- changed status to new
[OpenID4VP over BLE] Vague terminology around key usage
Issue #1999
new
I find the OpenID4VP over BLE standard to suffer from vague terminology around private/public key usage. I list two such problems in this issue.
- The standard mentions that both the verifier and wallet should use “ephemeral keys”. In my view, the standard should explain to what extent these keys are ephemeral, i.e., when should one generate a new one, and when should one discard one. The standard also mentions in Sec. 6.1 that the protocol should be secure when one uses long term keys instead of ephemeral keys. This I found confusing. If security does not depend on this, why do it at all? Are there non-security requirements that justify this choise?
- Sec. 7.2 mentions that the verifier’s request object should be signed, but neither mentions with which key nor how and whether the wallet should verify this signature. I presume that the wallet will use a locally stored and previously authenticated key, but such assumptions should be made explicit in the standard.
I hope these two points can help improve the standard!
Comments (3)
-
-
- changed component to BLE profile
-
On point 1 I think we do explicitly state that the wallet has to create a new key every session.
But if it's not clear definitely we can make it more readable. For the verifier, we have not stated this as we do have a use case where the verifier might have printed a QR code. So we would like to leave it to the use case.
On point 2, yes we need to give it more clear thinking here.
- Log in to comment
