msporny
commented
3 months ago Yes, that section is strange and needs to be updated. I expect that it said something different long ago and and based on a series of changes over the years, does not make much sense today.
A PR should be raised to do exactly as you say -- the verifier should ask the holder to include a challenge, nonce, or expiry timestamp to mitigate the risk of replay attacks. We should also specify when a nonce is useful (where the holder wants to include extra information to ensure their signature isn't replayed, if the verifier enforces nonce uniqueness (which it should).
laysakura
https://github.com/w3c/vc-data-model/blob/4c6005da8e44ee0d78178b567989481b6012ee6e/index.html#L6038-L6041
The current wording in the document is technically accurate but may be misleading.
In the scenario described, the attacker is the holder. It seems unlikely that a malicious holder would voluntarily include a nonce or expiry timestamp in a Verifiable Presentation (VP) to prevent replay attacks.
It would be more appropriate to phrase this section with the verifier as the subject, suggesting that the verifier may require a nonce or expiry timestamp to mitigate the risk of such attacks. This adjustment would clarify the roles and responsibilities in this context and make the document more accurate.