[Openid-specs-ab] OpenID for Verifiable Presentations over BLE - draft 00 ready for review
Tom Jones
thomasclinganjones at gmail.com
Fri Jul 28 18:51:38 UTC 2023
I have a fundamental problem with OpenID for Verifiable Presentations over
BLE flow diagrams.
It seems that the user wallet identifies itself to the verifier before the
user knows the identifier of the verifier.
There is a statement about the advertisement "5.2 The QR Code contains the
name and the ephemeral public key of the Verifier."
Is the presumption that the physical context of the QR code is sufficient?.
It seems that anyone could go about pasting QR codes in any place that lead
to attack sites.
I am creating some BLE code to see if section 5.1 is any better. It is not
clear from the docs that i have what information is in the ad.
..tomj
On Tue, Apr 25, 2023 at 4:37 AM Torsten Lodderstedt via Openid-specs-ab <
openid-specs-ab at lists.openid.net> wrote:
> Hi all,
>
> the initial revision of the OpenID for Verifiable Presentations over BLE
> draft is now available
> https://openid.bitbucket.io/connect/openid-4-verifiable-presentations-over-ble-1_0.html
> .
>
> Please review the specification and give feedback either here on the list
> or through issues at
> https://bitbucket.org/openid/connect/issues?status=new&status=open&status=submitted&is_spam=!spam
> .
>
> Thanks in advance,
> Torsten.
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-ab
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20230728/b0c10cc6/attachment-0001.html>
More information about the Openid-specs-ab
mailing list