You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Looking around for a little bit, it occurs to me that the safe wallet stuff is 100% tech. While I do not object to that, I would like to point out that for wallets to be safe and practical, there's more than just tech.
Here's an example. There is a Dutch wallet that used to be called IRMA, currently called Yivi, that is built around AnonCred (like) credentials. This means that a credential is basically a list of (selectively disclosable) attributes (key-value pairs), that are cryptographically bound to the link-secret that is an integral part of the wallet. The idea is that the first credential that is issued into such a wallet is an identity credential, supposedly issued by a trustworthy party, say a governmental body, or a bank. This is something that is outside the scope of tech, yet a very relevant requirement for the correct functioning of the wallet in the real world.
A second example comes from the "In-depth article: loss of control due to EDIW" which was written for the EU Parliament, in order to mitigate risks introduced by the European Digital Identity Wallet (EDIW). The risk they see is that many private parties are forced (by the new regulation) to accept all EDIWs that any member state notifies. Such parties have no say in the security requirements, and they also don't control certification bodies (these are appointed by member states). Given historical events such as some member states issuing 'golden passports', others being involved in corruption and still others trying to circumvent EU law, the risk of officially certified and notified EDIWs having e.g., backdoors for the benefit of (EU or non-EU) governments or mobsters, may not be acceptable.
A third example is in general, people do not seem to distinguish between a message (credential or otherwise) signed by a wallet, or signed by the person (or legal entity) for whom the wallet is an agent. This may be relevant is parties (people or organizations) have more than one wallet: would IT-components that interact with such a wallet need to know which kind of wallet it is talking to (e.g. to assess whether or not its functionality can be trusted), or would it need to know for which party that wallet is an agent, or both? Perhaps it's not that IT-component that is interacting with such a wallet that needs to know that, but the party on whose behalf that IT-component is actually operating at that point in time (because for an IT component that is a cloud-service, it is conceivable that at the next moment it would operate as an agent for some other party).
The question is whether or not, and if so, to what extent should the safe-wallet-sig also address non-tech stuff? And where would it go/how do we want to deal with that?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Looking around for a little bit, it occurs to me that the safe wallet stuff is 100% tech. While I do not object to that, I would like to point out that for wallets to be safe and practical, there's more than just tech.
Here's an example. There is a Dutch wallet that used to be called IRMA, currently called Yivi, that is built around AnonCred (like) credentials. This means that a credential is basically a list of (selectively disclosable) attributes (key-value pairs), that are cryptographically bound to the link-secret that is an integral part of the wallet. The idea is that the first credential that is issued into such a wallet is an identity credential, supposedly issued by a trustworthy party, say a governmental body, or a bank. This is something that is outside the scope of tech, yet a very relevant requirement for the correct functioning of the wallet in the real world.
A second example comes from the "In-depth article: loss of control due to EDIW" which was written for the EU Parliament, in order to mitigate risks introduced by the European Digital Identity Wallet (EDIW). The risk they see is that many private parties are forced (by the new regulation) to accept all EDIWs that any member state notifies. Such parties have no say in the security requirements, and they also don't control certification bodies (these are appointed by member states). Given historical events such as some member states issuing 'golden passports', others being involved in corruption and still others trying to circumvent EU law, the risk of officially certified and notified EDIWs having e.g., backdoors for the benefit of (EU or non-EU) governments or mobsters, may not be acceptable.
A third example is in general, people do not seem to distinguish between a message (credential or otherwise) signed by a wallet, or signed by the person (or legal entity) for whom the wallet is an agent. This may be relevant is parties (people or organizations) have more than one wallet: would IT-components that interact with such a wallet need to know which kind of wallet it is talking to (e.g. to assess whether or not its functionality can be trusted), or would it need to know for which party that wallet is an agent, or both? Perhaps it's not that IT-component that is interacting with such a wallet that needs to know that, but the party on whose behalf that IT-component is actually operating at that point in time (because for an IT component that is a cloud-service, it is conceivable that at the next moment it would operate as an agent for some other party).
The question is whether or not, and if so, to what extent should the safe-wallet-sig also address non-tech stuff? And where would it go/how do we want to deal with that?
Beta Was this translation helpful? Give feedback.
All reactions