-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wallet Architecture #197
Comments
We can add security smartphone development requirements for the Wallet Instance such as the OWASP Mobile application security (required for eIDAS) and the ENISA Smartphone Guidelines. |
This section should describe (in short) how the Wallet Solution attests the reliability of the cryptographic keys. as @grausof mentioned: For Android you can find the references here: https://developer.android.com/privacy-and-security/security-key-attestation While for iOS: https://developer.apple.com/documentation/devicecheck/establishing-your-app-s-integrity Furthermore, the keys are always linked to an instance of the app (verifiable via integrity check) therefore the key-WSCD association is guaranteed by the same certificate. This means that you only need to certify WSCD to also have the attestation of the keys on the Wallet Provider side for free |
for the resolution of this issue we should include also this aspect |
We need to define the nonce request and response related to the provisioning of the wallet attestation @grausof ^ |
Resolved by #233 |
Partially resolved in #233 |
To be closed since we don't want to re-define what the ARF has well represented about the internal wallet architecture. another issue will be open requiring how the ref to the ARF should be made |
At this current stage, the National technical public specifications don’t cover the aspects of internal Wallet Architecture and Security. However, we’re planning to include these aspects in the section of the technical specifications at the following URL:
https:/italia/eudi-wallet-it-docs/blob/versione-corrente/docs/en/wallet-solution.rst
in this section we plan to describe the use of the local WCSD and the local external WSCD
The text was updated successfully, but these errors were encountered: