This issue is being filed as part of the requested PING review, and on behalf of @NalaGinrut who did the review (who i hope will correct me if I've misstated their concerns).
The spec currently states that
Whether or not a TD satisfies the requirements of a given profile should be verifiable with automated tools. We can use the existing TD JSDON Schema as a basis and reuse the existing tooling (TD-playground)
However, its not clear how a client could verify that a TD is compliant and honest in its claims. What methods can a client, for example, use to ensure a device they're interacting with isn't being deceptive or malicious? If thats not possible, we think its important to say so explicitly in the security and privacy considerations section (i.e., that the protections require honesty, and are not robust to malicious/dishonest devices/participants)
This issue is being filed as part of the requested PING review, and on behalf of @NalaGinrut who did the review (who i hope will correct me if I've misstated their concerns).
The spec currently states that
However, its not clear how a client could verify that a TD is compliant and honest in its claims. What methods can a client, for example, use to ensure a device they're interacting with isn't being deceptive or malicious? If thats not possible, we think its important to say so explicitly in the security and privacy considerations section (i.e., that the protections require honesty, and are not robust to malicious/dishonest devices/participants)