C - Wallet Unit Attestation (WUA) and key attestation #333
Comments
|
We also need to add some requirements regarding WUA management, in particular in relation to requirement WURevocation_18. See also https://github.com/orgs/eu-digital-identity-wallet/projects/19/views/1?filterQuery=label%3A%22Chapter+6%22&pane=issue&itemId=66852365&issue=eu-digital-identity-wallet%7Ceudi-doc-architecture-and-reference-framework-private%7C242 |
|
The published implementing acts only seem to describe WUA, not WIA and WTE. Are WIA and WTE types of WUA? |
|
@sander: Correct. Consequently, ARF 1.5 has merge WTE and WIA into WUA. The idea is that a WUA is an attestation that complies with ISO/IEC 18013-5 and/or SD-JWT VC and therefore is selectively disclosable. Towards an Attestation Provider, the Wallet Unit will present the complete WUA (in the OpenID4VCI protocol). Towards an RP, in principle only the revocation information will be released. (All of this to be discussed as part of this topic.) |
|
Hi @david-bakker This may introduce correlation risks and is not quite the direction that experts and standards are going in OpenID4VCI. The differentiation into WIA and WTE actually makes a lot of sense because they are about different things and many parties have followed this direction already. |
|
Hi @paulbastian: Thanks for your comment; we will make sure it is reflected in the discussion of this topic with the Member States. |
Description
Define high-level requirements for WUA as defined in the IAs of article 5a, and for the key attestation.
Planned publication discussion paper
5 February 2025
Link to discussion paper
link will follow
Links to discussion thread(s)
link will follow
Discussion close
Three weeks later.
The text was updated successfully, but these errors were encountered: