Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Addresses the

can were

case where a verifier cannot supply a challenge to proof the credential

Description (User Story)

The very first credentials were just parchements with a seal in wax or other media, like the Chinese "Chop" mark. These type of credential remain the most common today. This use case addresses credentials that can be read in digital format, but not modified by the user app in any way.

...

It is also possible for the verifier to obtain additional credentials as well as the RO Cred including a proof of presence response to a nonce transmitted by the Verifier.. That case is not addressed her here because the primary cred is still just an RO cred.

...

Prerequisites / Assumptions

...

  •  Duplication of RO cred can be simple and so mitigation like short time duration and online verification are often employed to prevent replay attacks.
  • Note that online verification is a privacy risk of the issuer leaning where the cred has been used. This logging is also considered to be a positive security feature as attacks during of after presentment can be evaluated.
  • One well-know replay attack against a smart health card COVID credential is that when installed on an Apple wallet, it can be displayed to another phone which can capture the cred and install in the reader's wallet.


Use Case Details

Privacy


Data Provided

...