peppelinux
commented
4 months ago This is out of scope for this draft, just an issue for our awareness related to RP's requirements and claims
Open peppelinux opened 4 months ago
peppelinux
commented
4 months ago This is out of scope for this draft, just an issue for our awareness related to RP's requirements and claims
In the current implementation of the Status Attestation process, there is a need to introduce a mechanism that allows verifiers to specify how recent (in minutes) a Status Attestation needs to be. This requirement stems from scenarios where the verifier of a digital credential necessitates the Status Attestation to be exceptionally fresh to ensure the highest level of accuracy and security.
To accommodate this, we propose the development of a feature within the Status Attestation request protocol that enables verifiers to indicate a maximum age (N minutes) for the Status Attestation. This will ensure that the attestation provided is no older than the specified timeframe, meeting the verifier's requirements for freshness.
This feature necessitates the Wallet Instance to have an active internet connection to obtain the most up-to-date Status Attestation from the Credential Issuer, as per the verifier's request.
This information should be statically provided, per credential type, within the presentation request or within the presentation definition in the verifier's metadata.