diff --git a/refs/pull/233/merge/en/.doctrees/defined-terms.doctree b/refs/pull/233/merge/en/.doctrees/defined-terms.doctree index 116437ab0..5e7c05c68 100644 Binary files a/refs/pull/233/merge/en/.doctrees/defined-terms.doctree and b/refs/pull/233/merge/en/.doctrees/defined-terms.doctree differ diff --git a/refs/pull/233/merge/en/.doctrees/environment.pickle b/refs/pull/233/merge/en/.doctrees/environment.pickle index 22899e046..066cc9eec 100644 Binary files a/refs/pull/233/merge/en/.doctrees/environment.pickle and b/refs/pull/233/merge/en/.doctrees/environment.pickle differ diff --git a/refs/pull/233/merge/en/.doctrees/wallet-attestation.doctree b/refs/pull/233/merge/en/.doctrees/wallet-attestation.doctree index 0cf5d1b76..a544b87a4 100644 Binary files a/refs/pull/233/merge/en/.doctrees/wallet-attestation.doctree and b/refs/pull/233/merge/en/.doctrees/wallet-attestation.doctree differ diff --git a/refs/pull/233/merge/en/_sources/defined-terms.rst.txt b/refs/pull/233/merge/en/_sources/defined-terms.rst.txt index 167cf02d9..73c651f26 100644 --- a/refs/pull/233/merge/en/_sources/defined-terms.rst.txt +++ b/refs/pull/233/merge/en/_sources/defined-terms.rst.txt @@ -46,13 +46,13 @@ Below are the description of acronyms and definitions which are useful for furth * - Credential Status Attestation - Verifiable Attestation proving that a related Digital Credential is not revoked. * - Device Integrity Service - - Device manufacturer service that allows you to certify that the app instance (Wallet Instance) is intact and genuine and also allows you to certify that the private keys generated by the device are securely stored within the device's dedicated hardware. Please note that each manufacturer uses different terms to identify it. + - A service provided by device manufacturers that verifies the integrity and authenticity of the app instance (Wallet Instance), as well as certifying the secure storage of private keys generated by the device within its dedicated hardware. It's important to note that the terminology used to describe this service varies among manufacturers. * - Wallet Hardware Keys - - Pair of public and private keys generated by the Wallet Instance during app initialization. These keys remain valid throughout the entire lifespan of the Wallet Instance. Conceptually, the Wallet Hardware Keys serves as a personal device Master Key and, being part of the OS domain, cannot be used for signing any arbitrary payloads. The purpose of the Wallet Hardware Keys is to uniquely identify a Wallet Instance. + - During the app initialization, the Wallet Instance generates a pair of keys, one public and one private, which remain valid for the entire duration of the Wallet Instance's life. Functioning as a Master Key for the personal device, these Wallet Hardware Keys are confined to the OS domain and are not designed for signing arbitrary payloads. Their primary role is to provide a unique identification for each Wallet Instance. * - Wallet Hardware Key Tag - - Unique identifier of the Wallet Hardware Keys generated by the operating system and used to access the private key in the hardware. + - A unique identifier created by the operating system for the Wallet Hardware Keys, utilized to gain access to the private key stored in the hardware. * - Key Attestation - - Attestation signed by device OEM that gives you more confidence that the keys you use in your Wallet Instance are stored in a device's hardware-backed keystore + - An attestation from the device's OEM that enhances your confidence in the keys used in your Wallet Instance being securely stored within the device's hardware-backed keystore. * - Qualified Electronic Attestation of Attributes (QEAA) - A digitally verifiable attestation in electronic form, issued by a QTSP, that substantiates a person's possession of attributes. * - Qualified Electronic Signature Provider diff --git a/refs/pull/233/merge/en/_sources/wallet-attestation.rst.txt b/refs/pull/233/merge/en/_sources/wallet-attestation.rst.txt index 271f8fd0f..66ed0306c 100644 --- a/refs/pull/233/merge/en/_sources/wallet-attestation.rst.txt +++ b/refs/pull/233/merge/en/_sources/wallet-attestation.rst.txt @@ -33,9 +33,9 @@ The following requirements for the Wallet Attestation are met: 6. Each Wallet Instance SHOULD be able to request multiple attestations with different public keys associated to them. This requirement provides a privacy-preserving measure, as the public key MAY be used as a tracking tool during the presentation phase (see also the point number 10, listed below). 7. The Wallet Attestation SHOULD be usable multiple times during its validity period, allowing for repeated authentication and authorization without the need to request new attestations with each interaction. 8. The Wallet Attestation SHOULD have an expiration date time, after which it will no longer be considered valid. -9. The Wallet Attestation SHOULD no longer needs to be issued by the Wallet Provider if the Wallet Instance has been revoked. -10. The Wallet Attestation SHOULD be pseudo-anonymous (meaning they do not contain direct references to an individual), making it impossible to identify a person without additional information. -11. When the private key associated with the Wallet Instance is lost or deleted, the attestation MUST become invalid to prevent unauthorized use of the Wallet Instance. +9. The Wallet Attestation MUST NOT be issued by the Wallet Provider if the Wallet Instance has been revoked. +10. The Wallet Attestation SHOULD be designed to be pseudo-anonymous, meaning it does not directly reference any individual, thereby making it impossible to identify a person without supplementary information. +11. When the private key associated with the Wallet Instance is lost or deleted, the Wallet Attestation MUST become invalid to prevent unauthorized use of the Wallet Instance. Static Component View @@ -70,7 +70,7 @@ Wallet Instance initialization and registration **Federation Check:** The Wallet Instance needs to check if the Wallet Provider is part of the Federation, obtaining its protocol specific Metadata. A non-normative example of a response from the endpoint **.well-known/openid-federation** with the **Entity Configuration** and the **Metadata** of the Wallet Provider is represented within the section `Wallet Provider metadata`_. -**Steps 3-5:**: The Wallet Instance request and receive a one time ``challenge`` from the Wallet Provider Backend. The ``challenge`` is a ``nonce``, which MUST be unpredictable and it is the primary countermeasure against replay attack. The value of the ``nonce`` returned by the backend must be generated in such a way as to guarantee that it can only be used once and in a pre-established time interval. +**Steps 3-5:**: The Wallet Instance sends a request to the Wallet Provider Backend and receives a one-time ``challenge``. This "challenge" is a ``nonce``, which must be unpredictable to serve as the main defense against replay attacks. The backend must generate the ``nonce`` value in a manner that ensures it is single-use and valid only within a specific time frame. .. code-block:: http @@ -87,31 +87,33 @@ Wallet Instance initialization and registration "nonce": "d2JhY2NhbG91cmVqdWFuZGFt" } -**Step 6**: The Wallet Instance generates the Wallet Hardware Keys pair via the operating system and store the relative Wallet Hardware Key Tag in a local storage: +**Step 6**: The Wallet Instance, through the operating system, creates a pair of Wallet Hardware Keys and stores the corresponding Wallet Hardware Key Tag in local storage once the following requirements are met: 1. It MUST ensure that Wallet Hardware Keys do not already exist, if they exist and the Wallet is in the initialization phase they must be deleted. 2. It MUST generate a pair of asymmetric EC keys (Wallet Hardware Keys) via a local WSCD. - 3. It SHOULD obtain a unique identifier (Wallet Hardware Key Tag) of the generated Wallet Hardware Keys from the operating system. If the operating system allows you to define a tag when creating keys, then a random string for Wallet Hardware Key Tag must be chosen. - 4. It MUST store the relative Wallet Hardware Key Tag in a local storage. + 3. It SHOULD obtain a unique identifier (Wallet Hardware Key Tag) for the generated Wallet Hardware Keys from the operating system. If the operating system permits specifying a tag during the creation of keys, then a random string for the Wallet Hardware Key Tag must be selected. This random value MUST be collision-resistant and unpredictable to ensure security. To achieve this, consider using a cryptographic hash function or a secure random number generator provided by the operating system or a reputable cryptographic library. + 4. If the previous points are satisfied, It MUST store the Wallet Hardware Key Tag in a local storage. .. note:: **WSCD:** For key generation, the Wallet Instance will always rely on a local WSCD on devices that support it. For Android, Strongbox will be used or, if it is not available, a Trusted Execution Environment (TEE) while for iOS Secure Elements (SE). Since each OEM develops a different SDK for accessing the local WSCD, it will be treated in a generic manner below. -**Step 7**: The Wallet Instance: invokes the operating system attestation service (Device Integrity Service) passing ``challenge`` and Wallet Hardware Key Tag in order to obtain a Key Attestation. +**Step 7**: The Wallet Instance uses the Device Integrity Service, providing a "challenge" and the Wallet Hardware Key Tag to acquire the Key Attestation. .. note:: - **Device Integrity Service:** Below we will treat a Device Integrity Service as an abstract entity made available by device OEMs which allows us to certify via a signed payload (attestation) that a particular key is hardware backed in a safe and protected environment of the device. Furthermore, the service will also allow you to demonstrate via a signed payload (assertion) that that particular app instance (Wallet Instance) is intact and genuine and has not been tampered with. Furthermore, both within the attestation and the assertion, the service includes essential information to recover the type of device, the model, the app version, the operating system version, the bootloader status and other information that allows you to understand whether the device has been tampered with or not. For Android the service used is `Key Attestation`_ in addition to `Play Integrity API`_, while for iOS the `DeviceCheck`_ service. + **Device Integrity Service:** In this section the Device Integrity Service is considered as it is provided by device manufacturers. This service allows the verification of a key being securely stored within the device's hardware through a signed document (attestation). Additionally, it offers the verifiable proof that a specific app instance (Wallet Instance) is authentic, unaltered, and in its original state using a specialized signed document (assertion) made for this scope. + + The service also incorporates details in both the attestation and the assertion, such as the device type, model, app version, operating system version, bootloader status, and other relevant information to assess the device has not been compromised. For Android the service used is `Key Attestation`_ in addition to `Play Integrity API`_, while for iOS the `DeviceCheck`_ service. -**Step 8**: The Device Integrity Service: +**Step 8**: The Device Integrity Service performs the following actions: - * generate a Key Attestation holder binded with ``challenge`` and Wallet Hardware public key. - * adds relevant information on the security of the device. - * sign the Key Attestation with an OEM certificate which in addition to certifying the integrity of the Wallet Instance also certifies that the Wallet Hardware Keys is secure stored by the OS (hardware backed). +* Creates a Key Attestation that is linked with the provided "challenge" and the public key of the Wallet Hardware. +* Incorporates information pertaining to the device's security. +* Uses an OEM certificate to sign the Key Attestation, thereby not only verifying the integrity of the Wallet Instance but also confirming that the Wallet Hardware Keys are securely managed by the operating system (hardware-backed). -**Step 9**: The Wallet Instance send the ``challenge`` with Key Attestation and Wallet Hardware Key Tag to the Wallet Provider Backend in order to register the Wallet Instance identified by the Wallet Hardware Key public key. +**Step 9**: The Wallet Instance sends the ``challenge`` with Key Attestation and Wallet Hardware Key Tag to the Wallet Provider Backend in order to register the Wallet Instance identified by the Wallet Hardware Key public key. .. note:: @@ -139,7 +141,7 @@ Wallet Instance initialization and registration 2. It MUST validate the ``key_attestation`` as defined by the device manufacturers' guidelines. 3. It MUST verify that the device in use has no security flaws and reflects the minimum security requirements defined by the Wallet Provider. 4. If these checks are passed, it MUST register the Wallet Instance, keeping the Wallet Hardware Key Tag and all useful information related to the device. - 5. It SHULD associate the Wallet Instance with a specific user uniquely identified within the Wallet Provider's systems. This will be useful for the lifecycle of the Wallet Instance and for a future revocation. + 5. It SHOULD associate the Wallet Instance with a specific user uniquely identified within the Wallet Provider's systems. This will be useful for the lifecycle of the Wallet Instance and for a future revocation. .. code-block:: http @@ -153,11 +155,11 @@ If any errors occur during the Wallet Instance registration, the Wallet Provider **Steps 13-14**: The Wallet Instance has been initialized and becomes operational. -.. note:: **Threat Model:** Although the registration endpoint does not require any authentication, it is protected by the presence of the ``key_attestation`` which, if validated correctly, only allows the registration of valid and intact instances of the app. Any other claims sent will not be validated and therefore the endpoint will return an error. The presence of a ``challenge`` also avoids reply attacks. Finally, the integrity of the ``challenge`` and the ``hardware_key_tag`` is guaranteed by the signature present within the ``key_attestation``. +.. note:: **Threat Model**: While the registration endpoint does not necessitate any client authentication, it is safeguarded through the use of `key_attestation`. Proper validation of this attestation permits only the registration of authentic and unaltered app instances. Any other claims submitted will not undergo validation, leading the endpoint to respond with an error. Additionally, the inclusion of a challenge helps prevent replay attacks. The authenticity of both the challenge and the ``hardware_key_tag`` is ensured by the signature found within the ``key_attestation``. -Wallet Attestation acquisition -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Wallet Attestation Issuance +~~~~~~~~~~~~~~~~~~~~~ This section describes the Wallet Attestation format and how the Wallet Provider issues it. @@ -166,16 +168,16 @@ This section describes the Wallet Attestation format and how the Wallet Provider :alt: The figure illustrates the sequence diagram for issuing a Wallet Attestation, with the steps explained below. :target: https://www.plantuml.com/plantuml/uml/VLHFJzjE4BtlfnZ1uGTHVfTAxG6f5OXIe5GL0bekID7O7knfd5rtT-oKVlhEEdySXsqFbbZspNjltixaD0XwQHUrmLQSRHSPULDnGV3id6Jkb_clKG3dtA0LOp0Nv-7WMo1_01YW3OhVGS318zOr2LnRPROvzIXi6XYZFbB7EIbAgFGiBt1FlkCD72N0OMWysxBqH3QfSEjTfqOzP9ZFoHPzQPRFZJ7HrVyVLFK4xkXdIq40mT8IN4CUXPq5gL2UhDTRzgIIC9ciUSz4jA17JIQnOUvGAFPWz5lJdbUKpu6VXx8hzCKIFS4DlOJ915X9E-GQivhCJkKbsUWXQbgWfgA57ckOqmiqo5u9Fp_UgB3nrgciwyX7xQbs1eTVhY-l7YxlBYw-cfM3_InKDMO5xbax9FX4nQPXj0MuJ90ji0HOa621WaQJwvNCsgJgH9EYHl8gijkITdE82UlN0uTkm5a2uGN5YTWhZUXry-EBWaQi9XLJBAcPhCoYsrc5eT9mCS3zrTcRj--EjdnJQDgivdpsOpa_JZ6bdqh9RjtjapvrjVxlB71fKLfFUlSUukbety8KbZtLR5kaxpSJBBVAAE44ohNqTipFGY0lx5up7fjOCkJ4cv8PRchKJhAlrtExdVebI_KtiYcaUvwENsdwP9F1mGEMA_2GkpgCH5JqmiDqRuTwcB1xiiK_d8_dRLY5U4olGbp6lT-Uk0riMHXh_ar5lmAT_bsODh0j8TMLODdZqjaCspAimFV8Y9AQ-Z4W_H1fQ5e-ZTHeLrEySttkQNNvEkBnHgOGYTNSEMkPETKSsaNz1m00 -**Step 1:**: The user requests a new operation which requires obtaining a Wallet Attestation. +**Step 1:**: The user initiates a new operation that necessitates the acquisition of a Wallet Attestation. **Steps 2-3:**: The Wallet Instance check if a Wallet Hardware Key exist and generates an ephemeral asymmetric key pair. - 1. It MUST ensure that Wallet Hardware Keys exist. If they do not exist, it is necessary to reinitialize the wallet. + 1. It MUST ensure that Wallet Hardware Keys exist. If they do not exist, it is necessary to reinitialize the Wallet. 2. It MUST generates an ephemeral asymmetric key pair whose public key will be linked with the Wallet Attestation. 3. it MUST check if Wallet Provider is part of the federation and obtain its metadata. -**Steps 4-6:**: The Wallet Instance request and receive a one time ``challenge`` from the Wallet Provider Backend. The ``challenge`` is a ``nonce``, which MUST be unpredictable and it is the primary countermeasure against replay attack. The value of the ``nonce`` returned by the backend must be generated in such a way as to guarantee that it can only be used once and in a pre-established time interval. +**Steps 4-6:**: The Wallet Instance solicits a one-time "challenge" from the Wallet Provider Backend. This "challenge" takes the form of a "nonce," which is required to be unpredictable and serves as the main defense against replay attacks. The backend must produce the "nonce" in a manner that ensures its single-use within a predetermined time frame. .. code-block:: http @@ -191,10 +193,10 @@ This section describes the Wallet Attestation format and how the Wallet Provider "nonce": "d2JhY2NhbG91cmVqdWFuZGFt" } -**Step 7**: The Wallet Instance: +**Step 7**: The Wallet Instance performs the following actions: - * generate a ``client_data`` which is a JSON containing ``challenge`` and ephemeral public ``jwk``. - * generate a ``client_data_hash`` as SHA256 of ``client_data``. + * Creates a ``client_data``, a JSON structure that includes the challenge and the ephemeral public ``jwk``. + * Computes a ``client_data_hash`` by applying the SHA256 algorithm to the ``client_data``. Below a non-normative example of the ``client_data``. @@ -211,11 +213,11 @@ Below a non-normative example of the ``client_data``. } } -**Steps 8-10**: The Wallet Instance: +**Steps 8-10**: The Wallet Instance takes the following steps: - * generate an ``hardware_signature`` signing ``client_data_hash`` with Wallet Hardware private key. It will be used as a **PoP** of the Wallet Hardware Keys. - * ask to Device Integrity Service to generate an ``integrity_assertion`` bounded with ``client_data_hash``. - * obtain from Device Integrity Service an ``integrity_assertion`` signed by OEM. + * Produces an hardware_signature by signing the ``client_data_hash`` with the Wallet Hardware's private key, serving as a Proof of Possession (PoP) for the Wallet Hardware Keys. + * Requests the Device Integrity Service to create an ``integrity_assertion`` linked to the ``client_data_hash``. + * Receives a signed ``integrity_assertion`` from the Device Integrity Service, authenticated by the OEM. .. note:: ``integrity_assertion`` is a custom payload generated by Device Integrity Service, signed by device OEM and encoded in base64 to have uniformity between different devices. @@ -230,7 +232,7 @@ Below an non-normative example of the Wallet Attestation Request JWT without enc { "alg": "ES256", "kid": "vbeXJksM45xphtANnCiG6mCyuU4jfGNzopGuKvogg9c", - "typ": "var+jwt" + "typ": "war+jwt" } . { @@ -280,7 +282,7 @@ encoded in ``application/x-www-form-urlencoded`` format: grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer &assertion=eyJhbGciOiJFUzI1NiIsImtpZCI6ImtoakZWTE9nRjNHeG...redacted -**Steps 13-17**: The Wallet Provider backend validate the Wallet Attestation Request and if it passes the checks, a Wallet Attestation is issued: +**Steps 13-17**: The Wallet Provider's backend assesses the Wallet Attestation Request and issues a Wallet Attestation, if the requirements described below are satisfied: 1. It MUST check the Wallet Attestation Request contains all the defined parameters according to :ref:`Table of the Wallet Attestation Request parameters `. 2. It MUST verify that the signature of the received Wallet Attestation Request is valid and associated with public ``jwk``. diff --git a/refs/pull/233/merge/en/algorithms.html b/refs/pull/233/merge/en/algorithms.html index 209b468e9..1e2f1d2dd 100644 --- a/refs/pull/233/merge/en/algorithms.html +++ b/refs/pull/233/merge/en/algorithms.html @@ -644,7 +644,7 @@

{{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -913,7 +913,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/backup-restore.html b/refs/pull/233/merge/en/backup-restore.html index f9ef2865e..d96d54f29 100644 --- a/refs/pull/233/merge/en/backup-restore.html +++ b/refs/pull/233/merge/en/backup-restore.html @@ -644,7 +644,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -913,7 +913,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/contribute.html b/refs/pull/233/merge/en/contribute.html index e6f955477..b50bffe3d 100644 --- a/refs/pull/233/merge/en/contribute.html +++ b/refs/pull/233/merge/en/contribute.html @@ -644,7 +644,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -913,7 +913,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/defined-terms.html b/refs/pull/233/merge/en/defined-terms.html index ffc386392..5f7a6b55e 100644 --- a/refs/pull/233/merge/en/defined-terms.html +++ b/refs/pull/233/merge/en/defined-terms.html @@ -644,7 +644,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -913,7 +913,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -1115,16 +1115,16 @@

    Defined Terms

    Device Integrity Service

    -

    Device manufacturer service that allows you to certify that the app instance (Wallet Instance) is intact and genuine and also allows you to certify that the private keys generated by the device are securely stored within the device's dedicated hardware. Please note that each manufacturer uses different terms to identify it.

