Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add suggestion on how malicious issuers can be detected. #161

Merged
merged 4 commits into from
Apr 16, 2024
Merged

Add suggestion on how malicious issuers can be detected. #161

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
504d647
Add suggestion on how malicious issuers can be detected.
msporny Mar 31, 2024
d5b4950
Clarify malicious issuer detection guidance.
msporny Apr 6, 2024
8bd3f39
Note that global IDs need to be shared to increase group privacy.
msporny Apr 6, 2024
7fb0dd2
Fix grammar in malicious issuers section.
msporny Apr 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 21 additions & 6 deletions index.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1167,15 +1167,30 @@ <h3>Malicious Issuers and Verifiers</h3>
tracking or sharing the presentation of particular credentials.
</p>
<p>
A malicious [=verifier=] might intentionally attack group privacy by sharing
information from presented credentials with a malicious [=issuer=]. This
sort of collusion is difficult to detect as it is typically performed via a
secure communication channel between the [=issuer=] and the [=verifier=].
</p>
<p>
A malicious [=issuer=] might intentionally attack group privacy by creating a
unique status list per credential issued in order to establish a one-to-one mapping to track
when a [=verifier=] processes a specific credential. Similarly, they could establish
another a one-to-one mapping by using a different cryptographic key for every credential
issued that is tracked in a status list.
unique status list for each issued credential, in order to establish a one-to-one
mapping to track when a [=verifier=] processes each mapped credential. Similarly,
they could establish a one-to-one mapping by using a different
cryptographic key for each issued credential that is tracked by a given status list.
</p>
<p>
A malicious [=verifier=] might intentionally attack group privacy by sharing
information from presented credentials with a malicious [=issuer=].
This sort of collusion can be detected by [=holder=] software that serves
msporny marked this conversation as resolved.
Show resolved Hide resolved
multiple [=holders=] (e.g., a [=holder=] app that runs on a server) if it
has, for example, an opt-in process that finds that some global identifier(s)
used within a [=verifiable credential=] are not adequately shared by other
credentials.
[=Holders=] could then be warned when presenting a [=verifiable credential=]
that contains some global identifier(s) that are unique to that credential.
Such an opt-in service could represent some additional privacy concerns;
whether this potential exposure via the [=holder=] software is justified by
the awareness of possible global identifier correlation can only be evaluated
by the users of such a system.
</p>
</section>

Expand Down
Loading