Simone Onofri
Simone Onofri
thanks @OR13 I've just update it (and maybe I need to move from an issue to something different). Clarified a bit the scope that I agree it is broader to...
@weizman have you some insight as you have experience in the Wallets-in-the-Browsers (even if probably more on high-level than [your article]( https://weizmangal.com/2024/01/21/browsers-wallet-security-debunk/) and also on user experience?
by @peppelinux on [linkedin](https://www.linkedin.com/feed/update/urn:li:activity:7198584379550420992?commentUrn=urn%3Ali%3Acomment%3A%28activity%3A7198584379550420992%2C7198641111035207680%29&dashCommentUrn=urn%3Ali%3Afsd_comment%3A%287198641111035207680%2Curn%3Ali%3Aactivity%3A7198584379550420992%29) > 1. Foundational digital identity systems streamline and secure identification across platforms, enhancing security, reducing fraud, and improving service access, which cuts costs beyond just money....
by Stephan Engberg on [linkedin](https://www.linkedin.com/feed/update/urn:li:activity:7198584379550420992?commentUrn=urn%3Ali%3Acomment%3A%28activity%3A7198584379550420992%2C7198939975034265600%29&dashCommentUrn=urn%3Ali%3Afsd_comment%3A%287198939975034265600%2Curn%3Ali%3Aactivity%3A7198584379550420992%29) > It depends on how you define Digital Identity. > > If it is vulnurable to loss, theft, renting, man-in-the-middle, tracking, lock-in etc. or simply...
I updated the model by improving the scope, architectural, and flow analysis parts, then wrote the various prompt lists to brainstorm on.
Hi @TomCJones > this is more of a threat meta-model as the details about the vulnerabilities, costs, mitigations, and justifications are missing. That is ok as a start, although mixing...
hi @csuwildcat , thank you for the feedback. i was more thinking of a correlation issues as specified here: https://www.w3.org/TR/vc-bitstring-status-list/#privacy-considerations for sure, I am going to explain better the concept
Additional points to consider: - https://github.com/WICG/digital-credentials/issues/139 by @martinthomson - https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/issues/200 by @alysyans
We're also started working with Fondazione Bruno Kessler as they have a Threat Model to on the Wallet/Protocol side: https://drive.google.com/drive/folders/1mgwhZ0jTAeGIE8Ewf3kK34dLjPwOTM5L
@bvandersloot-mozilla I agree with you. it is needed a refinement "numbering" the threats, the mitigation so that we can understand the residial part (and understand what to do)