    +

    A service provided by device manufacturers that verifies the integrity and authenticity of the app instance (Wallet Instance), as well as certifying the secure storage of private keys generated by the device within its dedicated hardware. It's important to note that the terminology used to describe this service varies among manufacturers.

    Wallet Hardware Keys

    -

    Pair of public and private keys generated by the Wallet Instance during app initialization. These keys remain valid throughout the entire lifespan of the Wallet Instance. Conceptually, the Wallet Hardware Keys serves as a personal device Master Key and, being part of the OS domain, cannot be used for signing any arbitrary payloads. The purpose of the Wallet Hardware Keys is to uniquely identify a Wallet Instance.

    +

    During the app initialization, the Wallet Instance generates a pair of keys, one public and one private, which remain valid for the entire duration of the Wallet Instance's life. Functioning as a Master Key for the personal device, these Wallet Hardware Keys are confined to the OS domain and are not designed for signing arbitrary payloads. Their primary role is to provide a unique identification for each Wallet Instance.

    Wallet Hardware Key Tag

    -

    Unique identifier of the Wallet Hardware Keys generated by the operating system and used to access the private key in the hardware.

    +

    A unique identifier created by the operating system for the Wallet Hardware Keys, utilized to gain access to the private key stored in the hardware.

    Key Attestation

    -

    Attestation signed by device OEM that gives you more confidence that the keys you use in your Wallet Instance are stored in a device's hardware-backed keystore

    +

    An attestation from the device's OEM that enhances your confidence in the keys used in your Wallet Instance being securely stored within the device's hardware-backed keystore.

    Qualified Electronic Attestation of Attributes (QEAA)

    A digitally verifiable attestation in electronic form, issued by a QTSP, that substantiates a person's possession of attributes.

    diff --git a/refs/pull/233/merge/en/genindex.html b/refs/pull/233/merge/en/genindex.html index dca2181e4..c876f4888 100644 --- a/refs/pull/233/merge/en/genindex.html +++ b/refs/pull/233/merge/en/genindex.html @@ -642,7 +642,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -911,7 +911,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/index.html b/refs/pull/233/merge/en/index.html index cac5c1e0d..0a45f5c8e 100644 --- a/refs/pull/233/merge/en/index.html +++ b/refs/pull/233/merge/en/index.html @@ -643,7 +643,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -912,7 +912,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -1155,7 +1155,7 @@

