Security Considerations: Writing Introduction #272
Conversation
|
@simoneonofri this is marked as both draft and awaiting review. Should we start reviewing? |
index.html
Outdated
| Digital Credentials APIs are part of and integrated into a broader ecosystem related to digital credentials. Therefore, this section do not specify all security considerations, threats, and mitigations of the ecosystem, but only those related to, directly linked to, or influenced by the Digital Credentials API. | ||
| <p> | ||
| <p> | ||
| Digital Credentials APIs mediate the communication of the presentation from a verifier using a web application to the user's wallet, and the issuance of the credential to the user's wallet when the issuer uses a web application. However, there are other elements that come into play with regard to the security aspects of these interactions, e.g. |
There was a problem hiding this comment.
Please make sure this uses the same terminology we define or use in the document (e.g., we don't define a "wallet", but we talk about a [=holder=])
There was a problem hiding this comment.
@marcoscaceres, thank you for the feedback. This is the introduction + assumptions section.
I rewrote it now
I am creating a separate issues/PR for the threats
There was a problem hiding this comment.
I'm not loving any of this, TBH, as it doesn't provide any actual considerations.
The only part I would keep is the "this is part of a larger ecosystem".
We should list the actual considerations we have takes or are adding as we go... like, only available in secure contexts, not available to third-party iframes without a permission policy, the structures must be JSON serializable, calling the methods requires transient activation, etc.
|
@marcoscaceres, thanks for the feedback. This is just the introduction section. Threats/mitigations are arriving. We considered putting everything in one PR, but we thought doing smaller, more focused PRs would be more practical. Please let me know if you think there are more practical ways to talk about it. |
| @@ -792,6 +878,9 @@ <h2> | |||
| "https://github.com/w3c-cg/threat-modeling/blob/main/models/decentralized-identities.md"> | |||
| Threat Model for Decentralized Identities</a> | |||
| </li> | |||
| <li> | |||
| <a href="https://w3ctag.github.io/web-no-papers/">Preventing Abuse of Digital Identities | |||
There was a problem hiding this comment.
seems inappropriate to cite this at this time... that document is still very much a draft with no TAG consensus.
| only those related to, directly linked to, or influenced by the Digital Credentials API.</p> | ||
| <p>It is important to note that Digital Credentials APIs were created to mitigate other possible approaches to | ||
| presenting digital credentials on the web, such as customs schemes | ||
| [[concerns-with-custom-schemes-for-identity-presentment]], and that Digital Credentials are also a mitigation to |
There was a problem hiding this comment.
| [[concerns-with-custom-schemes-for-identity-presentment]], and that Digital Credentials are also a mitigation to | |
| [[concerns-with-custom-schemes-for-identity-presentment]], and that Digital Credentials are also an alternative to |
Following @johannhof's excellent introduction to privacy, here is the section on security considerations, with various points raised by @Sh-Amir and @ZAnsaroudi.
In particular:
Lists of the threats, in progress