Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modification proposal for the "verification" claim #510

Open
m-basili opened this issue Nov 29, 2024 · 1 comment
Open

Modification proposal for the "verification" claim #510

m-basili opened this issue Nov 29, 2024 · 1 comment
Assignees
@m-basili
Labels
issuance question Further information is requested
Milestone
0.9.0

Comments

@m-basili
Copy link
Collaborator

In the release 0.8 we introduced a verification claim for all Credential types as follows.

verification | [NSD].Object containing user authentication information. It MUST contain the following sub-value:

  • trust_framework: String identifying the trust framework used for user digital authentication.
  • assurance_level: String identifying the level of identity assurance guaranteed during the authentication process.
  • evidence: It MUST contain method claim identifying the digital identity system used for the authentication.

We suggest to change in

verification | [SD]. An object containing user authentication and user data verification information. It is REQUIRED only if the Credential type is PersonIdentificationData, and it MUST not be included in other Credential types. It MUST include the following sub-value:

  • assurance_level: String identifying the level of identity assurance guaranteed during the User authentication process.
  • aal: JSON String asserting the assurance level of the Wallet and the key as asserted in the cnf claim. This value MUST be the same as included in the Wallet Attestation presented during the Credential issuance.
  • evidence: Each entry of the array MUST contain the following sub-values:
    • type: It represents evidence type. IT MUST be set to vouch.
    • time: UNIX Timestamps with the time of the authentication or verification.
    • attestation: It MUST contain the following claims:
      - type: It MUST be set to digital_attestation.
      - reference_number: identifier of the authentication or verification response.
      - date_of_issuance: date of issuance of the attestation.
      - voucher: It MUST contains organization claim.
"verification": {
"assurance_level": "high",
"aal": "https://trust-list.eu/aal/high",
"evidence": [
        {
          "type": "vouch",
          "time": "2020-03-19T12:42Z",
          "attestation": {
            "type": "digital_attestation",
            "reference_number": "6485-1619-3976-6671",
            "date_of_issuance": "2021-06-04",
            "voucher": {
                "organization": "Ministero dell'interno"
            }
          }
        },
	{
          "type": "vouch",
          "time": "2020-03-19T12:42Z",
          "attestation": {
            "type": "digital_attestation",
            "reference_number": "6485-1619-3976-6671",
            "date_of_issuance": "2021-06-04",
            "voucher": {
                "organization": "ANPR"
            }
          }
        }
      ]
   }
@m-basili m-basili added this to the 0.9.0 milestone Nov 29, 2024
@m-basili m-basili self-assigned this Nov 29, 2024
@fmarino-ipzs fmarino-ipzs added the question Further information is requested label Nov 29, 2024
@peppelinux
Copy link
Member

not sure to be able to confirm aal as parameter

for now no actions, ok.

@m-basili m-basili mentioned this issue Dec 18, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@m-basili m-basili

Labels
issuance question Further information is requested
Projects
EUDI Wallet IT Technical Specifications
Status: Todo
Milestone
0.9.0
Development

No branches or pull requests
3 participants
@peppelinux @fmarino-ipzs @m-basili