    Index of contentStatic Component View

  • Dynamic Component View diff --git a/refs/pull/233/merge/en/pid-eaa-data-model.html b/refs/pull/233/merge/en/pid-eaa-data-model.html index a1c5eca60..7b0c89038 100644 --- a/refs/pull/233/merge/en/pid-eaa-data-model.html +++ b/refs/pull/233/merge/en/pid-eaa-data-model.html @@ -644,7 +644,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -913,7 +913,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/pid-eaa-issuance.html b/refs/pull/233/merge/en/pid-eaa-issuance.html index bd4f1e025..1367f554f 100644 --- a/refs/pull/233/merge/en/pid-eaa-issuance.html +++ b/refs/pull/233/merge/en/pid-eaa-issuance.html @@ -644,7 +644,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -913,7 +913,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/proximity-flow.html b/refs/pull/233/merge/en/proximity-flow.html index e92da0d03..8b7d897ce 100644 --- a/refs/pull/233/merge/en/proximity-flow.html +++ b/refs/pull/233/merge/en/proximity-flow.html @@ -642,7 +642,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -911,7 +911,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/pseudonyms.html b/refs/pull/233/merge/en/pseudonyms.html index 1cdb2b576..e1406711a 100644 --- a/refs/pull/233/merge/en/pseudonyms.html +++ b/refs/pull/233/merge/en/pseudonyms.html @@ -644,7 +644,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -913,7 +913,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/relying-party-solution.html b/refs/pull/233/merge/en/relying-party-solution.html index 8c282f516..c73ac3260 100644 --- a/refs/pull/233/merge/en/relying-party-solution.html +++ b/refs/pull/233/merge/en/relying-party-solution.html @@ -644,7 +644,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -913,7 +913,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/remote-flow.html b/refs/pull/233/merge/en/remote-flow.html index 8e3c6d670..ea2a89760 100644 --- a/refs/pull/233/merge/en/remote-flow.html +++ b/refs/pull/233/merge/en/remote-flow.html @@ -642,7 +642,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -911,7 +911,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/revocation-lists.html b/refs/pull/233/merge/en/revocation-lists.html index 1e66b21a1..935146c59 100644 --- a/refs/pull/233/merge/en/revocation-lists.html +++ b/refs/pull/233/merge/en/revocation-lists.html @@ -644,7 +644,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -913,7 +913,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/search.html b/refs/pull/233/merge/en/search.html index bf6b46368..e163ee45d 100644 --- a/refs/pull/233/merge/en/search.html +++ b/refs/pull/233/merge/en/search.html @@ -642,7 +642,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -911,7 +911,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/searchindex.js b/refs/pull/233/merge/en/searchindex.js index 2d02c7a7e..1d0d02c5a 100644 --- a/refs/pull/233/merge/en/searchindex.js +++ b/refs/pull/233/merge/en/searchindex.js @@ -1 +1 @@ -Search.setIndex({"docnames": ["algorithms", "backup-restore", "contribute", "defined-terms", "index", "pid-eaa-data-model", "pid-eaa-issuance", "proximity-flow", "pseudonyms", "relying-party-solution", "remote-flow", "revocation-lists", "ssi-introduction", "standards", "trust", "wallet-attestation", "wallet-solution"], "filenames": ["algorithms.rst", "backup-restore.rst", "contribute.rst", "defined-terms.rst", "index.rst", "pid-eaa-data-model.rst", "pid-eaa-issuance.rst", "proximity-flow.rst", "pseudonyms.rst", "relying-party-solution.rst", "remote-flow.rst", "revocation-lists.rst", "ssi-introduction.rst", "standards.rst", "trust.rst", "wallet-attestation.rst", "wallet-solution.rst"], "titles": ["Cryptographic algorithms", "backup-restore.rst", "How to contribute", "Normative Language and Conventions", "The Italian EUDI Wallet implementation profile", "PID/(Q)EAA Data Model", "PID/(Q)EAA Issuance", "Proximity Flow", "pseudonyms.rst", "Relying Party Solution", "Remote Flow", "Credential Lifecycle", "Self Sovereign Identity", "Technical References", "The Infrastructure of Trust", "Wallet Attestation", "Wallet Solution"], "terms": {"tutti": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "gli": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "esempi": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "contenuti": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "questa": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "documentazion": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "sono": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "da": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "intendersi": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "come": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "non": [0, 1, 2, 3, 4, 6, 7, 8, 9, 10, 11, 12, 13, 15, 16], "normativi": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "all": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "exampl": [0, 1, 2, 3, 4, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "contain": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "thi": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "document": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "ar": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "meant": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "norm": [0, 1, 2, 4, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "The": [0, 2, 3, 5, 6, 7, 9, 10, 11, 12, 13, 15, 16], "follow": [0, 2, 4, 5, 6, 7, 9, 10, 11, 12, 14, 15], "must": [0, 3, 5, 6, 7, 9, 10, 11, 14, 15, 16], "support": [0, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "alg": [0, 5, 6, 9, 10, 11, 14, 15, 16], "paramet": [0, 1, 4, 8, 9, 10, 11, 15, 16], "valu": [0, 1, 5, 6, 7, 8, 9, 10, 11, 14, 15, 16], "descript": [0, 1, 2, 3, 5, 6, 7, 8, 9, 10, 11, 14, 15], "oper": [0, 3, 4, 6, 9, 10, 14, 15], "refer": [0, 3, 4, 5, 6, 7, 9, 11, 12, 14, 15], "es256": [0, 5, 6, 9, 10, 11, 14, 15, 16], "ellipt": [0, 7, 9], "curv": [0, 5, 7, 9], "digit": [0, 3, 4, 5, 6, 9, 10, 11, 12, 14, 15, 16], "signatur": [0, 3, 5, 6, 7, 9, 10, 11, 13, 14, 15, 16], "ecdsa": [0, 9, 10], "us": [0, 3, 4, 5, 6, 7, 9, 10, 12, 13, 14, 15, 16], "one": [0, 5, 6, 7, 9, 10, 11, 12, 14, 15], "enabl": [0, 3, 9, 10, 12, 14, 16], "list": [0, 2, 3, 4, 5, 6, 9, 10, 11, 12, 14, 15, 16], "section": [0, 5, 6, 7, 9, 10, 11, 14, 15, 16], "below": [0, 2, 3, 4, 5, 6, 7, 9, 10, 11, 14, 15, 16], "sha256": [0, 15], "rfc": [0, 5, 6, 9, 10, 11, 13, 14, 15, 16], "7518": [0, 13], "sog": 0, "IS": 0, "etsi": [0, 5], "es384": [0, 6, 9, 10, 14, 15, 16], "sha384": 0, "es512": [0, 6, 16], "sha521": 0, "rsa": [0, 6, 9, 10], "oaep": [0, 9, 10], "256": [0, 5, 6, 7, 9, 10, 11, 14, 15, 16], "encrypt": [0, 5, 6, 7, 9, 10, 11, 13, 14, 15], "scheme": [0, 4, 6, 9, 10, 12], "optim": 0, "asymmetr": [0, 6, 15, 16], "pad": 0, "hash": [0, 5, 6, 7, 9, 11], "function": [0, 3, 4, 5, 7, 9, 16], "mgf1": 0, "sha": [0, 5, 6, 7, 9, 10, 11], "mask": 0, "gener": [0, 3, 4, 5, 6, 7, 9, 10, 13], "kei": [0, 1, 3, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "7516": [0, 6, 9, 10, 11, 13, 15], "a128cbc": [0, 9, 10], "hs256": [0, 9, 10], "ae": 0, "cipher": [0, 7, 9], "block": [0, 7, 9, 11], "chain": [0, 4, 5, 6, 9, 10, 15], "mode": [0, 7, 9, 10, 13], "128": [0, 6, 9, 10], "bit": [0, 6, 9, 10], "initi": [0, 2, 3, 4, 6, 7, 9, 11], "vector": 0, "plu": 0, "hmac": 0, "authent": [0, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "truncat": 0, "content": [0, 5, 6, 9, 10, 11, 15], "a256cbc": [0, 9, 10], "hs512": [0, 9, 10], "512": [0, 6], "famili": [0, 5, 6], "short": [0, 6, 7, 9, 14, 16], "name": [0, 5, 6, 7, 9, 10, 14, 15, 16], "brainpool": 0, "brainpoolp256r1": 0, "brainpoolp384r1": 0, "brainpoolp512r1": 0, "5639": 0, "nist": 0, "p": [0, 5, 6, 9, 10, 13, 14, 15, 16], "384": 0, "521": 0, "fip": 0, "186": 0, "4": [0, 5, 6, 7, 9, 10, 11, 14, 15], "iso": [0, 5, 7, 9, 10], "iec": [0, 5], "14888": 0, "3": [0, 5, 6, 7, 9, 10, 11, 14, 15, 16], "recommend": [0, 3, 5, 6, 9, 10, 11, 14], "ps256": 0, "rsassa": 0, "appendix": [0, 6], "pss": 0, "probabilist": 0, "ps384": 0, "ps512": 0, "sha512": 0, "ecdh": 0, "es": 0, "diffi": 0, "hellman": 0, "ephemer": [0, 7, 9, 15], "static": [0, 4, 9, 10, 14], "agreement": [0, 7, 9], "concat": 0, "deriv": [0, 6, 7, 9, 11, 14], "kdf": 0, "a128kw": 0, "cek": 0, "wrap": 0, "length": [0, 5, 6, 7, 9, 10], "a256kw": 0, "NOT": [0, 3, 5, 6, 9, 10, 11, 14, 15], "none": [0, 6, 9, 10, 11, 15], "rsa_1_5": 0, "rsae": 0, "pkcs1": 0, "v1_5": 0, "secur": [0, 3, 4, 6, 7, 11, 12, 13, 14, 15, 16], "vulner": 0, "default": [0, 9, 10, 14], "hs384": [0, 9, 10], "what": [1, 8, 12, 14], "useful": [1, 8], "todo": [1, 8], "req": [1, 8, 9, 10], "1": [1, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15, 16], "2": [1, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15, 16], "tabl": [1, 5, 6, 7, 8, 9, 10, 11, 14, 15], "claim": [1, 3, 4, 6, 8, 9, 10, 11, 14, 15, 16], "IT": [2, 3, 4, 5, 6, 7, 9, 16], "wallet": [2, 3, 5, 6, 7, 9, 10, 12, 13], "project": [2, 4], "includ": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "an": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "open": [2, 16], "develop": [2, 4, 14, 15], "process": [2, 3, 4, 5, 6, 9, 10, 11, 12, 14], "approach": [2, 5, 12, 14], "ensur": [2, 4, 5, 6, 9, 10, 11, 12, 14, 15, 16], "access": [2, 3, 4, 5, 9, 10, 11, 12, 14, 15, 16], "invit": 2, "interest": 2, "parti": [2, 3, 4, 5, 6, 11, 12, 15, 16], "particip": [2, 3, 4, 14], "consequ": 2, "stakehold": [2, 14], "nation": [2, 3, 4, 5, 6, 11, 12, 16], "intern": [2, 9, 10, 11], "commun": [2, 4, 6, 7, 9, 10, 11], "member": [2, 4, 5, 6, 9, 10, 11, 12, 14], "onli": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "encourag": 2, "also": [2, 3, 5, 6, 9, 10, 11, 12, 14, 15, 16], "heartili": 2, "welcom": 2, "refin": 2, "technic": [2, 3, 4, 6, 7, 9, 10, 11, 14], "rule": [2, 3, 4, 5, 14], "sever": [2, 9, 10, 14], "method": [2, 6, 7, 9, 10, 11, 15, 16], "avail": [2, 9, 10, 14, 15, 16], "github": 2, "issu": [2, 3, 5, 6, 9, 10, 11, 12, 14, 15, 16], "By": [2, 5, 16], "you": [2, 3, 15], "can": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "seek": 2, "clarif": 2, "propos": 2, "enhanc": [2, 4, 9, 10, 12, 14], "report": [2, 11, 14], "editori": 2, "typo": 2, "If": [2, 5, 6, 7, 9, 10, 11, 14, 15], "work": 2, "we": [2, 5, 15], "draft": [2, 5, 6, 11, 13, 14], "pull": 2, "request": [2, 3, 4, 12, 14, 16], "link": [2, 6, 9, 10, 11, 15], "repres": [2, 5, 6, 7, 9, 10, 14, 15, 16], "activ": [2, 7, 9, 11, 12, 14, 16], "typic": [2, 6, 12], "alwai": [2, 3, 12, 14, 15], "base": [2, 5, 6, 7, 9, 10, 11, 12, 13, 14], "discuss": [2, 6], "onc": [2, 6, 9, 10, 15, 16], "facilit": [2, 14], "review": [2, 16], "chang": [2, 5, 9, 10, 11, 14], "befor": [2, 3, 6, 14, 15], "thei": [2, 3, 9, 10, 11, 12, 14, 15], "merg": 2, "main": [2, 5, 6, 11, 12, 14, 15], "branch": 2, "version": [2, 5, 7, 9, 15, 16], "corrent": 2, "italia": 2, "slack": 2, "channel": [2, 7, 9, 11], "messag": [2, 6, 7, 9, 10, 11], "applic": [2, 3, 6, 9, 10, 11, 12, 13, 14, 15, 16], "design": [2, 12, 14, 16], "busi": 2, "connect": [2, 5, 6, 7, 9, 11, 13, 16], "peopl": [2, 12], "inform": [2, 3, 5, 7, 9, 10, 11, 12, 14, 15, 16], "need": [2, 6, 9, 10, 11, 12, 14, 15, 16], "from": [2, 5, 6, 7, 9, 10, 11, 14, 15, 16], "public": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "administr": [2, 5, 11, 12, 14], "technician": 2, "student": 2, "citizen": [2, 3, 5, 12], "ha": [2, 4, 5, 6, 7, 9, 10, 11, 14, 15, 16], "everyon": 2, "join": 2, "free": 2, "http": [2, 4, 5, 7, 13, 14, 15, 16], "where": [2, 5, 6, 9, 10, 11, 12, 14, 15], "learn": 2, "about": [2, 4, 9, 10, 11, 12, 15, 16], "partak": 2, "would": [2, 6, 12], "like": [2, 3, 14], "thank": [2, 14], "individu": [2, 12, 14, 15], "comment": 2, "concern": [2, 4, 14], "idea": 2, "some": [2, 5, 6, 9, 10, 11, 14], "which": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "substanti": [2, 3], "implement": [2, 3, 5, 6, 7, 9, 10, 11, 14], "profil": [2, 3, 5, 6, 7, 9, 11, 13, 14], "set": [2, 4, 5, 6, 7, 9, 10, 11, 14, 15, 16], "alen": 2, "horvat": 2, "amir": 2, "sharif": 2, "andrea": 2, "prosseda": 2, "emanuel": 2, "de": 2, "cupi": 2, "emiliano": 2, "vernini": 2, "francesco": 2, "grauso": 2, "marino": 2, "ventola": 2, "giada": 2, "sciarretta": 2, "giusepp": 2, "marco": 2, "klaa": 2, "wierenga": 2, "kristina": 2, "yasuda": [2, 13], "leif": 2, "johansson": 2, "lorenzo": 2, "cerini": 2, "marta": 2, "sciunnach": 2, "michel": 2, "silletti": 2, "nicola": 2, "saitto": 2, "niel": 2, "van": 2, "dijk": 2, "paul": 2, "bastien": 2, "pasqual": 2, "rose": 2, "peter": 2, "altmann": 2, "riccardo": 2, "iaconelli": 2, "roland": 2, "hedberg": 2, "salvator": 2, "laiso": 2, "manfredi": 2, "stefano": 2, "alifuoco": 2, "takahiko": 2, "kawasaki": 2, "torsten": 2, "lodderstedt": [2, 13], "vladimir": 2, "duzhinov": 2, "anyon": 2, "been": [2, 6, 11, 15], "forgotten": 2, "pleas": [2, 3, 4, 14, 16], "accept": [2, 6, 7, 9, 10, 11], "our": 2, "apolog": 2, "modif": [2, 14], "page": [2, 9, 10, 16], "via": [2, 6, 7, 9, 14, 15], "com": [2, 9, 10, 15], "eudi": [2, 6, 7, 9, 10, 13, 16], "doc": [2, 6], "brief": 2, "offer": [2, 6, 9, 10, 15, 16], "dure": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "event": 2, "period": [2, 9, 10, 11, 14, 15], "have": [2, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "opportun": 2, "again": [2, 9, 10], "make": [2, 5, 6, 14, 15], "amend": 2, "soon": 2, "possibl": [2, 5, 7, 9, 10, 14], "word": [3, 13], "requir": [3, 4, 5, 6, 7, 9, 10, 13], "shall": [3, 5, 6, 7, 9, 11], "should": [3, 5, 6, 7, 9, 10, 11, 14, 15], "mai": [3, 5, 6, 7, 9, 10, 11, 13, 14, 15, 16], "option": [3, 5, 7, 9, 10, 12], "interpret": 3, "describ": [3, 5, 6, 7, 9, 10, 11, 14, 15], "bcp": [3, 13], "14": [3, 6, 9, 10, 13, 14, 15], "rfc2119": 3, "rfc8174": [3, 13], "when": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "appear": 3, "capit": 3, "shown": [3, 6, 9, 10], "here": [3, 16], "user": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "trust": [3, 4, 5, 6, 9, 10, 12, 15, 16], "servic": [3, 4, 5, 6, 11, 12, 14, 15, 16], "model": [3, 4, 6, 7, 9, 10, 12, 15, 16], "framework": [3, 4, 6, 9, 10, 13, 14, 16], "attribut": [3, 4, 5, 7, 9, 10, 11, 14, 16], "electron": [3, 4, 14, 16], "attest": [3, 4, 5, 6, 9, 10, 12], "provid": [3, 4, 5, 6, 7, 9, 10, 11, 12, 14, 15], "tsp": [3, 14], "person": [3, 5, 6, 9, 10, 11, 12, 14, 15, 16], "identif": [3, 4, 5, 6, 9, 10, 11, 12, 14, 16], "data": [3, 4, 6, 7, 9, 10, 11, 12, 13, 14, 15, 16], "pid": [3, 4, 9, 10, 11, 14, 16], "revoc": [3, 4, 6, 9, 10, 13, 14, 15, 16], "qualifi": [3, 14, 16], "qtsp": [3, 14], "eaa": [3, 4, 9, 14, 16], "eida": [3, 4, 5, 6, 7, 9, 12, 13, 14], "arf": [3, 4, 5, 6, 13, 14], "definit": [3, 9, 10, 11, 12, 13, 14, 16], "further": [3, 4, 6, 7, 9, 11, 14, 15, 16], "insight": 3, "topic": 3, "complement": [3, 14], "interact": [3, 6, 9, 10, 12, 14, 15, 16], "compon": [3, 4, 6, 7, 9, 10, 14], "accredit": [3, 14, 15], "bodi": [3, 6, 9, 10, 11, 14, 15], "entiti": [3, 4, 11, 15, 16], "feder": [3, 4, 6, 9, 10, 13, 15, 16], "author": [3, 4, 5, 11, 12, 13, 14, 15, 16], "respons": [3, 4, 13, 14, 15, 16], "manag": [3, 6, 11, 12, 14, 16], "verif": [3, 6, 7, 9, 11, 12, 14, 15, 16], "certif": [3, 5, 11, 12, 14, 15], "ecosystem": [3, 4, 12, 14, 16], "role": [3, 4, 11, 12, 16], "ident": [3, 4, 6, 9, 10, 11, 14, 16], "recogn": [3, 12], "state": [3, 4, 6, 9, 10, 12, 14, 15], "identifi": [3, 5, 6, 7, 9, 10, 11, 13, 14, 15, 16], "issuanc": [3, 4, 5, 9, 10, 11, 13, 14, 15, 