GSMA Europe
GSMA Europe
Context: Security of a pre-provisioned PID Issue: In the ARF, there is a mention of use of a pre-provisioned PID (§4.2.1 in [1]),). We wonder how a high level of...
This document details comments on the new version of ARF. We want to restate that privacy and especially unlinkability shall be an essential part of ARF, this is not the...
The ARF details several protocols that will ensure technical interoperability for the EUDIW. However, service interoperability is also needed. Let’s take for example, a European citizen from country A who...
**Context**: Guaranteed privacy of the EU citizens is a major concern for EC. The comments is related to privacy and request to update ARF to ensure EU citizen privacy when...
Context: SIM/eSIM is missing as Secure Element to store and manage cryptographic keys Issue: The only universally deployed SE in phone is SIM/eSIM and is not listed. All kind of...
Context: Configuration types are misleading and should be based on Level of Security required per use case Issue: The configuration types as they are currently defined in the text are...
**Context**: Security and Privacy when using an “operational” but “non valid” EUDI Wallet **Issue**: We have not identified attributes and associated use cases that do not depend on being linked...
Privacy has not started to be taken into account in the ARF 1.4. The minimum would be to include the two following properties as mandatory objectives of the architecture: 1....
§ 4.2: We appreciate the fact that WSCD can have several form factors. It is mentioned that “One WSCA is associated with at most one Wallet Instance,…”. However, we do...
§ 6.5.2.3: “However, there is no requirement for a PID Provider or an Attestation Provider to support all certified Wallet Solutions in the EUDI Wallet ecosystem.” This statement is not...