Mitigate Threats for Digital Credentials API: Episode III - Revenge of the Wallet
- Upcoming
- Tentative
- Breakout Sessions
- Upcoming
- Tentative
- Breakout Sessions
Meeting
In the first episode we focused on high-level threats related to the Formal Objection received for the addition of the Digital Credentials API.
In the second episode, we discussed the presentation side, in particular how Digital Credentials API can differentiate between different presentation approaches (e.g., custom schemes and QR Codes).
In this third episode, we will discuss the new layered heart model in the presentation, and on how to derive the security consideration sections, then we'll prioritize threats - e.g., of Malicious Wallets during issuance or othres - to propose mitigations.
Agenda
Chairs:
Simone Onofri, Amir Sharif, Zahra Ebadi Ansaroudi
Description:
In the first episode we focused on high-level threats related to the Formal Objection received for the addition of the Digital Credentials API.
In the second episode, we discussed the presentation side, in particular how Digital Credentials API can differentiate between different presentation approaches (e.g., custom schemes and QR Codes).
In this third episode, we will discuss the new layered heart model in the presentation, and on how to derive the security consideration sections, then we'll prioritize threats - e.g., of Malicious Wallets during issuance or othres - to propose mitigations.
Goal(s):
DC API Security Consideration Section / Mitigation
Materials:
Joining Instructions
Instructions are restricted to W3C users . You need to log in to see them.
Export options
Personal Links
Please log in to export this event with all the information you have access to.
Public Links
The following links do not contain any sensitive information and can be shared publicly.
Feedback
Report feedback and issues on GitHub.
Report feedback and issues on