16], "master": 3, "alreadi": [3, 6, 15], "present": [3, 4, 5, 6, 7, 9, 10, 12, 13, 14, 15, 16], "italian": [3, 5, 6, 14], "system": [3, 6, 12, 14, 15, 16], "credenti": [3, 4, 5, 7, 9, 10, 12, 13, 14, 15, 16], "sign": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "whose": [3, 9, 10, 15], "integr": [3, 5, 6, 12, 14, 15, 16], "cryptograph": [3, 4, 5, 6, 9, 10, 11, 12, 14, 15, 16], "verifi": [3, 4, 5, 6, 7, 9, 10, 12, 13, 14, 15, 16], "its": [3, 6, 7, 9, 10, 11, 14, 15, 16], "issuer": [3, 4, 5, 7, 9, 10, 11, 12, 14], "It": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "known": [3, 4, 6, 7, 9, 10, 14, 15, 16], "A": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "govern": [3, 12, 14], "guidelin": [3, 4, 15], "administ": 3, "directli": [3, 6, 9, 10], "through": [3, 5, 6, 7, 9, 10, 11, 14], "intermediari": [3, 9, 10, 14], "statu": [3, 4, 5, 6, 7, 14, 15, 16], "elig": [3, 4], "evalu": [3, 4, 6, 9, 10, 16], "perform": [3, 6, 7, 9, 10, 15, 16], "oversight": 3, "instanc": [3, 4, 5, 6, 7, 9, 10, 14], "solut": [3, 4, 6, 10, 14], "instal": [3, 6, 15, 16], "mobil": [3, 4, 6, 7, 9, 10, 12, 15, 16], "devic": [3, 4, 6, 11, 12, 14, 15, 16], "control": [3, 5, 6, 12, 14, 16], "specif": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "who": [3, 6, 11, 12, 14], "sole": 3, "owner": [3, 5, 12, 14], "fulli": 3, "autonom": [3, 14], "privat": [3, 5, 6, 7, 9, 10, 11, 14, 15], "conform": [3, 6], "prove": [3, 5, 12, 14], "compliac": 3, "format": [3, 4, 5, 6, 7, 9, 10, 11, 13, 14, 15, 16], "sent": [3, 5, 6, 9, 10, 15], "backend": [3, 15], "obtain": [3, 5, 6, 7, 9, 10, 11, 14, 15, 16], "hardwar": [3, 9, 10, 14, 15], "back": [3, 11, 15], "environ": [3, 9, 10, 15, 16], "creat": [3, 6, 7, 9, 10, 11, 15], "store": [3, 5, 6, 7, 9, 11, 12, 14, 15, 16], "element": [3, 5, 7, 9, 12, 15], "se": [3, 6, 15], "execut": [3, 15, 16], "tee": [3, 15, 16], "strongbox": [3, 15], "relat": [3, 5, 6, 7, 9, 10, 11, 14, 15, 16], "revok": [3, 6, 11, 12, 14, 15], "manufactur": [3, 15], "allow": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "certifi": [3, 6, 14, 15, 16], "app": [3, 6, 7, 9, 15, 16], "intact": [3, 15], "genuin": [3, 6, 15], "within": [3, 5, 6, 7, 9, 10, 11, 14, 15, 16], "s": [3, 4, 5, 7, 9, 10, 11, 12, 13, 14, 15, 16], "dedic": [3, 14], "note": [3, 4, 6, 14], "each": [3, 5, 6, 7, 9, 10, 11, 14, 15, 16], "differ": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15], "pair": [3, 5, 6, 7, 9, 15], "These": [3, 9, 10, 11, 14, 16], "remain": [3, 9, 10, 12, 14], "valid": [3, 4, 5, 6, 7, 9, 10, 11, 12, 14, 15], "throughout": 3, "entir": [3, 6, 9, 10, 14, 16], "lifespan": 3, "conceptu": 3, "serv": [3, 11, 14, 16], "being": [3, 5, 6, 7, 9, 12], "part": [3, 6, 7, 9, 10, 14, 15, 16], "os": [3, 15], "domain": [3, 5, 11, 14], "cannot": [3, 9, 10, 11, 14], "ani": [3, 6, 7, 9, 10, 11, 12, 14, 15], "arbitrari": 3, "payload": [3, 4, 5, 6, 9, 10, 11, 15], "purpos": [3, 4, 5, 9, 10, 11, 12, 16], "uniqu": [3, 5, 6, 9, 10, 11, 14, 15, 16], "tag": [3, 5, 15], "oem": [3, 15], "give": [3, 7, 9, 10, 14, 15], "more": [3, 5, 6, 7, 9, 10, 11, 14, 16], "confid": [3, 7, 9, 16], "your": 3, "keystor": 3, "qeaa": [3, 16], "form": [3, 5, 6, 9, 10, 11, 12, 14, 15, 16], "possess": [3, 4, 5, 6, 9, 10, 12, 13, 14, 16], "reli": [3, 4, 5, 6, 11, 12, 15, 16], "natur": [3, 5, 6, 11, 15, 16], "legal": [3, 11, 12, 14, 16], "submiss": [3, 9, 10], "mechan": [3, 4, 5, 9, 10, 11, 15, 16], "see": [3, 5, 6, 7, 9, 11, 14, 15], "complianc": [3, 5, 6, 9, 10, 14, 16], "regulatori": [3, 14], "repudi": [3, 4, 11], "over": [3, 5, 7, 9, 11, 12, 14, 16], "time": [3, 5, 6, 7, 9, 10, 11, 13, 14, 15, 16], "particular": [3, 6, 11, 14, 15], "layer": [3, 13], "architectur": [3, 4, 6, 13, 14, 16], "establish": [3, 6, 7, 9, 10, 12, 14, 15, 16], "reliabl": [3, 5, 11, 14, 15, 16], "how": [3, 4, 5, 7, 9, 11, 14, 15], "maintain": [3, 9, 10, 12, 14], "outlin": [3, 5, 6, 7, 9, 10, 11, 14, 16], "procedur": [3, 11, 12, 14], "other": [3, 4, 5, 6, 9, 10, 11, 12, 14, 15, 16], "level": [3, 4, 7, 9, 10, 11, 12, 13, 15, 16], "exchang": [3, 6, 7, 9, 10, 11, 12, 13, 14, 16], "assur": [3, 9, 10, 13, 16], "degre": 3, "vet": 3, "same": [3, 5, 6, 9, 10, 11, 14], "whom": [3, 12], "wa": [3, 5, 6, 9, 10, 11, 15], "holder": [3, 5, 11, 12, 15], "bind": [3, 6, 9, 10, 14, 15], "abil": [3, 12, 14, 16], "legitim": [3, 5], "third": [3, 11, 14, 15], "oid4vp": [3, 9, 10], "openid": [3, 5, 6, 9, 10, 13, 14, 15, 16], "vc": [3, 5, 6, 9, 10, 13, 14, 15], "vp": [3, 9, 10], "api": [3, 4, 6, 9, 10, 15, 16], "program": 3, "interfac": [3, 6, 11, 14, 16], "loa": [3, 6, 16], "wscd": [3, 15], "european": [4, 12], "parliament": 4, "adopt": [4, 16], "revis": 4, "regul": [4, 11, 12, 14], "introduc": 4, "signific": [4, 12, 14], "innov": 4, "updat": [4, 5, 9, 10, 11, 14], "mark": [4, 5, 6, 9, 10, 14], "pivot": 4, "advanc": [4, 12, 14], "eu": [4, 5, 9, 10, 14, 15, 16], "strategi": [4, 9, 10, 14], "aim": [4, 5], "interoper": [4, 6, 9, 10, 12, 13, 14], "usabl": [4, 15], "across": [4, 12], "For": [4, 5, 6, 7, 9, 10, 11, 14, 15, 16], "detail": [4, 5, 7, 11, 12, 14, 15, 16], "resourc": [4, 5, 6, 9, 10, 13, 14], "legisl": [4, 16], "offici": 4, "commiss": 4, "websit": [4, 14, 16], "itali": 4, "launch": [4, 15], "direct": [4, 15], "full": [4, 5, 12, 16], "align": [4, 14], "complet": [4, 9, 10, 12, 16], "defin": [4, 5, 6, 7, 9, 10, 11, 14, 15, 16], "involv": [4, 6, 9, 10, 11, 12, 14, 15], "accord": [4, 5, 6, 7, 9, 10, 11, 14, 15, 16], "infrastructur": [4, 12], "realiabl": [4, 16], "mdl": [4, 5, 7, 9, 10], "cbor": [4, 6, 7, 9, 10, 11], "sd": [4, 6, 9, 10, 11, 13, 14, 15], "jwt": [4, 6, 9, 10, 11, 13, 14, 15, 16], "openid4vci": [4, 6, 13, 14], "openid4vp": [4, 6, 9, 10, 13, 14], "pseudonym": 4, "siopv2": [4, 9, 10, 15], "backup": 4, "restor": 4, "self": [4, 5], "sovereign": 4, "ssi": 4, "languag": [4, 14], "convent": 4, "term": [4, 14, 16], "acronym": 4, "properti": [4, 5], "endpoint": [4, 11, 15], "configur": [4, 15, 16], "common": 4, "anchor": [4, 6, 16], "leav": 4, "intermedi": [4, 6, 12, 16], "metadata": [4, 5, 6, 9, 10, 11, 12, 15], "type": [4, 5, 6, 7, 9, 10, 11, 15, 16], "statement": [4, 6, 9, 10, 15, 16], "offlin": [4, 7, 9, 11], "long": [4, 6, 11], "live": 4, "privaci": [4, 6, 9, 10, 11, 12, 15, 16], "remark": 4, "consider": 4, "decentr": 4, "lifecycl": [4, 15], "transit": [4, 14], "return": [4, 5, 6, 7, 9, 10, 11, 14, 15], "deactiv": 4, "header": [4, 5, 6, 9, 10, 11, 14, 15], "wallet_provid": [4, 14], "federation_ent": [4, 6, 9, 10, 14], "extern": [4, 14], "view": [4, 6, 16], "dynam": [4, 6, 14], "registr": [4, 6, 14], "acquisit": 4, "q": [4, 9, 10, 14, 16], "mdoc": [4, 6, 10, 11], "namespac": [4, 7, 9, 10], "object": [4, 6, 7, 11, 13, 14, 15], "high": [4, 7, 9, 10, 11, 13, 15, 16], "flow": [4, 14, 15], "push": [4, 9, 10], "par": 4, "token": [4, 9, 10, 13, 15, 16], "remot": [4, 14], "uri": [4, 6, 13], "post": [4, 6, 11, 14, 15], "cross": [4, 14], "check": [4, 6, 7, 11, 14, 15], "redirect": [4, 6], "error": [4, 6, 11, 15], "proxim": 4, "engag": [4, 16], "session": [4, 6, 10], "termin": [4, 10, 15], "case": [4, 5, 6, 9, 10, 14], "proof": [4, 5, 6, 9, 10, 12, 13, 14, 16], "rst": 4, "librari": 4, "code": [4, 5, 6, 7, 9, 10, 11, 14, 15], "snippet": 4, "algorithm": [4, 5, 6, 9, 10, 11, 13, 14, 15, 16], "contribut": 4, "acknowledg": 4, "law": [5, 11], "scope": [5, 6, 9, 10, 11, 14], "protect": [5, 6, 9, 10, 14, 15], "ones": 5, "current": [5, 6, 9, 10, 11, 13, 14], "first": [5, 6, 9, 10, 15], "date": [5, 6, 11, 13, 14, 15], "birth": [5, 6], "taxpay": 5, "number": [5, 6, 9, 10, 11, 14, 15, 16], "select": [5, 6, 9, 10], "disclosur": [5, 9, 10, 14], "specifi": [5, 6, 7, 9, 10, 15, 16], "02": [5, 7, 9], "_sd_alg": 5, "5": [5, 6, 7, 9, 10, 11, 14, 15], "them": [5, 9, 10, 11, 12, 14, 15, 16], "disclos": [5, 6, 7, 9, 12, 14], "indic": [5, 6, 7, 9, 10, 13, 14], "digest": 5, "salt": [5, 7, 9], "omit": [5, 6], "instead": [5, 12, 14], "respect": [5, 6, 14, 16], "decoi": 5, "arrai": [5, 6, 7, 9, 10, 11, 14, 15, 16], "new": [5, 6, 7, 9, 10, 11, 12, 14, 15], "_sd": [5, 9, 10], "map": [5, 6, 9, 10, 14], "calcul": [5, 6, 7, 9], "random": [5, 6, 7, 9, 10, 15], "togeth": [5, 6, 7, 9, 11], "combin": [5, 14], "order": [5, 9, 10, 15, 16], "seri": 5, "base64url": [5, 6, 11, 15], "encod": [5, 6, 7, 9, 10, 11, 15], "separ": [5, 6, 9, 10], "next": 5, "singl": [5, 6, 14], "tild": 5, "charact": [5, 6], "n": [5, 6, 9, 10, 13], "jose": [5, 6, 11, 15], "mandatori": [5, 6, 7, 9, 11], "typ": [5, 6, 9, 10, 11, 14, 15, 16], "terbu": [5, 13], "latest": [5, 14], "rfc7515": [5, 6, 13], "9": [5, 6, 7, 9, 10, 14, 15], "kid": [5, 6, 9, 10, 11, 14, 15, 16], "8": [5, 6, 7, 9, 10, 11, 14, 15], "trust_chain": [5, 9, 10, 14, 15], "json": [5, 6, 9, 10, 11, 13, 14, 15, 16], "oidc": [5, 6, 9, 10, 12, 13, 14, 15], "fed": [5, 9, 10, 13, 14, 15], "whether": [5, 6, 9, 10, 14, 15], "nsd": 5, "iss": [5, 6, 9, 10, 11, 14, 15, 16], "url": [5, 6, 9, 10, 14, 15, 16], "string": [5, 6, 7, 9, 10, 14, 15, 16], "rfc7519": [5, 6, 13], "sub": [5, 6, 7, 9, 10, 14, 15, 16], "thumbprint": [5, 6, 11, 13, 15, 16], "jwk": [5, 6, 9, 10, 11, 13, 14, 15, 16], "cnf": [5, 6, 9, 10, 11, 15], "iat": [5, 6, 9, 10, 11, 14, 15, 16], "unix": [5, 6, 9, 10, 11, 14, 15, 16], "timestamp": [5, 6, 9, 10, 11, 13, 14, 15, 16], "numericd": [5, 6, 14], "7519": [5, 6, 9, 10, 11, 13, 14, 15], "6": [5, 6, 7, 9, 10, 14, 15], "exp": [5, 6, 9, 10, 11, 14, 15, 16], "expiri": [5, 6, 11, 14, 15], "read": 5, "status_attest": [5, 11], "credential_hash_alg": [5, 11], "bound": [5, 6, 11, 14, 15], "oauth": [5, 6, 9, 10, 11, 13, 15, 16], "01": [5, 7, 9, 11], "materi": [5, 6, 7, 9, 11], "confirm": [5, 6], "declar": 5, "recipi": 5, "rfc7800": [5, 11, 13], "vct": 5, "personidentificationdata": [5, 6], "depend": [5, 6, 9, 10, 11, 16], "addit": [5, 6, 11, 14, 15], "ad": [5, 6, 9, 10], "given_nam": [5, 6, 7, 9, 10, 14], "core": [5, 6, 14], "0": [5, 6, 7, 9, 10, 13, 14, 15, 16], "family_nam": [5, 6, 7, 9, 10, 14], "birth_dat": [5, 6, 7, 9], "unique_id": [5, 6, 9, 10], "id": [5, 6, 9, 10, 14, 16], "anpr": 5, "given": [5, 6, 9, 10, 11, 14], "regist": [5, 6, 15], "resid": [5, 9, 10, 11], "popul": [5, 9, 10], "tax_id_cod": [5, 6], "tax": [5, 6], "en": [5, 6], "319": 5, "412": 5, "tinit": 5, "italiantaxidentificationnumb": 5, "In": [5, 6, 7, 9, 10, 11, 12, 14, 16], "org": [5, 6, 7, 9, 10, 11, 14, 15, 16], "nzblsxh8udccd7nowxfzafhkxzsrgc9x": 5, "1683000000": 5, "1883000000": 5, "xxxxxxxx": 5, "xxxx": 5, "xxxxxxxxxxxx": 5, "mario": 5, "rossi": 5, "1980": 5, "10": [5, 6, 7, 9, 10, 13, 14, 15], "xxxxxxxxxxxxxxxx": 5, "correspond": [5, 6, 7, 9, 10, 11, 14], "verson": 5, "db67gl7ck3tfiiaf7n6_7shvqk0mdymeqcogglkuaaw": 5, "nehrderpynlhy3m5wldwtwz2auhm": 5, "eyjhbgcioijsuzi1niisimtpzci6": 5, "ikjydmzybg5oqu11sfiwn2fqvw1b": 5, "7wg4nt6k26_r3975zcwnvwgoha7b988_3": 5, "vjzbzf6yc": 5, "noxvzjujg667ibdedwmr6tz46x": 5, "jchkwivxmafv43yc": 5, "tk2rgupyoxzcx0vv5hbn9u5m2mhlwbt41qgwllxcnu8": 5, "uhchpgtnf2bj1fvafbby1rnf7wxkxelfj5a4vsj2fo4": 5, "q6tqnxau97tu": 5, "mqudg0fsamlgzdsumumk6a2s3bcsc0": 5, "wyfxvqq9bospt7tn4shoi4e48p19ava1ktw5zf0": 5, "fc": 5, "pidprovid": 5, "kty": [5, 6, 7, 9, 10, 14, 15, 16], "ec": [5, 6, 7, 9, 10, 14, 15, 16], "crv": [5, 6, 7, 9, 10, 14, 15, 16], "x": [5, 6, 7, 9, 10, 11, 14, 15, 16], "tcaer19zvu3ohf4j4w4vfsvohip1ilildls7vcegemc": 5, "y": [5, 6, 7, 9, 10, 13, 14, 15, 16], "zxjiwwbzmqghvwkvq4hbsiirsvfuecce6t4jt9f2hzq": 5, "wyi1n212ewnuadv5wknys0xanxhuzlv3iiwgimlhdciside2odmwmdawmdbd": 5, "57mvycth5yzcrklz5xnfuw": 5, "wyjrdwnyqm1sb19otwfjrky1odvsemfriiwginvuaxf1zv9pzcisicj4ehh4": 5, "ehh4ec14ehh4lxh4ehgtehh4ec14ehh4ehh4ehh4ehgixq": 5, "kucrbmlo_hmaiff585rzaq": 5, "wyjove5sb09pdvzwunrgnknfenrkovp3iiwgimdpdmvux25hbwuilcaitwfi": 5, "aw8ixq": 5, "ntnrooiuvvrtf6ceztd9zw": 5, "wyjgrfntugdnekdcvxdrteheu0u2d1friiwgimzhbwlsev9uyw1liiwgiljv": 5, "c3npil0": 5, "fdsspggzgbuwqlhdse6wqq": 5, "wyjlwjhlnxdwrxredmixemltuee0rhpbiiwgimjpcnrox2rhdguilcaimtk4": 5, "mc0wms0xmcjd": 5, "kz8e5wvetdvb1zispa4dza": 5, "wyjwwjvnunlpehbwv1p1sexvsi15aljniiwginrhef9pzf9jb2rliiwgilrj": 5, "tklulvhywfhywfhywfhywfhywfgixq": 5, "pz5mryoxpvwzuhloj": 5, "yjrg": 5, "eyjhbgcioiairvmyntyilcaidhlwijogimv4yw1wbgurc2qtand0in0": 5, "eyjfc2qioibb": 5, "ijdxrzruvdzlmjzfujm5nzv6y3duvndnb0hbn2i5odhfmy12snpiwmy2wwmilcaitk94": 5, "vnpqvupnnjy3aujkzur3bxi2dfo0nlgtamnos3djvnhnqwz2ndn5yyisicjuszjsz3vq": 5, "ww9yekn4mhz2nwhitjl1nu0ybuhsv0j0ndfxr1dstfhdtnu4iiwgilviq2hwr3rorjji": 5, "ajfgdkfmqmj5mxjuzjdxwgt4zwxgsjvhnhztajjgtzqilcaictzucw54yxu5n3r1lu1x": 5, "vurnmgztqw1mr1pku3vnvu1rnmeyczniy3ndmcisicj3ewz4vnfxoujvc1bun3ronfni": 5, "t0k0rtq4ude5yvzbmwt0vzvazjbflwzjil0sicjlehaioiaxodgzmdawmdawlcaiaxnz": 5, "ijogimh0dhbzoi8vcglkchjvdmlkzxiuzxhhbxbszs5vcmcilcaic3viijogik56ykxz": 5, "wgg4durdy2q3bm9xwezaqwzia3hac1jhqzlycyisicjzdgf0dxmioib7inn0yxr1c19h": 5, "dhrlc3rhdglvbii6ihsiy3jlzgvudglhbf9oyxnox2fszyi6icjzagetmju2in19lcai": 5, "dmn0ijogilblcnnvbklkzw50awzpy2f0aw9urgf0ysisicjfc2rfywxnijoginnoys0i": 5, "ntyilcaiy25mijogeyjqd2sioib7imt0esi6icjfqyisicjjcnyioiaiuc0yntyilcai": 5, "eci6icjuq0ffuje5wnz1m09irjrqnfc0dmztvm9isvaxsuxpbersczd2q2vhzw1jiiwg": 5, "inkioiaiwnhqavdxylpnuudivldlvle0agjtswlyc1zmdwvjq0u2ddrqvdlgmkhausj9": 5, "fx0": 5, "a36ovweqpcppkyhx75dg": 5, "hiib7zqklfmmcaixlpocmel1cxlx": 5, "ntzbfn_kdn0nlj": 5, "ymlay4xseetmic_scltxdg": 5, "wyi1n212ewnuadv5wknys0xanxhuzlv3iiwgimlhdcisi": 5, "de2odmwmdawmdbd": 5, "wyjrdwnyqm1sb19otwfjrky1odvsemfriiwginvuaxf1zv9pzci": 5, "icj4ehh4ehh4ec14ehh4lxh4ehgtehh4ec14ehh4ehh4ehh4ehgixq": 5, "wyjove5sb09pd": 5, "vzwunrgnknfenrkovp3iiwgimdpdmvux25hbwuilcaitwfyaw8ixq": 5, "wyjgrfntugdnek": 5, "dcvxdrteheu0u2d1friiwgimzhbwlsev9uyw1liiwgiljvc3npil0": 5, "wyjlwjhlnxdwrx": 5, "redmixemltuee0rhpbiiwgimjpcnrox2rhdguilcaimtk4mc0wms0xmcjd": 5, "wyjwwjvnu": 5, "nlpehbwv1p1sexvsi15aljniiwginrhef9pzf9jb2rliiwgilrjtklulvhywfhywfhyw": 5, "fhywfhywfgixq": 5, "disabilitycard": 5, "document_numb": [5, 7, 9], "xxxxxxxxxx": 5, "expiry_d": [5, 7, 9], "2024": [5, 7, 9], "constant_attendance_allow": 5, "true": [5, 6, 7, 9, 10], "previou": [5, 6, 9, 10, 11], "decod": [5, 6, 9, 10, 11], "both": [5, 7, 9, 10, 11, 12, 14, 15, 16], "d126a6a856f7724560484fa9dc59d195": 5, "lla7mch": 5, "ywwynzffwzsjbggie096fn8d60a": 5, "ml3sgo": 5, "afrjarpztmanxyu5iiwpifoaxjcnk": 5, "_h1ejt7mymcgm": 5, "i9xhlephyv8om35l3nf1mkqfpwud7ofpramsasx0": 5, "5g": 5, "rhpkitz7bggpjnwx2sgvh_ov9vhrjz9hx_inxwbbz6o": 5, "wyjrdwnyqm1sb19otwfjrky1odvsemfriiwgimrvy3vtzw50x251bwjlcii": 5, "icjywfhywfhywfhyil0": 5, "wyjwwjvnunlpehbwv1p1sexvsi15aljniiwgimv4cglyev9kyxrliiwgijiw": 5, "mjqtmdetmdeixq": 5, "wyjqdfz1s0nwbjdivgnickfnx3nlvwjriiwginrhef9pzf9jb2rliiwgilrj": 5, "jtvukcpn7btchrag_seubq": 5, "wyjxrgtknkpztmhernzmudrzmwhrzhlbiiwgimnvbnn0yw50x2f0dgvuzgfu": 5, "y2vfywxsb3dhbmnliiwgdhj1zv0": 5, "wdkd6jsnhdfvlp4s1hqdya": 5, "ii1mtee3tunolvlxv1loekzmd1pzskjhr2lfmdk2zk44zdywys1tbdnzz28ilcain1dh": 5, "ng5unksynl9smzk3nxpjd25wd2dvsee3yjk4of8zlxzkemjazjzzyyisicjbrljkyvjq": 5, "wlrnyu54wxu1sulxuglmt0fysknusy1fadflsnq3txlty2dniiwgilrlmljndvbzb1h6": 5, "q3gwdny1agjooxu1ttjtsgxxqnq0mxfhv2xmwenodtgilcaivuhdahbhde5gmmjqmuz2": 5, "qwzcynkxcm5mn1dya3hlbezknwe0dlnqmkzpncisicjpovhitgvqshlwoe9nmzvsm25m": 5, "mu1lcwzwv3ven09gcfjhbvnbc1gwltvniiwginjougtjdho3qkdhcgpuv1gyu0dwsf9p": 5, "vjlwafjqejlief9jtlh3qmj6nm8ilcaid3lmefzxctlcb3nqvdd0tjrtse9jneu0ofax": 5, "owfwqtfrdfc1wmywrs1myyjdlcaizxhwijogmtg4mzawmdawmcwgimlzcyi6icjodhrw": 5, "czovl2lzc3vlci5legftcgxllm9yzyisicjzdwiioiaitnpithnyadh1renjzddub1di": 