eudi-doc-architecture-and-reference-framework icon indicating copy to clipboard operation
eudi-doc-architecture-and-reference-framework copied to clipboard

Published 20 hours ago verified publisher icon eu-digital-identity-wallet

Pre-provisioned PID

Open GSMA-EIG opened this issue 1 year ago • 0 comments

Context: Security and Privacy when using an “operational” but “non valid” EUDI Wallet

Issue: We have not identified attributes and associated use cases that do not depend on being linked to a subject (at least anonymously, meaning that the verifier / Relying Party doesn’t know who that person is, just that it is an existing, non-revoked, valid subject). Therefore, the value of a Wallet in an “operational” but “non valid” mode (meaning it is not associated to a PID yet) is unclear. The “operational” but “non valid” mode reduces security by allowing use of attributes not linked to a PID. It also results in reducing privacy by encouraging the use of alternative ways to the wallet to make the link between the subject and the attribute; we expect such alternative ways outside of the wallet to reduce the level of privacy of the interaction. In summary we are concerned that using an EUDIW without a valid PID goes against the goals of the regulation.

Proposal: Remove the possibility of using an EUDIW without a valid PID from the ARF.

GSMA-EIG avatar Jul 10 '23 07:07 GSMA-EIG