Mirko Mollik
Mirko Mollik
feedback got passed to ETSI working group
@tlodderstedt I think this issue can be closed
@lukasjhan can you pls fix the conflict of the lock file?
> @cre8 I resolved the conflict. and I'm working on implementing getting hash function. > Should I implement to support custom signer and verifier? For jades it's a must have...
Hi @SakujiroInagaki While I understand the flexibility, I see a potential security leak: When the issuer is generating the nonces for comparison, the approach is an allow list. For efficient...
Hi @SakujiroInagaki , for a "quick" fix you could just pass a static nonce value to force the kbVerify function. The nonce comparison is performed in the kbVerify function that...
FYI: There is another problem with the referencing of the holder did: ``` cnf: { // We need to include the whole didUrl here, otherwise the verifier // won't know...
> > To be compliant to the standard right now it has to include it key as a jsonwebkey. But of course it is loosing a lot of features with...
Extending the fetch option to pass an optional zod object to allow verification sounds like a good idea. Especially now that the specs are stable so we can even go...
> Did you find a fix for that? > > I have a suspicion it could be a collusion with another crypto polyfill library but I'm still investigating. I am...