5, "rlpbzkhrefpzukddovhziiwginn0yxr1cyi6ihsic3rhdhvzx2f0dgvzdgf0aw9uijog": 5, "eyjjcmvkzw50awfsx2hhc2hfywxnijoginnoys0yntyifx0sicj2y3qioiairglzywjp": 5, "bgl0eunhcmqilcaix3nkx2fszyi6icjzagetmju2iiwgimnuzii6ihsiandrijogeyjr": 5, "dhkioiairumilcaiy3j2ijogilatmju2iiwgingioiaivenbrvixovp2dtnpsey0ajrx": 5, "nhzmu1zvselqmulmawxebhm3dknlr2vtyyisicj5ijogilp4amlxv2jatvfhsfzxs1zr": 5, "nghiu0lpcnnwznvly0nfnnq0alq5rjjiwleifx19": 5, "1koe6igfxgbb_jtaluhm_bgjmbi": 5, "j6b63rm_wjaowpobsipskjy7hbhd2a83eusi8jqbskvhjs3wcr0kd9ppzrw": 5, "wyi1n212": 5, "ewnuadv5wknys0xanxhuzlv3iiwgimlhdciside2odmwmdawmdbd": 5, "wyjrdwnyqm1sb19": 5, "otwfjrky1odvsemfriiwgimrvy3vtzw50x251bwjlciisicjywfhywfhywfhyil0": 5, "wyj": 5, "ove5sb09pdvzwunrgnknfenrkovp3iiwgimdpdmvux25hbwuilcaitwfyaw8ixq": 5, "wyjg": 5, "rfntugdnekdcvxdrteheu0u2d1friiwgimzhbwlsev9uyw1liiwgiljvc3npil0": 5, "wyjl": 5, "wjhlnxdwrxredmixemltuee0rhpbiiwgimjpcnrox2rhdguilcaimtk4mc0wms0xmcjd": 5, "wyjwwjvnunlpehbwv1p1sexvsi15aljniiwgimv4cglyev9kyxrliiwgijiwmjqtmd": 5, "tmdeixq": 5, "wyjxrgtknkpztmhernzmudrzmwhrzhlbiiwgi": 5, "mnvbnn0yw50x2f0dgvuzgfuy2vfywxsb3dhbmnliiwgdhj1zv0": 5, "18013": [5, 7, 9, 10], "standard": [5, 9, 10, 14], "born": 5, "drive": 5, "licens": [5, 11], "8949": 5, "concis": 5, "binari": 5, "represent": [5, 14], "europa": [5, 9, 10, 14], "eudiw": [5, 6, 9, 10, 14, 15], "revers": 5, "util": [5, 7, 9, 10, 16], "consist": [5, 6, 16], "while": [5, 9, 10, 12, 14, 15], "domest": [5, 7, 9], "tstr": [5, 7, 9], "text": [5, 6, 9, 10, 11, 15], "structur": [5, 7, 9, 10, 16], "wai": [5, 6, 15], "track": [5, 11, 15], "backward": 5, "compat": [5, 14, 16], "understand": [5, 15], "evolv": [5, 14], "uint": [5, 7, 9], "unsign": 5, "int": 5, "mean": [5, 6, 11, 14, 15], "ok": [5, 6, 9, 10, 15], "normal": 5, "bstr": [5, 7, 9], "byte": [5, 7, 9], "collect": [5, 9, 10, 14], "doctyp": [5, 6, 7, 9, 10], "issuersign": [5, 7, 9], "24": [5, 7, 9, 10, 11, 14, 15], "major": 5, "howev": [5, 6, 9, 10], "issuerauth": [5, 7, 9], "mso": [5, 11], "cose": 5, "sign1": 5, "abov": [5, 6, 7, 9, 12, 14], "devicesign": [5, 7, 9], "phase": [5, 6, 7, 9, 11, 12, 14, 15], "deviceauth": [5, 7, 9], "either": [5, 6, 9, 10], "devicesignatur": [5, 7, 9], "devicemac": 5, "two": [5, 6, 7, 9, 10, 11, 15], "empti": [5, 7, 9], "latter": [5, 6, 11], "issuersigneditembyt": [5, 7, 9], "bitsr": 5, "diagnost": [5, 7, 9], "digestid": [5, 7, 9], "integ": [5, 6], "valuedigest": [5, 7, 9], "issuersigneditem": [5, 7, 9], "minimum": [5, 6, 7, 9, 10, 11, 15], "16": [5, 6, 7, 9, 10, 14], "elementidentifi": [5, 7, 9], "elementvalu": [5, 7, 9], "issue_d": [5, 7, 9], "cbortag": 5, "1004": [5, 7, 9], "expir": [5, 6, 9, 10, 11, 14, 15, 16], "issuing_author": [5, 7, 9], "issuing_countri": [5, 7, 9], "alpha": 5, "countri": 5, "3166": 5, "field": [5, 6, 7, 9, 10, 11, 12, 13], "9052": 5, "unprotect": 5, "7": [5, 6, 7, 9, 10, 11, 14, 15], "rfc8152": 5, "x5chain": 5, "label": [5, 9, 10], "33": [5, 7, 9], "9360": 5, "carri": [5, 6, 9, 10, 12, 14], "referenc": [5, 6, 9, 10], "509": [5, 14], "abl": [5, 6, 11, 14, 15], "without": [5, 6, 11, 12, 14, 15], "invalid": [5, 6, 7, 9, 10, 11, 14, 15], "mobilesecurityobject": 5, "mobilesecurityobjectbyt": 5, "validityinfo": [5, 7, 9], "datetim": [5, 11, 16], "validfrom": [5, 7, 9], "validuntil": [5, 7, 9], "digestalgorithm": [5, 7, 9], "group": 5, "devicekeyinfo": [5, 7, 9], "devicekei": [5, 7, 9], "keyauthor": 5, "keyinfo": 5, "devicesigneditem": 5, "af": 5, "a366737461747573006776657273696f6e63312e3069646f63756d656e747381a267646f6354797065781865752e6575726f70612e65632e65756469772e7069642e316c6973737565725369676e6564a26a697373756572417574688443a10126a1182159021930820215308201bca003020102021404ad06a30c1a6dc6e93be0e2e8f78dcafa7907c2300a06082a8648ce3d040302305b310b3009060355040613025a45312e302c060355040a0c25465053204d6f62696c69747920616e64205472616e73706f7274206f66205a65746f706961311c301a06035504030c1349414341205a65746573436f6e666964656e73301e170d3231303932393033333034355a170d3232313130333033333034345a3050311a301806035504030c114453205a65746573436f6e666964656e7331253023060355040a0c1c5a65746f70696120436974792044657074206f662054726166666963310b3009060355040613025a453059301306072a8648ce3d020106082a8648ce3d030107034200047c5545e9a0b15f4ff3ce5015121e8ad3257c28d541c1cd0d604fc9d1e352ccc38adef5f7902d44b7a6fc1f99f06eedf7b0018fd9da716aec2f1ffac173356c7da3693067301f0603551d23041830168014bba2a53201700d3c97542ef42889556d15b7ac4630150603551d250101ff040b3009060728818c5d050102301d0603551d0e04160414ce5fd758a8e88563e625cf056bfe9f692f4296fd300e0603551d0f0101ff040403020780300a06082a8648ce3d0403020347003044022012b06a3813ffec5679f3b8cddb51eaa4b95b0cbb1786b09405e2000e9c46618c02202c1f778ad252285ed05d9b55469f1cb78d773671f30fe7ab815371942328317c59032ad818590325a667646f6354797065781865752e6575726f70612e65632e65756469772e7069642e316776657273696f6e63312e306c76616c6964697479496e666fa3667369676e6564c074323032332d30322d32325430363a32333a35365a6976616c696446726f6dc074323032332d30322d32325430363a32333a35365a6a76616c6964556e74696cc074323032342d30322d32325430303a30303a30305a6c76616c756544696765737473a2781865752e6575726f70612e65632e65756469772e7069642e31ac015820a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a025820cd372fb85148700fa88095e3492d3f9f5beb43e555e5ff26d95f5a6adc36f8e6035820e67e72111b363d80c8124d28193926000980e1211c7986cacbd26aacc5528d48045820f7d062d662826ed95869851db06bb539b402047baee53a00e0aa35bfbe98265d0658202a132dbfe4784627b86aa3807cd19cfeff487aab3dd7a60d0ab119a72e736936075820bdca9e8dbca354e824e67bfe1533fa4a238b9ea832f23fb4271ebeb3a5a8f7200858202c0eaec2f05b6c7fe7982683e3773b5d8d7a01e33d04dfcb162add8bd99bee9a095820bfe220d85657ccec3c67e7db1df747e9148a152334bb6d4b65b273279bcc36ec0a582018e38144f5044301d6a0b4ec9d5f98d4cd950e6ea2c29b849cbd457da29b6ad30b58203c71d2f0efa09d9e3fbbdffd29204f6b292c9f79570aef72dd86c91f7a3aa5c50c582065743d58d89d45e52044758f546034fd13a4f994bc270cdfa7844f74eb3f4b6e0d5820b4a8eb5d523bffa17b41bda12ddc7da32ae1e5f7ff3dcc394a35401f16919bbf781b65752e6575726f70612e65632e65756469772e7069642e69742e31a10e58209d6c11644651126c94acdaf0803e86d4c71d15d3b2712a14295416734efd514d6d6465766963654b6579496e666fa1696465766963654b6579a401022001215820ba01aea44eee1e338eb2f04e279dbd51b34655783ee185150838c9a7a7c4db7122582025ba0044439a3871a7b975a0994a85e79b705a9ac263b3fe899b0a93412ee8c96f646967657374416c676f726974686d675348412d32353658400813c28fd62f2602cbc14724e5865733c44a0fca589b55c085ec9d5c725d6cce25ba0044439a3871a7b975a0994a85e79b705a9ac263b3fe899b0a93412ee8c96a6e616d65537061636573a2781865752e6575726f70612e65632e65756469772e7069642e3188d818586da4686469676573744944016672616e646f6d5820156df9227ad341eaa61aabd301106fd21bdc18820e01dfc16bcf5fecc447111b71656c656d656e744964656e7469666965726b6578706972795f646174656c656c656d656e7456616c7565d903ec6a323032342d30322d3232d818586fa4686469676573744944026672616e646f6d5820a3a1f13f05544d03a5b50b5fdb78465808393bcf3b7953a345fe28f820c7be0d71656c656d656e744964656e7469666965726d69737375616e63655f646174656c656c656d656e7456616c7565d903ec6a323032332d30322d3232d8185866a4686469676573744944036672616e646f6d5820852591f90f2c9ded57a03632e2c1322ab52a082a431e71a4149a6830c8f1ad0c71656c656d656e744964656e7469666965726f69737375696e675f636f756e7472796c656c656d656e7456616c7565624954d818587ca4686469676573744944046672616e646f6d5820d1d587b3512acce15c4f6b20944ceb002a464e4a158389788563408873c3fce571656c656d656e744964656e7469666965727169737375696e675f617574686f726974796c656c656d656e7456616c7565764d696e69737465726f2064656c6c27496e7465726e6fd8185864a4686469676573744944056672616e646f6d582094fdd7609c0e73dc8589b5cab11e1d9058cf8bff8a336da5f81fcba055396a0f71656c656d656e744964656e7469666965726a676976656e5f6e616d656c656c656d656e7456616c7565654d6172696fd8185865a4686469676573744944066672616e646f6d5820660c0a7bf79e0e0261ca1547a4294fb808aa70738f424b13ab1b9440b566ae1371656c656d656e744964656e7469666965726b66616d696c795f6e616d656c656c656d656e7456616c756565526f737369d818586ba4686469676573744944076672616e646f6d5820315c53491286488fa07f5c2ce67135ef5c9959c3469c99a14e9b6dc924f9eba571656c656d656e744964656e746966696572696269727468646174656c656c656d656e7456616c7565d903ec6a313935362d30312d3132d818587da4686469676573744944086672616e646f6d5820764ef39c9d01f3aa6a87f441603cfe853fba3cee3bc2c168bcc9e96271d6e06371656c656d656e744964656e74696669657269756e697175655f69646c656c656d656e7456616c7565781e78787878787878782d7878782d787878782d787878787878787878787878781b65752e6575726f70612e65632e65756469772e7069642e69742e3181d8185877a46864696765737449440d6672616e646f6d5820717df3f583b1484366c33a1f869f2b5d201d466a8b589c79ab1a2d85e595432571656c656d656e744964656e7469666965726d7461785f69645f6e756d6265726c656c656d656e7456616c75657554494e49542d585858585858585858585858585858": 5, "notat": [5, 7, 9, 13], "h": [5, 7, 9, 13], "30820215308201bca003020102021404ad30c": 5, "x_509": 5, "2023": [5, 7, 9, 13], "22t06": 5, "23": [5, 7, 9, 10, 14], "56z": 5, "22t00": 5, "00": 5, "00z": 5, "0f1571a97ffb799cc8fcdf2ba4fc2909929": 5, "0cdfe077400432c055a2b69596c90": 5, "e2382149255ae8e955af9b8984395": 5, "bbc77e6cca981a3ad0c3e544edf86": 5, "bb6e6c68d1b4b4ec5a2ae9206f5t4": 5, "f8a5966e6dac9970e0334d8f75e25": 5, "defdf1aa746718016ef1b94bfe5r6": 5, "f9ee4d36f67dbd75e23311ac1c29": 5, "ec2": [5, 7, 9], "elipt": 5, "coordin": [5, 7, 9], "p256": [5, 7, 9], "b820963964e53af064686dd9218303494a": 5, "coordiant": 5, "0a6da0af437e2943f1836f31c678d89298e9": 5, "ccordiant": 5, "1ad0d6a7313efdc38fcd765852fa2bd43debf48bf5a580d": 5, "e0b70bcefbd43686f345c9ed429343aa": 5, "22": [5, 7, 9, 10], "ae84834f389ee69888665b90a3e4fcc": 5, "960cb15a2ea9b68e5233ce902807aa95": 5, "9d3774bd5994ccfed248674b32a4f76a": 5, "ministero": [5, 6], "dell": [5, 6], "interno": [5, 6], "eb12193dc66c6174530cdc29b274381f": 5, "db143143538f3c8d41dc024f9cb25c9d": 5, "6059ff1ce27b4997b4ade1de7b01dc60": 5, "1956": [5, 7, 9], "12": [5, 6, 7, 9, 10, 14, 15], "53c15c57b3b076e788795829190220b4": 5, "xxx": 5, "11aa7273a2d2daa973f5951f0c34c2fba": 5, "tax_id_numb": 5, "xxxxxxxxxxxxxxx": 5, "relev": [6, 7, 9, 12, 14, 15], "releas": [6, 9, 10, 12], "product": [6, 16], "own": [6, 7, 9, 11, 12, 14, 15, 16], "compliant": [6, 7, 9, 10], "assess": [6, 14], "cab": 6, "graphic": 6, "compos": [6, 9, 10, 15], "oidc4vci": [6, 11], "13": [6, 7, 9, 10, 11, 14, 15], "net": 6, "spec": [6, 14], "1_0": 6, "html": 6, "_": 6, "eid": [6, 16], "saml2": [6, 12], "preexist": 6, "eg": [6, 9, 10, 14], "spid": [6, 9, 10, 14], "cie": 6, "notifi": [6, 9, 10, 11, 14, 16], "act": [6, 9, 10, 14], "send": [6, 7, 9, 10, 11, 15], "get": [6, 9, 10, 14, 15, 16], "fig": 6, "show": [6, 9, 10, 11], "highlight": 6, "step": [6, 7, 9, 10, 11, 15, 16], "pictur": [6, 9, 10], "setup": [6, 7, 9], "start": [6, 11, 14, 15], "preliminari": 6, "out": [6, 7, 9, 11, 14], "assert": [6, 14, 15, 16], "share": [6, 14], "discoveri": [6, 9, 10, 14], "discov": 6, "e": [6, 7, 9, 11, 12, 14, 16], "g": [6, 11, 12, 13, 14, 16], "subordin": [6, 9, 10, 14], "inspect": 6, "filter": [6, 9, 10], "proxi": [6, 9, 10], "held": 6, "expand": 6, "assumpt": 6, "most": 6, "look": 6, "capabl": [6, 9, 10, 14, 16], "9126": [6, 11, 15], "pkce": 6, "7636": 6, "receiv": [6, 7, 9, 10, 14, 15], "protocol": [6, 7, 9, 10, 11, 13, 14, 15], "well": [6, 9, 10, 11, 14, 15, 16], "fresh": [6, 9, 10, 14], "previous": [6, 9, 10, 14], "hereaft": 6, "prevent": [6, 9, 10, 15, 16], "swap": 6, "attack": [6, 15], "code_verifi": 6, "enough": 6, "entropi": [6, 9, 10], "unreserv": 6, "43": 6, "maximum": [6, 14], "impract": 6, "guess": 6, "client_assert": 6, "client": [6, 7, 9, 10, 14, 16], "sinc": [6, 9, 10, 12, 14, 15, 16], "less": [6, 7, 9, 14], "than": [6, 7, 9, 11, 14], "precis": 6, "second": [6, 7, 9, 10, 15], "authorization_detail": 6, "rar": 6, "9396": 6, "upon": [6, 9, 10, 14], "receipt": 6, "9101": [6, 9, 10], "retriev": [6, 7, 9, 10, 16], "jw": [6, 9, 10, 13, 14, 15, 16], "client_id": [6, 9, 10], "match": [6, 9, 10, 11], "aud": [6, 9, 10, 11, 15], "equal": [6, 9, 10, 14, 15], "reject": [6, 9, 10, 11], "request_uri": [6, 9, 10], "expos": [6, 9, 10, 14], "far": [6, 11], "minut": 6, "jti": [6, 9, 10, 11], "mitig": 6, "replai": [6, 15], "host": [6, 9, 10, 11, 15], "www": [6, 9, 10, 11, 15], "urlencod": [6, 9, 10, 11, 15], "response_typ": [6, 9, 10, 15], "thumprint": 6, "code_challeng": 6, "e9melhoa2owvfremtjguchaoek1t8urwbugjsstw": 6, "cm": 6, "code_challenge_method": 6, "s256": [6, 11], "client_assertion_typ": 6, "urn": [6, 15, 16], "ietf": [6, 15, 16], "param": [6, 15, 16], "wia": 6, "pop": [6, 11, 15], "appli": [6, 9, 10, 14, 15], "vbexjksm45xphtanncig6mcyuu4jfgnzopgukvogg9c": [6, 9, 10, 15], "ad25868c": 6, "8377": 6, "479b": 6, "8094": 6, "46fb1e797625": 6, "1686645115": [6, 15], "1686652315": [6, 15], "fifyx03bnosd8m6gyqifnhnp9cm_sam9tc5nlloiirc": [6, 14], "1672422065": [6, 9, 10], "1672418465": [6, 9, 10], "ac80df576e7109686717bf50b869e882": 6, "fyziol9lf2cekunt2jzxilrdink0upcd": 6, "openid_credenti": 6, "credential_configuration_id": 6, "redirect_uri": [6, 9, 10], "suffici": [6, 9, 10], "larg": 6, "adequ": 6, "risk": [6, 12], "exce": 6, "ascii": 6, "due": [6, 9, 10, 11], "reason": [6, 11], "mani": 6, "phone": [6, 12], "market": 6, "still": [6, 14, 15], "do": [6, 14, 15], "restrict": [6, 9, 10, 12, 14], "1024": 6, "On": 6, "slow": 6, "2g": 6, "caus": 6, "therefor": [6, 9, 10, 11, 12, 15], "advis": [6, 9, 10], "experi": [6, 9, 10, 12, 16], "point": [6, 7, 9, 10, 15], "201": [6, 9, 10, 11, 15], "cach": 6, "bwc4jk": 6, "esc0w8acc191": 6, "y1ltc2": 6, "expires_in": 6, "60": 6, "treat": [6, 15], "duplic": 6, "reload": 6, "refresh": 6, "agent": [6, 9, 10], "result": [6, 7, 9, 10, 11, 14], "submit": 6, "pass": [6, 7, 9, 15], "3aietf": [6, 15], "3aparam": [6, 15], "3aoauth": [6, 15], "3arequest_uri": 6, "3abwc4jk": 6, "consent": [6, 7, 9, 10, 14], "perspect": [6, 9, 10, 14], "prior": 6, "transact": [6, 9, 10, 14, 16], "11": [6, 7, 9, 10, 14, 15], "6749": [6, 11, 13], "intend": [6, 7, 9, 10, 14], "9027": 6, "univers": 6, "local": [6, 11, 14, 15], "so": [6, 7, 9, 11], "resolv": [6, 14], "302": [6, 9, 10], "found": [6, 9, 10, 11], "locat": [6, 7, 9, 10], "splxlobezqqybys6wxsbia": 6, "3a": [6, 9, 10], "2f": [6, 9, 10], "2fpid": 6, "dpop": [6, 13], "instruct": 6, "9449": [6, 13], "certain": [6, 7, 9, 10], "misus": [6, 9, 10], "leak": 6, "stolen": 6, "repli": [6, 15], "tokenrequest": 6, "eyj0exaioijkcg9wk2p3dcisimfszyi6ikvtmju2iiwiandrijp7imt0esi6ik": 6, "vdiiwieci6imw4dezyahgtmzr0vjnoukldukrzoxpda0rscejorjqyvvfvzldwqvdcr": 6, "nmilcj5ijoiovzfngpmx09rx282nhpivfrsy3vosmfqsg10nny5verwcluwq2r2r1j": 6, "qsisimnydii6ilatmju2in19": 6, "eyjqdgkioiitqnddm0vtyzzhy2mybfrjiiwiahrtij": 6, "oiue9tvcisimh0dsi6imh0dhbzoi8vc2vydmvylmv4yw1wbguuy29tl3rva2vuiiwia": 6, "wf0ijoxntyymjyynje2fq": 6, "gxa6t8lp4vfrg8v": 6, "fdwp0a0zdrj8igimlvqrmuvwnqg": 6, "4ptflbdlxiossx0x7nvi": 6, "fnyjk70nfbv37xrzt3lg": 6, "grant_typ": [6, 15], "authorization_cod": 6, "dbjftjez4cvp": 6, "mb92k27uhbuju1p1r_ww1gfwfoejxk": 6, "cb": [6, 9, 10], "15": [6, 9, 10, 14], "success": [6, 9, 10, 11, 14], "c_nonc": 6, "unpredict": [6, 15], "later": [6, 9, 10], "18": [6, 9, 10, 14, 15], "primari": [6, 7, 9, 15, 16], "countermeasur": [6, 15], "against": [6, 14, 15], "200": [6, 9, 10, 15], "access_token": 6, "kz": 6, "8mxk1ealyznwh": 6, "lc": 6, "1fbao": 6, "4ljp": 6, "zspe_neo": 6, "gxu": 6, "token_typ": 6, "2677": 6, "tzign": 6, "snfbp": 6, "c_nonce_expires_in": 6, "86400": 6, "17": [6, 9, 10, 14, 15], "demonstr": [6, 7, 9, 13, 14, 15], "evid": [6, 7, 9, 11], "To": [6, 9, 10, 11, 16], "conduct": 