<div dir="ltr"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><span style="background-color:rgb(242,242,242);color:rgba(0,0,0,0.9);font-family:-apple-system,system-ui,system-ui,"Segoe UI",Roboto,"Helvetica Neue","Fira Sans",Ubuntu,Oxygen,"Oxygen Sans",Cantarell,"Droid Sans","Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Lucida Grande",Helvetica,Arial,sans-serif;font-size:14px;white-space:pre-wrap">There is a lot of difference between the words should and could.</span></div><div><span style="background-color:rgb(242,242,242);color:rgba(0,0,0,0.9);font-family:-apple-system,system-ui,system-ui,"Segoe UI",Roboto,"Helvetica Neue","Fira Sans",Ubuntu,Oxygen,"Oxygen Sans",Cantarell,"Droid Sans","Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Lucida Grande",Helvetica,Arial,sans-serif;font-size:14px;white-space:pre-wrap"><br></span></div><div><span style="background-color:rgb(242,242,242);color:rgba(0,0,0,0.9);font-family:-apple-system,system-ui,system-ui,"Segoe UI",Roboto,"Helvetica Neue","Fira Sans",Ubuntu,Oxygen,"Oxygen Sans",Cantarell,"Droid Sans","Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Lucida Grande",Helvetica,Arial,sans-serif;font-size:14px;white-space:pre-wrap">While it certainly is possible to build such an infrastructure, the cost and performance make this a non-starter.</span></div><div><span style="background-color:rgb(242,242,242);color:rgba(0,0,0,0.9);font-family:-apple-system,system-ui,system-ui,"Segoe UI",Roboto,"Helvetica Neue","Fira Sans",Ubuntu,Oxygen,"Oxygen Sans",Cantarell,"Droid Sans","Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Lucida Grande",Helvetica,Arial,sans-serif;font-size:14px;white-space:pre-wrap"><br></span></div><div><span style="background-color:rgb(242,242,242);color:rgba(0,0,0,0.9);font-family:-apple-system,system-ui,system-ui,"Segoe UI",Roboto,"Helvetica Neue","Fira Sans",Ubuntu,Oxygen,"Oxygen Sans",Cantarell,"Droid Sans","Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Lucida Grande",Helvetica,Arial,sans-serif;font-size:14px;white-space:pre-wrap">The EU seems to be great at bold statements that have little reality.  Take the GDPR as a good example.</span></div><div><span style="background-color:rgb(242,242,242);color:rgba(0,0,0,0.9);font-family:-apple-system,system-ui,system-ui,"Segoe UI",Roboto,"Helvetica Neue","Fira Sans",Ubuntu,Oxygen,"Oxygen Sans",Cantarell,"Droid Sans","Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Lucida Grande",Helvetica,Arial,sans-serif;font-size:14px;white-space:pre-wrap"><br></span></div><div><span style="background-color:rgb(242,242,242);color:rgba(0,0,0,0.9);font-family:-apple-system,system-ui,system-ui,"Segoe UI",Roboto,"Helvetica Neue","Fira Sans",Ubuntu,Oxygen,"Oxygen Sans",Cantarell,"Droid Sans","Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Lucida Grande",Helvetica,Arial,sans-serif;font-size:14px;white-space:pre-wrap"> </span>..tom</div></div></div></div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Jun 9, 2022 at 11:36 AM David Chadwick via Openid-specs-ab <<a href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
  
    
  
  <div>
    <p>During today's call I asserted that the EU Digital Identity
      Wallet should be able to prove to an RP that it is certified
      without revealing its identity or who the software provider is. I
      was asked to find a reference to this. It is on page 26 of
      "European Digital Identity Architecture and Reference Framework"
      available here: <br>
    </p>
    <p><a href="https://cloud.eid.as/index.php/s/DQ5aRjyzJDNKXpW" target="_blank">https://cloud.eid.as/index.php/s/DQ5aRjyzJDNKXpW</a><br>
    </p>
    <p>Here is the relevant text</p>
    <p>"In addition, the mechanism for relying parties to verify whether
      a EUDI Wallet used is genuine and certified, shall not enable the
      relying party to distinguish between two certified EUDI Wallets,
      in order to preserve the privacy of the user when performing
      pseudonymous authentication." <br>
    </p>
    <p>This could be implemented using traditional asymmetric crypto, in
      which each EUDI wallet is issued its own VC, stating that it is a
      certified wallet, issued by the EUDI certification authority, in
      which the subject ID is the public key of the wallet. There would
      be no information to indicate who the wallet provider is, or who
      the wallet holder is. However, this certificate, if long lived,
      would then be a correlating handle, so by issuing transient short
      lived VCs to the wallet each time an RP requires assurance, the
      public key would change every time thereby removing the ability to
      correlate the certifying VCs.<br>
    </p>
    <p>Kind regards</p>
    <p>David<br>
    </p>
    <span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">In addition,</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif"> </span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">the mechanism for</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif"> </span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">relying parties</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif"> </span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">to verify whether</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif"> </span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">a</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif"> </span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">EUDI W</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">allet used is genuine and</span><br role="presentation" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-family:Arial;font-size:16px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">
    <p><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">certifie</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">d</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">,</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif"> </span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">shall</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif"> </span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">not enable the relying party to distinguish between two certified</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif"> </span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">EUDI W</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">allets, in order to</span><br role="presentation" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-family:Arial;font-size:16px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif">preserve the privacy of the user when performing pseudonymous authentication.</span><span role="presentation" dir="ltr" style="padding:0px;margin:0px;color:rgba(0,0,0,0);white-space:pre-wrap;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;font-size:18.4px;font-family:sans-serif"> </span></p>
  </div>

_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a href="mailto:Openid-specs-ab@lists.openid.net" target="_blank">Openid-specs-ab@lists.openid.net</a><br>
<a href="https://lists.openid.net/mailman/listinfo/openid-specs-ab" rel="noreferrer" target="_blank">https://lists.openid.net/mailman/listinfo/openid-specs-ab</a><br>
</blockquote></div>