Some initial text for security consideration sections based on ECDSA and key management standards documents.
The security (integrity/authenticity) of a verifiable credential signed by a digital signature algorithm is dependent on a number of factors including:
the correct application of the signature algorithm to a verifiable credential (this specification)
the choice of of signature algorithm (ECDSA) and its parameters (P-256, P-384)
the correct implementation and usage of the signature algorithm particularly with respect to well known trouble spots
the proper management of the private and public keys use for signing and verification
In the following sections we review these important points and point the readers to where to find additional information.
Some initial text for security consideration sections based on ECDSA and key management standards documents.
The security (integrity/authenticity) of a verifiable credential signed by a digital signature algorithm is dependent on a number of factors including:
In the following sections we review these important points and point the readers to where to find additional information.
More stuff in the PR...
Preview | Diff