6, "explicitli": 6, "server": [6, 7, 9, 10, 11, 15], "nonc": [6, 9, 10, 15], "furthermor": [6, 11, 14, 15, 16], "creation": [6, 9, 10, 11, 14], "window": 6, "determin": [6, 9, 10, 12, 14, 16], "schema": [6, 14], "nmilcj5ijoiovzfngpmx09rx282nhpivfrsy3vosmfqsg10nny5verwcluwq2r2r": 6, "1jeqsisimnydii6ilatmju2in19": 6, "eyjqdgkioijlmwozvl9is2ljoc1mquvciiwiahrtij": 6, "oir0vuiiwiahr1ijoiahr0chm6ly9yzxnvdxjjzs5legftcgxllm9yzy9wcm90zwn0z": 6, "wryzxnvdxjjzsisimlhdci6mtu2mji2mjyxocwiyxroijoizlvieu8ycjjam0rantnf": 6, "c05yv0jimhhxwg9htnk1oulps0nbcwtzbvffbyj9": 6, "2ow9rp35yrqzhrtnp86l": 6, "ey71": 6, "optxrimpptoa1plemagr6pxhf8y6": 6, "yqyvnmcw6fy1dqd": 6, "jfxsyomxhajplja": 6, "credential_definit": 6, "proof_typ": 6, "eyjrawqioijkawq6zxhhbxbsztplym": 6, "l8tfrhx": 6, "34tv3hricrdy9zckdlpbhf42uqufwvawbf": 6, "9ve4jf_ok_o64zbttlcunjajhmt6v9tdvru0cdvgrda": 6, "And": 6, "0b434530": [6, 11], "e151": [6, 11], "4c40": [6, 11], "98b7": [6, 11], "74c75a5ef760": [6, 11], "1504699136": [6, 9, 10, 11], "19": [6, 9, 10, 13, 14], "21": [6, 9, 10, 14], "suitabl": 6, "succe": 6, "proceed": 6, "storag": [6, 11, 14, 15], "proce": 6, "pragma": 6, "lupixvcwjk0eot4cxqe1nxk": 6, "wzwmhmn9oqp6yxx0a2l": 6, "fgff7": 6, "ukhla": 6, "insid": [6, 11, 15], "challeng": [6, 15], "per": [6, 11, 15], "iana": [6, 11, 15], "web": [6, 9, 10, 11, 13, 14, 15, 16], "registri": [6, 9, 10, 11, 12, 14, 15, 16], "symmetr": [6, 9, 10, 11, 15], "mac": [6, 9, 10, 11, 15], "7638": [6, 11, 13, 15], "section_3": [6, 11, 15], "assum": [6, 14], "implicit": 6, "side": [6, 9, 10], "end": [6, 7, 9, 10, 14], "alphanumer": 6, "32": [6, 9, 10], "authrequest": 6, "credential_configurations_support": 6, "reus": 6, "alon": 6, "collis": 6, "resist": 6, "under": [6, 9, 10, 11, 12, 14, 16], "uuid": [6, 7, 9, 11], "v4": [6, 11], "4122": [6, 11], "top": 6, "media": [6, 9, 10, 14, 16], "8259": 6, "strong": [6, 16], "pseudorandom": 6, "lifetim": 6, "posit": 6, "occur": [6, 7, 9, 10, 11, 15], "error_descript": [6, 9, 10, 11, 15], "human": [6, 11, 15], "readabl": [6, 9, 10, 11, 15], "clarifi": [6, 9, 10, 11, 15], "encount": [6, 9, 10, 11, 15], "400": [6, 9, 10, 11], "bad": [6, 9, 10, 11], "invalid_request": [6, 9, 10, 11], "grant": [6, 9, 10, 12, 15, 16], "browser": 6, "serial": 6, "queri": 6, "invalid_dpop_proof": 6, "least": [6, 7, 9, 10, 16], "7515": [6, 11, 13], "8725": [6, 13], "chosen": [6, 9, 10, 15, 16], "7517": [6, 9, 10, 11, 13, 14, 16], "htm": 6, "attach": [6, 14], "9110": 6, "htu": 6, "target": [6, 9, 10], "fragment": [6, 9, 10], "successfulli": [6, 9, 10, 11], "claimset": 6, "simplifi": 6, "even": [6, 9, 10, 11, 12, 14], "charset": [6, 9, 10, 11], "utf": [6, 9, 10, 11], "invalid_cli": 6, "fail": [6, 9, 10, 14], "accomplish": [6, 16], "methodolog": 6, "9068": 6, "subject": [6, 9, 10, 14, 16], "subjectidtyp": 6, "uuid4": 6, "rp": [6, 9, 10, 14], "jkt": 6, "ath": 6, "denot": 6, "mso_mdoc": [6, 9, 10], "renew": [6, 14], "invalid_proof": 6, "oauth_authorization_serv": 6, "openid_credential_issu": [6, 14], "openid_relying_parti": [6, 14], "fanfs3ync9tjicaivhwlvuj3axwggz_98urfaqme": 6, "1649610249": 6, "1649437449": 6, "sig": 6, "1ta": 6, "aqab": [6, 9, 10], "authority_hint": [6, 9, 10, 14, 16], "superior": [6, 14, 16], "organization_nam": [6, 7, 9, 10, 14, 16], "organ": [6, 9, 10, 12, 16], "homepage_uri": [6, 9, 10, 14, 16], "policy_uri": [6, 9, 10, 16], "privacy_polici": [6, 16], "tos_uri": [6, 16], "info_polici": [6, 16], "logo_uri": [6, 9, 10, 14, 16], "logo": [6, 9, 10, 14, 16], "svg": [6, 9, 10, 14, 16], "contact": [6, 9, 10, 14], "op": [6, 9, 10], "federation_resolve_endpoint": [6, 14], "authorization_endpoint": [6, 9, 10, 15], "pushed_authorization_request_endpoint": 6, "dpop_signing_alg_values_support": 6, "token_endpoint": [6, 16], "introspection_endpoint": 6, "introspect": 6, "client_registration_types_support": 6, "automat": [6, 14], "code_challenge_methods_support": 6, "authorization_details_types_support": 6, "acr_values_support": 6, "gov": [6, 7, 9, 10], "spidl2": [6, 9, 10], "spidl3": [6, 9, 10], "grant_types_support": [6, 16], "scopes_support": 6, "request_parameter_support": 6, "request_uri_parameter_support": 6, "fals": [6, 7, 9, 10, 15], "response_types_support": [6, 9, 10, 15], "subject_types_support": 6, "pairwis": [6, 9, 10], "token_endpoint_auth_methods_support": [6, 16], "attest_jwt_client_auth": 6, "token_endpoint_auth_signing_alg_values_support": [6, 16], "request_object_signing_alg_values_support": [6, 9, 10, 15], "credential_issu": 6, "credential_endpoint": 6, "revocation_endpoint": 6, "status_attestation_endpoint": 6, "displai": [6, 7, 9, 10], "italiano": 6, "di": 6, "esempio": 6, "alt_text": 6, "questo": 6, "newk5qdymekrcppo": 6, "yeytdjvwjmtzasmavt2vm1mb": 6, "vizxalo6dzeeszpxfpgzabtk3ctxtbubiiqpmiyrts": 6, "ff0bded045fe63fe5d1d64dd83b567e0": 6, "cryptographic_binding_methods_support": 6, "credential_signing_alg_values_support": 6, "proof_types_support": 6, "proof_signing_alg_values_support": 6, "credenzial": 6, "background_color": 6, "12107c": 6, "text_color": 6, "ffffff": 6, "trust_framework": [6, 7, 9], "assurance_level": [6, 7, 9], "electronic_record": [6, 7, 9], "record": [6, 7, 9], "sourc": [6, 7, 9, 11, 12], "organization_id": [6, 7, 9], "ipa_cod": 6, "m_it": 6, "country_cod": [6, 7, 9], "credentialsubject": [6, 9, 10], "nome": 6, "cognom": 6, "nascita": 6, "identificativo": 6, "univoco": 6, "codic": 6, "fiscal": 6, "supervis": [7, 9], "divid": [7, 9, 11, 15], "three": [7, 9, 16], "subphas": [7, 9], "begin": [7, 9], "prompt": [7, 9, 10], "between": [7, 9, 10, 11, 12, 14, 15, 16], "transmit": [7, 9, 10], "rang": [7, 9], "technolog": [7, 9, 14], "limit": [7, 9, 15], "intercept": [7, 9, 10], "eavesdrop": [7, 9], "exclus": [7, 9], "qr": [7, 9, 10], "up": [7, 9, 10, 11, 14], "stage": [7, 9], "condit": [7, 9, 10, 11], "iso18013": [7, 9], "appropri": [7, 9, 10, 11], "decrypt": [7, 9, 10], "bluetooth": [7, 9], "low": [7, 9, 16], "energi": [7, 9], "ble": [7, 9], "figur": [7, 9], "illustr": [7, 9], "diagram": [7, 9, 10, 11], "reveal": [7, 9, 11, 12], "temporari": [7, 9, 11], "edevicekei": [7, 9], "priv": [7, 9], "pub": [7, 9], "incorpor": [7, 9, 14], "suit": [7, 9], "immedi": [7, 9, 14, 16], "after": [7, 9, 10, 11, 15, 16], "final": [7, 9, 10, 14, 15], "a30063312e30018201d818584ba4010220012158205a88d182bce5f42efa59943f33359d2e8a968ff289d93e5fa444b624343167fe225820b16e8cf858ddc7690407ba61d4c338237a8cfcf3de6aa672fc60a557aa32fc670281830201a300f401f50b5045efef742b2c4837a9a3b0e1d05a6917": [7, 9], "embed": [7, 9], "item": [7, 9, 12], "5a88d182bce5f42efa59943f33359d2e8a968ff289d93e5fa444b624343": [7, 9], "167fe": [7, 9], "b16e8cf858ddc7690407ba61d4c338237a8cfcf3de6aa672fc60a557aa32fc67": [7, 9], "deviceretrievalmethod": [7, 9], "peripher": [7, 9], "central": [7, 9, 12, 14], "45efef742b2c4837a9a3b0e1d05a6917": [7, 9], "scan": [7, 9, 10], "ereaderkei": [7, 9], "newli": [7, 9], "independ": [7, 9, 14], "along": [7, 9, 10, 11, 16], "a26776657273696f6e63312e306b646f63526571756573747381a26c6974656d7352657175657374d818590152a267646f6354797065756f72672e69736f2e31383031332e352e312e6d444c6a6e616d65537061636573a2746f72672e69736f2e31383031332e352e312e4954a375766572696669636174696f6e2e65766964656e6365f4781c766572696669636174696f6e2e6173737572616e63655f6c6576656cf4781c766572696669636174696f6e2e74727573745f6672616d65776f726bf4716f72672e69736f2e31383031332e352e31ab76756e5f64697374696e6775697368696e675f7369676ef47264726976696e675f70726976696c65676573f46f646f63756d656e745f6e756d626572f46a69737375655f64617465f46f69737375696e675f636f756e747279f47169737375696e675f617574686f72697479f46a62697274685f64617465f46b6578706972795f64617465f46a676976656e5f6e616d65f468706f727472616974f46b66616d696c795f6e616d65f46a726561646572417574688443a10126a11821590129308201253081cda00302010202012a300a06082a8648ce3d0403023020311e301c06035504030c15536f6d652052656164657220417574686f72697479301e170d3233313132343130323832325a170d3238313132323130323832325a301a3118301606035504030c0f536f6d6520526561646572204b65793059301306072a8648ce3d020106082a8648ce3d03010703420004aa1092fb59e26ddd182cfdbc85f1aa8217a4f0fae6a6a5536b57c5ef7be2fb6d0dfd319839e6c24d087cd26499ec4f87c8c766200ba4c6218c74de50cd1243b1300a06082a8648ce3d0403020347003044022048466e92226e042add073b8cdc43df5a19401e1d95ab226e142947e435af9db30220043af7a8e7d31646a424e02ea0c853ec9c293791f930bf589bee557370a4c97bf6584058a0d421a7e53b7db0412a196fea50ca6d4c8a530a47dd84d88588ab145374bd0ab2a724cf2ed2facf32c7184591c5969efd53f5aba63194105440bc1904e1b9": [7, 9], "docrequest": [7, 9], "itemsrequest": [7, 9], "un_distinguishing_sign": [7, 9], "driving_privileg": [7, 9, 10], "portrait": [7, 9, 10], "readerauth": [7, 9], "a10126": [7, 9], "308201253081cda00302010202012a300a06082a8648ce3d0403023020311e301c06035504030c15536f6d652052656164657220417574686f72697479301e170d3233313132343130323832325a170d3238313132323130323832325a301a3118301606035504030c0f536f6d6520526561646572204b65793059301306072a8648ce3d020106082a8648ce3d03010703420004aa1092fb59e26ddd182cfdbc85f1aa8217a4f0fae6a6a5536b57c5ef7be2fb6d0dfd319839e6c24d087cd26499ec4f87c8c766200ba4c6218c74de50cd1243b1300a06082a8648ce3d0403020347003044022048466e92226e042add073b8cdc43df5a19401e1d95ab226e142947e435af9db30220043af7a8e7d31646a424e02ea0c853ec9c293791f930bf589bee557370a4c97b": [7, 9], "null": [7, 9], "58a0d421a7e53b7db0412a196fea50ca6d4c8a530a47dd84d88588ab145374bd0ab2a724cf2ed2facf32c7184591c5969efd53f5aba63194105440bc1904e1b9": [7, 9], "comput": [7, 9, 11], "ask": [7, 9, 10, 11, 12, 15, 16], "permiss": [7, 9], "agre": [7, 9, 14], "a36776657273696f6e63312e3069646f63756d656e747381a367646f6354797065756f72672e69736f2e31383031332e352e312e6d444c6c6973737565725369676e6564a26a6e616d65537061636573a2746f72672e69736f2e31383031332e352e312e495483d81858f7a46864696765737449440b6672616e646f6d506d44f21ee875f2c1d502b43198e5a15271656c656d656e744964656e74696669657275766572696669636174696f6e2e65766964656e63656c656c656d656e7456616c756581a2647479706571656c656374726f6e69635f7265636f7264667265636f7264bf6474797065781f68747470733a2f2f657564692e77616c6c65742e70646e642e676f762e697466736f75726365bf716f7267616e697a6174696f6e5f6e616d65754d6f746f72697a7a617a696f6e6520436976696c656f6f7267616e697a6174696f6e5f6964656d5f696e666c636f756e7472795f636f6465626974ffffd8185866a4686469676573744944046672616e646f6d50185d84dfb71ce9b173010ddd62174fbe71656c656d656e744964656e746966696572781c766572696669636174696f6e2e74727573745f6672616d65776f726b6c656c656d656e7456616c7565656569646173d8185865a4686469676573744944006672616e646f6d50137f903174253c4585358267aae2ea4e71656c656d656e744964656e746966696572781c766572696669636174696f6e2e6173737572616e63655f6c6576656c6c656c656d656e7456616c75656468696768716f72672e69736f2e31383031332e352e318bd8185852a46864696765737449440c6672616e646f6d5053e29d0ddbbc7d2306a32bdbe2e56e5171656c656d656e744964656e7469666965726b66616d696c795f6e616d656c656c656d656e7456616c756563446f65d8185855a4686469676573744944036672616e646f6d50990cba2069fa1b33b8d6ae910b6549dc71656c656d656e744964656e7469666965726a676976656e5f6e616d656c656c656d656e7456616c756567416e746f6e696fd818585ba46864696765737449440a6672616e646f6d504086c1379975f805f1b1f4975e6a126571656c656d656e744964656e7469666965726a69737375655f646174656c656c656d656e7456616c7565d903ec6a323031392d31302d3230d818585ca4686469676573744944016672616e646f6d50ab4ca30c918dd2fd0bf35242c15fa2d871656c656d656e744964656e7469666965726b6578706972795f646174656c656c656d656e7456616c7565d903ec6a323032342d31302d3230d8185855a4686469676573744944076672616e646f6d508d9066f6c8da16619867cd4e2fab0c8871656c656d656e744964656e7469666965726f69737375696e675f636f756e7472796c656c656d656e7456616c7565624954d818587ea4686469676573744944056672616e646f6d5059fe68db795dee4c20976380ea24770571656c656d656e744964656e7469666965727169737375696e675f617574686f726974796c656c656d656e7456616c75657828497374697475746f20506f6c696772616669636f2065205a656363612064656c6c6f20537461746fd818585ba4686469676573744944026672616e646f6d5008b3f1ca5517019767be3dee3bb0614571656c656d656e744964656e7469666965726a62697274685f646174656c656c656d656e7456616c7565d903ec6a313935362d30312d3230d818585ca4686469676573744944096672616e646f6d50a2395ec214350c26066306e23279b3ae71656c656d656e744964656e7469666965726f646f63756d656e745f6e756d6265726c656c656d656e7456616c756569393837363534333231d8185850a4686469676573744944066672616e646f6d50a25e1a5b915d2d6eafee9674e023293971656c656d656e744964656e74696669657268706f7274726169746c656c656d656e7456616c75654420212223d81858eea46864696765737449440d6672616e646f6d50eeed6a3b856563627589a360939d12f771656c656d656e744964656e7469666965727264726976696e675f70726976696c656765736c656c656d656e7456616c756582a37576656869636c655f63617465676f72795f636f646561416a69737375655f64617465d903ec6a323031382d30382d30396b6578706972795f64617465d903ec6a323032342d31302d3230a37576656869636c655f63617465676f72795f636f646561426a69737375655f64617465d903ec6a323031372d30322d32336b6578706972795f64617465d903ec6a323032342d31302d3230d818585ba4686469676573744944086672616e646f6d50c0ef486b2a194ed3cbf7f354fd40092171656c656d656e744964656e74696669657276756e5f64697374696e6775697368696e675f7369676e6c656c656d656e7456616c756561496a697373756572417574688443a10126a118215901423082013e3081e5a00302010202012a300a06082a8648ce3d040302301a3118301606035504030c0f5374617465204f662055746f706961301e170d3233313132343134353430345a170d3238313132323134353430345a30383136303406035504030c2d5374617465204f662055746f7069612049737375696e6720417574686f72697479205369676e696e67204b65793059301306072a8648ce3d020106082a8648ce3d03010703420004c338ec1000b351ce8bcdfc167450aeceb": [7, 9], "6d44f21ee875f2c1d502b43198e5a152": [7, 9], "pdnd": [7, 9], "motorizzazion": [7, 9], "civil": [7, 9], "m_inf": [7, 9], "185d84dfb71ce9b173010ddd62174fb": [7, 9], "137f903174253c4585358267aae2ea4": [7, 9], "53e29d0ddbbc7d2306a32bdbe2e56e51": [7, 9], "doe": [7, 9, 10, 15], "990cba2069fa1b33b8d6ae910b6549dc": [7, 9], "antonio": [7, 9], "4086c1379975f805f1b1f4975e6a1265": [7, 9], "2019": [7, 9], "20": [7, 9, 10, 14], "ab4ca30c918dd2fd0bf35242c15fa2d8": [7, 9], "8d9066f6c8da16619867cd4e2fab0c88": [7, 9], "59fe68db795dee4c20976380ea247705": [7, 9], "istituto": [7, 9], "poligrafico": [7, 9], "zecca": [7, 9], "dello": [7, 9], "stato": [7, 9], "08b3f1ca5517019767be3dee3bb06145": [7, 9], "a2395ec214350c26066306e23279b3a": [7, 9], "987654321": [7, 9], "a25e1a5b915d2d6eafee9674e0232939": [7, 9], "20212223": [7, 9], "eeed6a3b856563627589a360939d12f7": [7, 9], "vehicle_category_cod": [7, 9], "2018": [7, 9], "08": [7, 9], "09": [7, 9], "b": [7, 9, 13], "2017": [7, 9, 13], "c0ef486b2a194ed3cbf7f354fd400921": [7, 9], "i": [7, 9], "3082013e3081e5a00302010202012a300a06082a8648ce3d040302301a3118301606035504030c0f5374617465204f662055746f706961301e170d3233313132343134353430345a170d3238313132323134353430345a30383136303406035504030c2d5374617465204f662055746f7069612049737375696e6720417574686f72697479205369676e696e67204b65793059301306072a8648ce3d020106082a8648ce3d03010703420004c338ec1000b351ce8bcdfc167450aeceb7d518bd9a519583e082d67effff06565804fc09abf0e4a08e699c9dba3796285a15f68e40ac7f9fc7700a15153a4065300a06082a8648ce3d040302034800304502210099b7d62e6bf7b1823db3713df889bf73e70bb4d9c58c21e92c58d2f1beffe932022058d039747a00d70e6d66be4797e6142b3608a014ee09b7b79af2cae2aaf27788": [7, 9], "0e5f0b6b33418e508740771e82f893372eaf5b2445bc4c84dcf08b005e9493fc": [7, 9], "de21bb62ff2897d8b986d2cda9f9bc5865c02807f7b4d9dd1fa4a79df4c0d37f": [7, 9], "bc5568239e35ce9ff8798c27ffdcd757b134b679f0fe05729aa3491381912e65": [7, 