- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Wed, 15 Nov 2023 10:38:42 -0500
- To: David Chadwick <d.w.chadwick@truetrust.co.uk>
- Cc: public-credentials@w3.org
On Wed, Nov 15, 2023 at 4:33 AM David Chadwick <d.w.chadwick@truetrust.co.uk> wrote: > Since trust is personal, trust in wallets (and browsers) is also personal. So I guess that market forces and social networks will determine which wallets (and browsers) users should trust. In an attempt to be even more controversial than David (I can try, David!)... :P Yes, exactly this, and the sooner some misguided issuers, wallet providers, and verifiers understand this, the sooner we can move past some of the security theater that's being proposed as "high security wallet" features that "need to be certified". Kyle's commentary is also quite important to pay attention to. This discussion over certifications has been had at the W3C over the past several decades. Certain vendors are asserting that adding these "high security features" for digital wallets actually result in a more secure ecosystem w/o proving that is so; where are the attack and mitigation models? It's largely marketing at this point in time. In a number of cases, these "high security wallet features" can be bypassed with a simple proxy application that sits between the digital wallet and the verifier. People are presuming that security comes from the digital wallet in some cases where it makes no sense for that to be the case -- "certified wallets" doing local biometric/PIN checks being one of those cases. HSM-protected keys being another. To put it another way -- how many of us are using "certified browsers" or "certified apps" when we: * Upload a photo of our driver's licenses to perform eKYC processes? * Upload a photo of our passport to book an international flight? * Access our bank account? * Perform an e-signature on a contract? * Use WebAuthn or Passkeys to log in? I expect a very large percentage of us use whatever browser we'd prefer to use, and the reason we can do that is because of 1) browser feature/capability detection that websites use, and 2) the Verifier has a trustless relationship with the browser. The world works just fine without requiring browser certifications today, so why do we think we need digital wallet certifications (which are just another class of user agent)? -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. https://www.digitalbazaar.com/
Received on Wednesday, 15 November 2023 15:39:25 UTC