creative Commons Attribution 4.0 International
9 stars 8 forks source link

Pillar 2: Security - Responsibilities of Wallet vs Issuer #42

Open tlodderstedt opened 3 months ago

tlodderstedt commented 3 months ago

"Digital wallets are instrumental to the acquisition, storage and presentation of credential-based assertions, and the security of wallets is essential to safeguarding the integrity and privacy of those assertions. "

I would argue the typical wallet is responsible to ensure the confidentiality of the credentials and the cryptographic binding of the credentials to the holder. The integrity and authenticity of the credentials itself should be ensured by the issuer's signature. Would you agree? This is an important differentiation as it also determines the requirements towards a wallet. A wallet needs to ensure proper management of the key used to proof the user authentication to the verifier. And the issuer needs to make sure an adequate protection level of that key before issuing a credential bound to it. And it needs to protect the credentials' confidentiality, e.g. by encrypting them and ensuring access to the data is only possible after user authentication.

tlodderstedt commented 3 months ago

same for "Credential Management: Credential management in the context of a digital wallet refers to the process of handling and safeguarding digital credentials to ensure their integrity."

andy-tobin commented 2 months ago

The wallet is a key part in the "chain of custody" of the credentials within. This sentence is focused on stating that the wallet is such a component, and that is should not disrupt or prevent another party (eg a verifier/relying party) from checking the source and integrity of the assertions that have been made.

andy-tobin commented 2 months ago

The SIG call attendees noted the complexities of the use of the word "integrity", but noted that in the context of the whole sentence, and the audience not necessarily being experts in the identity-world-centric definition of attribute and attestation integrity, that it is OK. However if you'd like to propose an alternative in a pull request we'll take a look at it.

tbloomfi commented 2 months ago

Perhaps the following wording?

Digital wallets are instrumental to the acquisition, storage and presentation of credential-based assertions, and the security of wallets is essential to safeguarding the chain of custody and privacy of those assertions