9], "e6048bdc7fd6454296f1e3f54536107c9c5b24c4064de46a98121e3630eecca2": [7, 9], "73690d92dcaa61b0203870f67c6aa9fdfea889b6f0c720de757b4b0a8516a206": [7, 9], "e353ea0b0fd92b6be90c64cc3b2ee1284153a8f0f5066b99aac599200e6eeeb2": [7, 9], "29227872ceb49923d267b5f4bade6d387b42ac2dc4b2ae26c9013067fee7018a": [7, 9], "a6a119f7cacac0b8c6aacac747fd3fe7e50b6d9bb8a507fda79f0df6646f285d": [7, 9], "6d8025d2f02a5e7e1406fb6aaeb67f9ede9b07191a53f3e23b77c528223a94e2": [7, 9], "b0d43e4e2ea534e4d5304e64bcf7a0f13e2c8ee8304b9cd23aba4909652a4647": [7, 9], "fbf4de318982f2dbad43c601caeb22628b301ac18aa8264c5831b2aaac89c486": [7, 9], "cf57377b675f64f37314739592c1e8a911a7ddaf341ce2902fe877c5a835e4c1": [7, 9], "4a4b4cc64ec9299c1a2501ea449f577005e9f7a60408057c07a7c67fb151e5f5": [7, 9], "78824fbd6fbba88a2aab44df8b6f5e9759126d87d1f4415995e658fd9239e1f": [7, 9], "afd09e720b918cedc2b8a881950bab6a1051e18ae16a814d51e609938663d5e1": [7, 9], "61fbc6c8ad24ec86a78bb4e9ac377dd2b7c711d9f2eb9afd4aa0963662847a": [7, 9], "24t14": [7, 9], "54": [7, 9], "05z": [7, 9], "f2461e4fab69e9f7bcffe552395424514524d1679440036213173101448d1b1ab4a293859b389ffa8b47aeed10e9b0c1545412ac37c51a76482cd9bbbe110152": [7, 9], "1fed7190d2975ab79c072e6f1d9d52436059d1fc959d55baf74f057d89b10fcc0dc77a50d433d4c76ddf26223c5560c4ab123b5cb5eb805a90036aa147493076": [7, 9], "subsequ": [7, 9, 11], "consid": [7, 9, 10, 11, 14, 15], "transfermethod": [7, 9], "hold": [7, 9, 11], "bleoption": [7, 9], "datael": [7, 9], "intent": [7, 9], "retain": [7, 9, 14], "intenttoretain": [7, 9], "bool": [7, 9], "cose_sign1": [7, 9], "unless": [7, 9], "responsedata": [7, 9], "respond": [7, 9], "devicenamespac": [7, 9], "dataitemnam": [7, 9], "dataitemvalu": [7, 9], "action": [7, 9, 10, 11, 12, 16], "responsestatu": [7, 9], "300": [7, 9], "doesn": [7, 9, 11, 14], "t": [7, 9, 11, 13, 14], "dispatch": [7, 9], "command": [7, 9], "destruct": [7, 9], "closur": [7, 9], "scenario": [9, 10, 11, 12, 14], "download": [9, 10], "workstat": [9, 10], "frame": [9, 10], "extract": [9, 10], "request_uri_method": [9, 10], "client_id_schem": [9, 10], "entity_id": [9, 10], "assign": [9, 10, 14], "altern": [9, 10], "mandat": [9, 10], "fetch": [9, 10, 14], "eleg": [9, 10], "polici": [9, 10, 11, 14, 16], "successful": [9, 10], "continu": [9, 10], "navig": [9, 10], "sequenc": [9, 10, 14, 15], "summar": [9, 10], "convers": [9, 10], "suppli": [9, 10], "deselect": [9, 10], "direct_post": [9, 10], "25": [9, 10, 14], "26": [9, 10, 14], "27": [9, 10, 14], "28": [9, 10, 14], "29": [9, 10, 14], "autent": [9, 10], "succed": [9, 10], "made": [9, 10, 14, 15, 16], "featur": [9, 10, 11, 14], "deem": [9, 10], "necessari": [9, 10, 11, 12, 14, 15], "better": [9, 10, 11], "explicit": [9, 10], "regard": [9, 10, 14], "usag": [9, 10, 14, 16], "prefer": [9, 10, 16], "vp_token": [9, 10, 11, 15], "response_modes_support": [9, 10, 15], "form_post": [9, 10, 15], "vp_formats_support": [9, 10, 15], "jwt_alg_valu": [9, 10, 14, 15], "presentation_definition_uri_support": [9, 10, 15], "opaqu": [9, 10], "otherwis": [9, 10, 11], "jar": [9, 10], "2freli": [9, 10], "2fcb": [9, 10], "2frequest_uri": [9, 10], "raw": [9, 10], "correct": [9, 10], "quartili": [9, 10], "good": [9, 10, 12], "balanc": [9, 10], "densiti": [9, 10], "space": [9, 10], "qualiti": [9, 10], "damag": [9, 10], "partial": [9, 10], "obscur": [9, 10], "javascript": [9, 10, 13], "qrcode": [9, 10], "poll": [9, 10], "socket": [9, 10], "cooki": [9, 10], "httponli": [9, 10], "special": [9, 10], "wait": [9, 10, 13], "202": [9, 10], "response_uri": [9, 10], "401": [9, 10], "unauthor": [9, 10, 12, 15, 16], "3be39b69": [9, 10], "6ac1": [9, 10], "41aa": [9, 10], "921b": [9, 10], "3e6c07ddcb03": [9, 10], "e0bbf2f1": [9, 10], "8c3a": [9, 10], "4eab": [9, 10], "a8ac": [9, 10], "2e8f34db8a47": [9, 10], "miicajccadogawibag": [9, 10], "awz": [9, 10], "2w3": [9, 10], "sf2": [9, 10], "walletattest": [9, 10, 15], "response_mod": [9, 10, 15], "2c128e4d": [9, 10], "fc91": [9, 10], "4cd3": [9, 10], "86b8": [9, 10], "18bdea0988cb": [9, 10], "herein": [9, 10], "alias": [9, 10], "anymor": [9, 10, 11], "insensit": [9, 10], "rfc9101": [9, 10], "presentation_definit": [9, 10, 15], "input_descriptor": [9, 10], "constraint": [9, 10, 14], "path": [9, 10, 14], "limit_disclosur": [9, 10], "aal": [9, 10, 15], "mention": [9, 10], "futur": [9, 10, 14, 15], "presentation_definition_uri": [9, 10], "Not": [9, 10, 11], "client_metadata": [9, 10], "taken": [9, 10], "client_metadata_uri": [9, 10], "miss": [9, 10], "webpath": [9, 10], "urlparam": [9, 10], "server_error": [9, 10], "unexpect": [9, 10], "fulfil": [9, 10, 11], "unabl": [9, 10, 11], "malfunct": [9, 10], "mainten": [9, 10], "try": [9, 10], "malform": [9, 10], "anoth": [9, 10, 12], "500": [9, 10, 11], "There": [9, 10, 14], "could": [9, 10, 12], "incorrect": [9, 10, 11], "failur": [9, 10, 11], "manner": [9, 10, 11, 15, 16], "addition": [9, 10], "log": [9, 10, 14], "attempt": [9, 10, 15], "recov": [9, 10, 15], "feasibl": [9, 10], "re": [9, 10], "enter": [9, 10, 14, 15, 16], "crucial": [9, 10, 11, 12], "robust": [9, 10, 11, 14], "handl": [9, 10, 14], "friendli": [9, 10], "adher": [9, 10, 14, 16], "help": [9, 10], "diagnos": [9, 10], "variou": [9, 10, 14, 15, 16], "faulti": [9, 10], "potenti": [9, 10, 11, 14], "lead": [9, 10, 11], "gather": [9, 10], "exploit": [9, 10], "why": [9, 10], "malici": [9, 10], "gain": [9, 10], "plaintext": [9, 10], "network": [9, 10], "emploi": [9, 10, 14], "tl": [9, 10, 14], "Such": [9, 10], "techniqu": [9, 10, 12], "webserv": [9, 10], "deciph": [9, 10], "transmiss": [9, 10, 14], "forward": [9, 10], "negoti": [9, 10], "actual": [9, 10, 15, 16], "actor": [9, 10, 12, 16], "segment": [9, 10], "sensit": [9, 10], "unencrypt": [9, 10], "snif": [9, 10], "eyjhbgcioijfuzi1nii": [9, 10], "9t2lq": [9, 10], "pt0ixx0": [9, 10], "presentation_submiss": [9, 10], "definition_id": [9, 10], "32f54163": [9, 10], "7166": [9, 10], "48f1": [9, 10], "93d8": [9, 10], "ff217bdb0653": [9, 10], "04a98be3": [9, 10], "7fb0": [9, 10], "4cf5": [9, 10], "af9a": [9, 10], "31579c8b0e7d": [9, 10], "descriptor_map": [9, 10], "verified_claim": [9, 10], "find": [9, 10], "3978344f": [9, 10], "8596": [9, 10], "4c3a": [9, 10], "a978": [9, 10], "8fcaba3903c5": [9, 10], "1541493724": [9, 10], "1573029723": [9, 10], "origin": [9, 10, 14], "beyond": [9, 10, 11, 14], "longer": [9, 10, 11, 14, 15], "audienc": [9, 10], "becaus": [9, 10, 11], "aris": [9, 10], "403": [9, 10], "forbidden": [9, 10], "happen": [9, 10], "occour": [9, 10], "meet": [9, 10, 14, 15], "criteria": [9, 10, 14], "stem": [9, 10], "aspect": [9, 10], "clariti": [9, 10], "proper": [9, 10], "credentialx": [9, 10], "write": [9, 10, 16], "response_cod": [9, 10], "091535f699ea575c7937fa5f0f454ae": [9, 10], "critic": [9, 10], "impact": [9, 10], "hinder": [9, 10], "seamless": [9, 10, 12, 14, 16], "implic": [9, 10], "mismatch": [9, 10], "incur": [9, 10], "rais": [9, 10], "refus": [9, 10], "precaut": [9, 10], "clear": [9, 10, 14], "2hnofs3ync9tjicaivhwlvuj3axwggz_98urfaqme": [9, 10, 14], "1649590602": [9, 10], "1649417862": [9, 10], "5s4qi": [9, 10], "wallet_relying_parti": [9, 10, 14], "application_typ": [9, 10], "client_nam": [9, 10], "9tjicaivhwlvuj3axwggz_9": [9, 10], "default_acr_valu": [9, 10], "vp_format": [9, 10, 14], "kb": [9, 10, 14], "identitycredenti": [9, 10], "const": [9, 10], "intent_to_retain": [9, 10], "enum": [9, 10], "issuer2": [9, 10], "issuer3": [9, 10], "1504700136": [9, 10, 11], "sampl": [9, 10], "eddsa": [9, 10, 15], "default_max_ag": [9, 10], "1111": [9, 10], "jarm": [9, 10, 13], "authorization_signed_response_alg": [9, 10], "authorization_encrypted_response_alg": [9, 10], "authorization_encrypted_response_enc": [9, 10], "a192cbc": [9, 10], "a128gcm": [9, 10], "a192gcm": [9, 10], "a256gcm": [9, 10], "subject_typ": [9, 10], "require_auth_tim": [9, 10], "id_token_signed_response_alg": [9, 10], "id_token_encrypted_response_alg": [9, 10], "id_token_encrypted_response_enc": [9, 10], "home": [9, 10], "tech": [9, 10, 14], "princip": [9, 10], "acr": [9, 10], "hint": [9, 10], "verifieng": [9, 10], "confgiur": [9, 10], "inaccuraci": 11, "compromis": [11, 14], "valueless": 11, "harm": 11, "life": 11, "cycl": 11, "autom": [11, 14], "provis": [11, 14], "onlin": [11, 14], "preserv": [11, 15, 16], "internet": [11, 13], "becom": [11, 15, 16], "conjunct": 11, "greater": 11, "hour": [11, 14, 15], "rotat": 11, "kept": 11, "circumst": [11, 16], "whenev": 11, "delet": [11, 15], "band": 11, "databas": 11, "trigger": 11, "touchpoint": 11, "enforc": [11, 14], "judici": 11, "polic": 11, "loss": 11, "theft": [11, 12], "physic": [11, 12], "impli": 11, "address": 11, "lose": 11, "awar": 11, "behalf": [11, 14], "entitl": 11, "etc": [11, 14], "turn": 11, "death": 11, "decid": 11, "Then": 11, "credential_pop": 11, "credentialpopjwt": 11, "jwkid": 11, "1698744039": 11, "1698744139": 11, "6f204f7e": 11, "e453": 11, "4dfd": 11, "814e": 11, "9d155319408c": 11, "credential_hash": 11, "associ": [11, 14, 15, 16], "notif": 11, "email": [11, 14], "telephon": 11, "204": 11, "No": [11, 14], "404": 11, "problem": 11, "503": 11, "unavail": [11, 14], "registerd": 11, "take": 11, "lack": 11, "interv": [11, 15], "suspens": 11, "itself": [11, 14, 16], "eyjhbgcioijfuzi1niisinr5cci6indhbgxldc1": 11, "among": [11, 14, 16], "credential_revok": 11, "credential_upd": 11, "One": 11, "defer": 11, "paradigm": 12, "iam": 12, "improv": 12, "ownership": [12, 16], "said": 12, "histori": 12, "tradit": [12, 14], "know": [12, 14], "fact": 12, "envis": 12, "login": 12, "compani": 12, "want": 12, "acquir": [12, 16], "publish": [12, 14], "educ": 12, "institut": 12, "portabl": 12, "principl": [12, 14], "character": 12, "choos": 12, "leverag": [12, 14, 16], "avoid": [12, 15], "fraud": 12, "promot": [12, 14], "border": [12, 14], "effici": [12, 14], "cost": [12, 14], "reduct": 12, "elimin": 12, "multipl": [12, 14, 15], "repetit": 12, "streamlin": [12, 14], "reduc": [12, 14], "purchas": 12, "ag": 12, "k": 13, "looker": 13, "februari": 13, "o": 13, "d": 13, "fett": 13, "presentationexch": 13, "2119": 13, "bradner": 13, "march": 13, "1997": 13, "2616": 13, "r": 13, "getti": 13, "j": 13, "mogul": 13, "frystyk": 13, "masint": 13, "l": 13, "leach": 13, "berner": 13, "lee": 13, "hypertext": 13, "transfer": [13, 15], "june": 13, "1999": 13, "3339": 13, "klyne": 13, "c": 13, "newman": 13, "doi": 13, "17487": 13, "rfc3339": 13, "juli": 13, "2002": 13, "3986": 13, "uniform": [13, 15], "syntax": 13, "7009": 13, "dronia": 13, "scurtescu": 13, "m": 13, "rfc7009": 13, "august": 13, "2013": 13, "7159": 13, "brai": 13, "interchang": 13, "2014": 13, "jone": 13, "bradlei": 13, "sakimura": 13, "2015": 13, "hildebrand": 13, "jwe": 13, "rfc7517": 13, "jwa": 13, "rfc7638": 13, "septemb": 13, "7800": [13, 15], "tschofenig": 13, "semant": 13, "april": 13, "2016": 13, "8174": 13, "leiba": 13, "ambigu": 13, "uppercas": 13, "vs": 13, "lowercas": 13, "hardt": 13, "sheffer": 13, "best": 13, "practic": 13, "2020": 13, "campbel": 13, "novemb": 13, "2022": 13, "openid4vc": [13, 15], "haip": [13, 15], "legitimaci": 14, "compli": 14, "rest": [14, 15, 16], "distribut": 14, "call": 14, "overse": 14, "fr": 14, "stamp": 14, "artifact": 14, "confidenti": 14, "measur": [14, 15], "gdpr": 14, "empow": 14, "audit": 14, "minim": 14, "anonym": [14, 15], "retent": 14, "account": 14, "disput": 14, "resolut": 14, "liabil": 14, "those": 14, "disabl": 14, "emerg": 14, "breach": 14, "scalabl": 14, "deleg": 14, "relationship": 14, "grow": 14, "remov": [14, 16], "might": 14, "scale": 14, "horizont": 14, "accommod": 14, "increas": 14, "volum": 14, "histor": 14, "extens": 14, "behavior": 14, "relianc": 14, "adapt": 14, "load": 14, "vari": 14, "particularli": 14, "peak": 14, "complex": 14, "task": 14, "cryptographi": 14, "flexibl": 14, "threat": [14, 15], "research": 14, "pre": [14, 15], "candid": 14, "monitor": 14, "ongo": 14, "similar": 14, "thereof": 14, "reflect": [14, 15], "transpar": 14, "status": 14, "foster": 14, "tool": [14, 15], "aid": 14, "earli": 14, "detect": 14, "30": 14, "tamper": [14, 15, 16], "except": 14, "summari": 14, "pki": 14, "leaf": 14, "built": 14, "p1": 14, "p2": 14, "p3": 14, "divers": 14, "p4": 14, "indirectli": 14, "p6": 14, "p5": 14, "p7": 14, "organiz": 14, "adjust": 14, "p8": 14, "autonomi": 14, "p9": 14, "unlik": 14, "coverag": 14, "satisfi": 14, "recognis": 14, "publicli": 14, "summaris": 14, "trust_mark_id": 14, "motiv": 14, "plain": 14, "keep": [14, 15], "max_path_length": 14, "1649375259": 14, "1649373279": 14, "x2zomhngsdc4zlbrcxhmt3mzrmrzog9jd3o2qjzdam51cuhhufruowd0wq": 14, "1knr9ar3mzmokyty8brvriue85nixryx4xd3k4jw7vi": 14, "slt14644zbyxyf": 14, "xmw7apdlbmuw3t1urwi4nafmtkri": 14, "ta": 14, "federation_fetch_endpoint": 14, "federation_list_endpoint": 14, "federation_trust_mark_status_endpoint": 14, "trust_mark_statu": 14, "trust_mark_issu": 14, "cryptograf": 14, "x5c": 14, "entity_typ": 14, "trustworthi": [14, 16], "trust_mark_own": 14, "trust_mark": 14, "entri": 14, "don": 14, "em3cmnzghiyfsq090n6b3op7laaqj8rghmhxgmjstqg": 14, "1649623546": 14, "1649450746": 14, "metadata_polici": 14, "subset_of": 14, "allowed_leaf_entity_typ": 14, "real": 14, "concaten": [14, 15], "convei": 14, "pertain": [14, 15], "earliest": 14, "forc": 14, "higher": 14, "abstract": [14, 15], "entityconfigur": 14, "signedjwt": 14, "selfissu": 14, "byleaf": 14, "entitystat": 14, "bytrustanchor": 14, "eyjhbgcioijfuzi1niisimtpzci6ik5gttfxvvzpvwxzelvxcexhbwxmy0vwufjwwtjwwfpjumpcblfywm1ssghlwvvwwvvszfrrbkeytkeilcj0exaioijhchbsawnhdglvbi9lbnrpdhktc3rhdgvtzw50k2p3dcj9": 14, "eyjlehaioje2ndk1ota2mdisimlhdci6mty0otqxnzg2miwiaxnzijoiahr0chm6ly9ycc5legftcgxllm9yzyisinn1yii6imh0dhbzoi8vcnauzxhhbxbszs5vcmcilcjqd2tzijp7imtlexmiolt7imt0esi6ikvdiiwia2lkijoitkznmvdvvmlvbfl6vvdwtgftbgzjrxbqulzzmlzywklsakjuuvhabvjiaetzvvzzvwxkvffuqtjoqsisimnydii6ilatmju2iiwieci6invzbemzd2qtcfgzd3o0yljzbnd5m2x6cgjhwkzotjk2aewyquhbm01rnlkilcj5ijoivkxdqlhgv2xktlnosxo4a0gyoxzmujromthca3dht1gynnprb3j1utfnncj9xx0sim1ldgfkyxrhijp7im9wzw5pzf9yzwx5aw5nx3bhcnr5ijp7imfwcgxpy2f0aw9ux3r5cguioij3zwiilcjjbgllbnrfawqioijodhrwczovl3jwlmv4yw1wbguub3jnlyisimnsawvudf9yzwdpc3ryyxrpb25fdhlwzxmiolsiyxv0b21hdgljil0simp3a3mionsia2v5cyi6w3sia3r5ijoirumilcjrawqioijork0xv1vwavvswxpvv3bmyw1szmnfcfbsvlkyvlhasvjqqm5rwfptukhos1lvvllvbgruuw5bmk5biiwiy3j2ijoiuc0yntyilcj4ijoidxnsqzn3zc1wwdn3ejriullud3kzbhpwykdarmhootzotdjbseeztve2wsisinkioijwtencwezxbgrou05jejhrsdi5dkxsne4xoejrd0dpwdi2elfvcnvrmu00in1dfswiy2xpzw50x25hbwuioijoyw1lig9migfuigv4yw1wbgugb3jnyw5pemf0aw9uiiwiy29udgfjdhmiolsib3bzqhjwlmv4yw1wbguuaxqixswiz3jhbnrfdhlwzxmiolsicmvmcmvzaf90b2tlbiisimf1dghvcml6yxrpb25fy29kzsjdlcjyzwrpcmvjdf91cmlzijpbimh0dhbzoi8vcnauzxhhbxbszs5vcmcvb2lkyy9ycc9jywxsymfjay8ixswicmvzcg9uc2vfdhlwzxmiolsiy29kzsjdlcjzy29wzsi6imv1lmv1cm9wys5lyy5ldwrpdy5wawqumsblds5ldxjvcgeuzwmuzxvkaxcucglklml0ljegzw1hawwilcjzdwjqzwn0x3r5cguioijwywlyd2lzzsj9lcjmzwrlcmf0aw9ux2vudgl0esi6eyjmzwrlcmf0aw9ux3jlc29sdmvfzw5kcg9pbnqioijodhrwczovl3jwlmv4yw1wbguub3jnl3jlc29sdmuviiwib3jnyw5pemf0aw9ux25hbwuioijfegftcgxlifjqiiwiag9tzxbhz2vfdxjpijoiahr0chm6ly9ycc5legftcgxllml0iiwicg9sawn5x3vyasi6imh0dhbzoi8vcnauzxhhbxbszs5pdc9wb2xpy3kilcjsb2dvx3vyasi6imh0dhbzoi8vcnauzxhhbxbszs5pdc9zdgf0awmvbg9nby5zdmcilcjjb250ywn0cyi6wyj0zwnoqgv4yw1wbguuaxqixx19lcj0cnvzdf9tyxjrcyi6w3siawqioijodhrwczovl3jlz2lzdhj5lmvpzgfzlnrydxn0lwfuy2hvci5legftcgxllmv1l29wzw5pzf9yzwx5aw5nx3bhcnr5l3b1ymxpyy8ilcj0cnvzdf9tyxjrijoizxlkacbcdtiwmjyifv0simf1dghvcml0ev9oaw50cyi6wyjodhrwczovl2ludgvybwvkawf0zs5lawrhcy5legftcgxllm9yzyjdfq": 