DraftText for security Consideration Section

Wind4Greg commented 1 year ago

Some initial text for security consideration sections based on ECDSA and key management standards documents.

The security (integrity/authenticity) of a verifiable credential signed by a digital signature algorithm is dependent on a number of factors including:

the correct application of the signature algorithm to a verifiable credential (this specification)
the choice of of signature algorithm (ECDSA) and its parameters (P-256, P-384)
the correct implementation and usage of the signature algorithm particularly with respect to well known trouble spots
the proper management of the private and public keys use for signing and verification

In the following sections we review these important points and point the readers to where to find additional information.

More stuff in the PR...

Preview | Diff

msporny commented 1 year ago

Merge conflicts, please fix.

Wind4Greg commented 1 year ago

?

msporny commented 1 year ago

Editorial, multiple reviews, changes requested and made, no objections, merging.

w3c / vc-di-ecdsa

DraftText for security Consideration Section #11