Skip to content

[spec] add statement about responses with PII MUST be encrypted #124

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
timcappalli opened this issue Jun 11, 2024 · 4 comments · May be fixed by #157
Open

[spec] add statement about responses with PII MUST be encrypted #124

timcappalli opened this issue Jun 11, 2024 · 4 comments · May be fixed by #157
Assignees
@timcappalli
Labels
registry registry related spec

Comments

@timcappalli
Copy link
Collaborator

from #109, specifically #109 (comment)

Add something along the lines of:

implementations which pass PII in the response MUST encrypt that information to the verifier in some fashion"
@timcappalli timcappalli self-assigned this Jun 11, 2024
@marcoscaceres
Copy link
Collaborator

marcoscaceres commented Jun 12, 2024
edited
Loading

Can we put that if some input is present the output must be encrypted? Then we can force that algorithmically (and maybe test for it).

@martijnharing martijnharing mentioned this issue Jun 12, 2024
Open
@Sakurann
Copy link
Contributor

Sakurann commented Aug 1, 2024

I don't disagree with a sentiment in a proposed statement, but is a MUST in it really enforceable at the browser API level (somewhat elaborating on #109 (comment))? In reality, wouldn't it be up to a wallet to decide if the encryption is required and reject the request without a public key for encryption, when the wallet requires encryption?

@timcappalli timcappalli added the cgr1-blocker Community Group Report 1 Blocker label Sep 18, 2024
@timcappalli timcappalli added this to the Community Group Report 1 milestone Sep 19, 2024
@timcappalli timcappalli removed the cgr1-blocker Community Group Report 1 Blocker label Sep 23, 2024
@timcappalli timcappalli removed this from the Community Group Report 1 milestone Oct 7, 2024
@timcappalli timcappalli added the registry registry related label Nov 17, 2024
@timcappalli
Copy link
Collaborator Author

To Do: add requirement to registry criteria (#157)

@timcappalli timcappalli linked a pull request Mar 26, 2025 that will close this issue
Open
@timcappalli
Copy link
Collaborator Author

Added in 38f0a01

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@timcappalli timcappalli

Labels
registry registry related spec
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Define registry inclusion rules w3c-fedid/digital-credentials
3 participants
@marcoscaceres @timcappalli @Sakurann