tom jones
tom jones
Your statement is not part of the spec. My suggestion was that if end points are defined that the scheme MUST be https://. I am trying to add rigor to...
I disagree with that statement for the reasons I gave above.
I am strongly supporting only secure connections for service end points. The one that is well known and well supported today is TLS. Roll your own security is a known...
I don't need the lectures, I owned crypto for windows at one time. The security around dids only applies to messages from the key owner, not to any other messages....
I have suggested before that the initial query should be more abstract - eg The verifier needs proof-of-age or right-to-work as different creds can be selected by the user, before...
**Smart Digital Credential (SDC:)** This is a suggestion to follow in the path of the Smart Health Card (SHC:) and allow for mobile credentials in the most inclusive manner possible....
Great - finally some important questions that need answers - warning - you wont like the answer which is: It all depends on user choice & the user MUST be...
I would add one extension to @dlongley - if the user chooses to use a TEE for hiding keys then that chosen hardware extension indicates that their is a limit...
so, what method does the wallet use to decide if the verifier is trusted sufficiently to display a consent message to the user?
This points out the impossibility of using a URI for the client ID. URI as ID has never been a good idea, but it worked in the closed environment (a...