14, "un315hdckvhya": 14, "irregzaml7pnfjqh2apz82blqo5s0sl1jr0tefp5e1t913g8gnuwggtmquqhpzwv6bvtla8g": 14, "eyjhbgcioijfuzi1niisimtpzci6ilnurkrxv2hky0dwwfgzqjnsvmraywtsq0xutnvna000wtngnlfutk9krxryzfhgwvlywjjjwgn0uveilcj0exaioijhchbsawnhdglvbi9lbnrpdhktc3rhdgvtzw50k2p3dcj9": 14, "eyjlehaioje2ndk2mjm1ndysimlhdci6mty0otq1mdc0niwiaxnzijoiahr0chm6ly9pbnrlcm1lzglhdguuzwlkyxmuzxhhbxbszs5vcmcilcjzdwiioijodhrwczovl3jwlmv4yw1wbguub3jniiwiandrcyi6eyjrzxlzijpbeyjrdhkioijfqyisimtpzci6ik5gttfxvvzpvwxzelvxcexhbwxmy0vwufjwwtjwwfpjumpcblfywm1ssghlwvvwwvvszfrrbkeytkeilcjjcnyioijqlti1niisingioij1c2xdm3dklxbym3d6ngjsww53etnsenbir1pgae45nmhmmkfiqtnnutzziiwiesi6ilzmq0jyrldsze5ttkl6ogtimjl2tfi0tje4qmt3r09ymjz6uw9ydvexttqifv19lcjtzxrhzgf0yv9wb2xpy3kionsib3blbmlkx3jlbhlpbmdfcgfydhkionsic2nvcguionsic3vic2v0x29mijpbimv1lmv1cm9wys5lyy5ldwrpdy5wawqumswgigv1lmv1cm9wys5lyy5ldwrpdy5wawquaxqumsjdfswicmvxdwvzdf9hdxrozw50awnhdglvbl9tzxrob2rzx3n1chbvcnrlzci6eyjvbmvfb2yiolsicmvxdwvzdf9vymply3qixx0sinjlcxvlc3rfyxv0agvudgljyxrpb25fc2lnbmluz19hbgdfdmfsdwvzx3n1chbvcnrlzci6eyjzdwjzzxrfb2yiolsiulmyntyilcjsuzuxmiisikvtmju2iiwirvm1mtiilcjquzi1niisilbtnteyil19fx0sinrydxn0x21hcmtzijpbeyjpzci6imh0dhbzoi8vdhj1c3qtyw5jag9ylmv4yw1wbguuzxuvb3blbmlkx3jlbhlpbmdfcgfydhkvchvibgljlyisinrydxn0x21hcmsioijleupoyibcdtiwmjyifv19": 14, "_qt5": 14, "t6dahp3tuwa_27kle8i9z_spk2ftqlky6pgmpchbsi2ahxy3aaxdurobpo4chtqgg3j2xcrghdfucfgeq": 14, "eyjhbgcioijfuzi1niisimtpzci6imvxa3pubwt0ww5kblzhmwxhmju1zdjkq2rvzersazqwuwt0wvlvmwfhrfzyt1robfphdfdxsgq1wncilcj0exaioijhchbsawnhdglvbi9lbnrpdhktc3rhdgvtzw50k2p3dcj9": 14, "eyjlehaioje2ndk2mjm1ndysimlhdci6mty0otq1mdc0niwiaxnzijoiahr0chm6ly90cnvzdc1hbmnob3iuzxhhbxbszs5ldsisinn1yii6imh0dhbzoi8vaw50zxjtzwrpyxrllmvpzgfzlmv4yw1wbguub3jniiwiandrcyi6eyjrzxlzijpbeyjrdhkioijfqyisimtpzci6ilnurkrxv2hky0dwwfgzqjnsvmraywtsq0xutnvna000wtngnlfutk9krxryzfhgwvlywjjjwgn0uveilcjjcnyioijqlti1niisingioijyql9bogdcunh5njhvtkxzrkzlr0zmr2vmwu5xymgtszh1os1gylqyzkzjiiwiesi6ilnuwvk2y3njznkxcjbisfhltgjuvfzsamfndzhozznrues2wfvoc2uzdkuifv19lcj0cnvzdf9tyxjrcyi6w3siawqioijodhrwczovl3rydxn0lwfuy2hvci5legftcgxllmv1l2zlzgvyyxrpb25fzw50axr5l3royxqtchjvzmlszsisinrydxn0x21hcmsioijleupoyibcdtiwmjyifv19": 14, "r3uoi": 14, "u0tx0gdflndditbcwznupy7m2tnh08jld": 14, "ej9vmzwmcxoccuwin0zt0js4m_shneig6tlxrqj": 14, "hti70g": 14, "At": 14, "attain": 14, "propag": 14, "thu": [14, 16], "build": 14, "inquir": 14, "amount": 14, "matter": 14, "especi": 14, "perimet": 14, "jurisdict": 14, "snapshot": 14, "overload": 14, "manipul": 15, "falsif": 15, "place": 15, "met": 15, "therebi": 15, "accur": 15, "repeat": 15, "pseudo": 15, "imposs": 15, "lost": 15, "guarante": [15, 16], "walletprovid": 15, "d2jhy2nhbg91cmvqdwfuzgft": 15, "rel": [15, 16], "exist": 15, "android": [15, 16], "io": [15, 16], "sdk": 15, "invok": 15, "safe": 15, "essenti": 15, "bootload": 15, "plai": [15, 16], "devicecheck": 15, "add": 15, "key_attest": 15, "base64": 15, "put": 15, "0fe3cbe0": 15, "646d": 15, "44b5": 15, "8808": 15, "917dd5391bd9": 15, "o2nmbxrvyxbwbgutyxbw": 15, "redact": 15, "hardware_key_tag": 15, "wqhydymfksp95ifqpzdedww4l7avna2fn4jcewhytbu": 15, "flaw": 15, "shuld": 15, "although": 15, "presenc": 15, "correctli": 15, "reiniti": 15, "client_data": 15, "client_data_hash": 15, "4hnpti": 15, "xr2pjyrjkgmnz4wmdnqd_ujsq4r95nj98b44": 15, "liznsb39vfjhygs3k7jxe4r3": 15, "cogfqwztpbirqpnlrg": 15, "hardware_signatur": 15, "integrity_assert": 15, "custom": 15, "wallet_hardware_key_tag": 15, "public_jwk": 15, "var": 15, "6ec69324": 15, "60a8": 15, "4e5b": 15, "a697": 15, "a766d85790ea": 15, "walletattestationrequest": 15, "kozihvcnaqccoiawgaib": 15, "o2nmbxrvyxbwbgutyxbwyx": 15, "jwt_vc_json": 15, "alg_values_support": 15, "es256k": 15, "jwt_vp_json": 15, "7523": 15, "bearer": 15, "3agrant": 15, "3ajwt": 15, "eyjhbgcioijfuzi1niisimtpzci6imtoakzwte9nrjnheg": 15, "reconstruct": 15, "5t5yypbhn": [15, 16], "egieei5iuzr6r0mr02lnvq0omekmnkcji": [15, 16], "eyjhbgcioijfuz": 15, "6s0a": 15, "jjla": 15, "h9gw": 15, "1687281195": 15, "1687288395": 15, "eyjhbgcioijfuzi1niisinr5cci6indhbgx": 15, "8414": 15, "boolean": 15, "comprehens": 16, "cater": 16, "asset": 16, "effect": 16, "total": 16, "conveni": 16, "vital": 16, "Their": 16, "utmost": 16, "distinct": 16, "unlock": 16, "pin": 16, "biometr": 16, "fingerprint": 16, "facial": 16, "recognit": 16, "unambigu": 16, "revert": 16, "voluntarili": 16, "aal_values_support": 16, "context": 16, "medium": 16, "token_endpoint_auth_methods_suppor": 16, "ted": 16, "token_endpoint_auth_signing_alg_va": 16, "lues_support": 16, "experiment": 16, "qrjrj3af_b57sboirrcbm7br7woc8ynj7lhfpteffuk": 16, "1h0cwdyggvu8w": 16, "kpku_xycocunt2o0bwsliqtnpu6im": 16, "basic": 16, "private_key_jwt": 16, "1687171759": 16, "1709290159": 16, "inherit": 16, "extend": 16, "trusti": 16, "enclav": 16}, "objects": {}, "objtypes": {}, "objnames": {}, "titleterms": {"cryptograph": 0, "algorithm": 0, "backup": 1, "restor": 1, "rst": [1, 8], "gener": [1, 8, 14, 15], "properti": [1, 8, 14, 15], "requir": [1, 8, 11, 14, 15, 16], "attribut": [1, 8], "implement": [1, 4, 8], "consider": [1, 8, 14], "librari": [1, 8], "code": [1, 8], "snippet": [1, 8], "extern": [1, 8, 16], "refer": [1, 8, 13, 16], "how": 2, "contribut": 2, "acknowledg": 2, "norm": [3, 5], "languag": 3, "convent": 3, "defin": 3, "term": 3, "acronym": 3, "The": [4, 14], "italian": 4, "eudi": [4, 14], "wallet": [4, 11, 14, 15, 16], "profil": 4, "introduct": [4, 12], "index": 4, "content": 4, "pid": [5, 6], "q": [5, 6], "eaa": [5, 6], "data": 5, "model": [5, 14], "sd": 5, "jwt": 5, "paramet": [5, 6, 14], "claim": 5, "non": [5, 14], "exampl": 5, "mdoc": [5, 7, 9], "cbor": 5, "namespac": 5, "mobil": 5, "secur": [5, 9, 10], "object": [5, 9, 10], "issuanc": 6, "high": 6, "level": 6, "flow": [6, 7, 9, 10, 11], "detail": [6, 9, 10], "push": 6, "author": [6, 9, 10], "request": [6, 7, 9, 10, 11, 15], "endpoint": [6, 9, 10, 14, 16], "par": 6, "http": [6, 9, 10, 11], "respons": [6, 7, 9, 10, 11], "token": 6, "access": 6, "credenti": [6, 11], "entiti": [6, 9, 10, 14], "configur": [6, 9, 10, 14], "issuer": 6, "proxim": [7, 9], "devic": [7, 9, 10], "engag": [7, 9], "session": [7, 9], "termin": [7, 9], "pseudonym": 8, "reli": [9, 10, 14], "parti": [9, 10, 14], "solut": [9, 16], "remot": [9, 10], "uri": [9, 10], "post": [9, 10], "cross": [9, 10], "statu": [9, 10, 11], "check": [9, 10], "error": [9, 10], "redirect": [9, 10], "lifecycl": [11, 16], "oper": [11, 16], "function": [11, 14], "revoc": 11, "us": 11, "case": 11, "instanc": [11, 15, 16], "attest": [11, 14, 15, 16], "present": 11, "verifi": 11, "proof": 11, "possess": 11, "self": 12, "sovereign": 12, "ident": 12, "ssi": 12, "technic": 13, "infrastructur": 14, "trust": 14, "feder": 14, "role": 14, "api": 14, "common": 14, "anchor": 14, "leav": 14, "intermedi": 14, "metadata": [14, 16], "type": 14, "statement": 14, "evalu": 14, "mechan": 14, "chain": 14, "offlin": 14, "repudi": 14, "long": 14, "live": 14, "privaci": 14, "remark": 14, "about": 14, "decentr": 14, "static": 15, "compon": 15, "view": 15, "dynam": 15, "initi": [15, 16], "registr": 15, "acquisit": 15, "process": 16, "transit": 16, "valid": 16, "state": 16, "return": 16, "deactiv": 16, "provid": 16, "header": 16, "payload": 16, "wallet_provid": 16, "federation_ent": 16}, "envversion": {"sphinx.domains.c": 2, "sphinx.domains.changeset": 1, "sphinx.domains.citation": 1, "sphinx.domains.cpp": 6, "sphinx.domains.index": 1, "sphinx.domains.javascript": 2, "sphinx.domains.math": 2, "sphinx.domains.python": 3, "sphinx.domains.rst": 2, "sphinx.domains.std": 2, "sphinx.ext.intersphinx": 1, "sphinx.ext.todo": 2, "sphinx": 56}}) \ No newline at end of file +Search.setIndex({"docnames": ["algorithms", "backup-restore", "contribute", "defined-terms", "index", "pid-eaa-data-model", "pid-eaa-issuance", "proximity-flow", "pseudonyms", "relying-party-solution", "remote-flow", "revocation-lists", "ssi-introduction", "standards", "trust", "wallet-attestation", "wallet-solution"], "filenames": ["algorithms.rst", "backup-restore.rst", "contribute.rst", "defined-terms.rst", "index.rst", "pid-eaa-data-model.rst", "pid-eaa-issuance.rst", "proximity-flow.rst", "pseudonyms.rst", "relying-party-solution.rst", "remote-flow.rst", "revocation-lists.rst", "ssi-introduction.rst", "standards.rst", "trust.rst", "wallet-attestation.rst", "wallet-solution.rst"], "titles": ["Cryptographic algorithms", "backup-restore.rst", "How to contribute", "Normative Language and Conventions", "The Italian EUDI Wallet implementation profile", "PID/(Q)EAA Data Model", "PID/(Q)EAA Issuance", "Proximity Flow", "pseudonyms.rst", "Relying Party Solution", "Remote Flow", "Credential Lifecycle", "Self Sovereign Identity", "Technical References", "The Infrastructure of Trust", "Wallet Attestation", "Wallet Solution"], "terms": {"tutti": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "gli": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "esempi": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "contenuti": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "questa": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "documentazion": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "sono": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "da": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "intendersi": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "come": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "non": [0, 1, 2, 3, 4, 6, 7, 8, 9, 10, 11, 12, 13, 15, 16], "normativi": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "all": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "exampl": [0, 1, 2, 3, 4, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "contain": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "thi": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "document": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "ar": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "meant": [0, 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16], "norm": [0, 1, 2, 4, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "The": [0, 2, 3, 5, 6, 7, 9, 10, 11, 12, 13, 15, 16], "follow": [0, 2, 4, 5, 6, 7, 9, 10, 11, 12, 14, 15], "must": [0, 3, 5, 6, 7, 9, 10, 11, 14, 15, 16], "support": [0, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "alg": [0, 5, 6, 9, 10, 11, 14, 15, 16], "paramet": [0, 1, 4, 8, 9, 10, 11, 15, 16], "valu": [0, 1, 5, 6, 7, 8, 9, 10, 11, 14, 15, 16], "descript": [0, 1, 2, 3, 5, 6, 7, 8, 9, 10, 11, 14, 15], "oper": [0, 3, 4, 6, 9, 10, 14, 15], "refer": [0, 3, 4, 5, 6, 7, 9, 11, 12, 14, 15], "es256": [0, 5, 6, 9, 10, 11, 14, 15, 16], "ellipt": [0, 7, 9], "curv": [0, 5, 7, 9], "digit": [0, 3, 4, 5, 6, 9, 10, 11, 12, 14, 15, 16], "signatur": [0, 3, 5, 6, 7, 9, 10, 11, 13, 14, 15, 16], "ecdsa": [0, 9, 10], "us": [0, 3, 4, 5, 6, 7, 9, 10, 12, 13, 14, 15, 16], "one": [0, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15], "enabl": [0, 3, 9, 10, 12, 14, 16], "list": [0, 2, 3, 4, 5, 6, 9, 10, 11, 12, 14, 15, 16], "section": [0, 5, 6, 7, 9, 10, 11, 14, 15, 16], "below": [0, 2, 3, 4, 5, 6, 7, 9, 10, 11, 14, 15, 16], "sha256": [0, 15], "rfc": [0, 5, 6, 9, 10, 11, 13, 14, 15, 16], "7518": [0, 13], "sog": 0, "IS": 0, "etsi": [0, 5], "es384": [0, 6, 9, 10, 14, 15, 16], "sha384": 0, "es512": [0, 6, 16], "sha521": 0, "rsa": [0, 6, 9, 10], "oaep": [0, 9, 10], "256": [0, 5, 6, 7, 9, 10, 11, 14, 15, 16], "encrypt": [0, 5, 6, 7, 9, 10, 11, 13, 14, 15], "scheme": [0, 4, 6, 9, 10, 12], "optim": 0, "asymmetr": [0, 6, 15, 16], "pad": 0, "hash": [0, 5, 6, 7, 9, 11, 15], "function": [0, 3, 4, 5, 7, 9, 15, 16], "mgf1": 0, "sha": [0, 5, 6, 7, 9, 10, 11], "mask": 0, "gener": [0, 3, 4, 5, 6, 7, 9, 10, 13], "kei": [0, 1, 3, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], "7516": [0, 6, 9, 10, 11, 13, 15], "a128cbc": [0, 9, 10], "hs256": [0, 9, 10], "ae": 0, "cipher": [0, 7, 9], "block": [0, 7, 9, 11], "chain": [0, 4, 5, 6, 9, 10, 15], "mode": [0, 7, 9, 10, 13], "128": [0, 6, 9, 10], "bit": [0, 6, 9, 10], "initi": [0, 2, 3, 4, 6, 7, 9, 11], "vector": 0, "plu": 0, "hmac": 0, "authent": [0, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "truncat": 0, "content": [0, 5, 6, 9, 10, 11, 15], "a256cbc": [0, 9, 10], "hs512": [0, 9, 10], "512": [0, 6], "famili": [0, 5, 6], "short": [0, 6, 7, 9, 14, 16], "name": [0, 5, 6, 7, 9, 10, 14, 15, 16], "brainpool": 0, "brainpoolp256r1": 0, "brainpoolp384r1": 0, "brainpoolp512r1": 0, "5639": 0, "nist": 0, "p": [0, 5, 6, 9, 10, 13, 14, 15, 16], "384": 0, "521": 0, "fip": 0, "186": 0, "4": [0, 5, 6, 7, 9, 10, 11, 14, 15], "iso": [0, 5, 7, 9, 10], "iec": [0, 5], "14888": 0, "3": [0, 5, 6, 7, 9, 10, 11, 14, 15, 16], "recommend": [0, 3, 5, 6, 9, 10, 11, 14], "ps256": 0, "rsassa": 0, "appendix": [0, 6], "pss": 0, "probabilist": 0, "ps384": 0, "ps512": 0, "sha512": 0, "ecdh": 0, "es": 0, "diffi": 0, "hellman": 0, "ephemer": [0, 7, 9, 15], "static": [0, 4, 9, 10, 14], "agreement": [0, 7, 9], "concat": 0, "deriv": [0, 6, 7, 9, 11, 14], "kdf": 0, "a128kw": 0, "cek": 0, "wrap": 0, "length": [0, 5, 6, 7, 9, 10], "a256kw": 0, "NOT": [0, 3, 5, 6, 9, 10, 11, 14, 15], "none": [0, 6, 9, 10, 11, 15], "rsa_1_5": 0, "rsae": 0, "pkcs1": 0, "v1_5": 0, "secur": [0, 3, 4, 6, 7, 11, 12, 13, 14, 15, 16], "vulner": 0, "default": [0, 9, 10, 14], "hs384": [0, 9, 10], "what": [1, 8, 12, 14], "useful": [1, 8], "todo": [1, 8], "req": [1, 8, 9, 10], "1": [1, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15, 16], "2": [1, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15, 16], "tabl": [1, 5, 6, 7, 8, 9, 10, 11, 14, 15], "claim": [1, 3, 4, 6, 8, 9, 10, 11, 14, 15, 16], "IT": [2, 3, 4, 5, 6, 7, 9, 16], "wallet": [2, 3, 5, 6, 7, 9, 10, 12, 13], "project": [2, 4], "includ": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "an": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "open": [2, 16], "develop": [2, 4, 14, 15], "process": [2, 3, 4, 5, 6, 9, 10, 11, 12, 14], "approach": [2, 5, 12, 14], "ensur": [2, 4, 5, 6, 9, 10, 11, 12, 14, 15, 16], "access": [2, 3, 4, 5, 9, 10, 11, 12, 14, 15, 16], "invit": 2, "interest": 2, "parti": [2, 3, 4, 5, 6, 11, 12, 15, 16], "particip": [2, 3, 4, 14], "consequ": 2, "stakehold": [2, 14], "nation": [2, 3, 4, 5, 6, 11, 12, 16], "intern": [2, 9, 10, 11], "commun": [2, 4, 6, 7, 9, 10, 11], "member": [2, 4, 5, 6, 9, 10, 11, 12, 14], "onli": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "encourag": 2, "also": [2, 3, 5, 6, 9, 10, 11, 12, 14, 15, 16], "heartili": 2, "welcom": 2, "refin": 2, "technic": [2, 3, 4, 6, 7, 9, 10, 11, 14], "rule": [2, 3, 4, 5, 14], "sever": [2, 9, 10, 14], "method": [2, 6, 7, 9, 10, 11, 15, 16], "avail": [2, 9, 10, 14, 15, 16], "github": 2, "issu": [2, 3, 5, 6, 9, 10, 11, 12, 14, 15, 16], "By": [2, 5, 16], "you": 2, "can": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "seek": 2, "clarif": 2, "propos": 2, "enhanc": [2, 3, 4, 9, 10, 12, 14], "report": [2, 11, 14], "editori": 2, "typo": 2, "If": [2, 5, 6, 7, 9, 10, 11, 14, 15], "work": 2, "we": [2, 5], "draft": [2, 5, 6, 11, 13, 14], "pull": 2, "request": [2, 3, 4, 12, 14, 16], "link": [2, 6, 9, 10, 11, 15], "repres": [2, 5, 6, 7, 9, 10, 14, 15, 16], "activ": [2, 7, 9, 11, 12, 14, 16], "typic": [2, 6, 12], "alwai": [2, 3, 12, 14, 15], "base": [2, 5, 6, 7, 9, 10, 11, 12, 13, 14], "discuss": [2, 6], "onc": [2, 6, 9, 10, 15, 16], "facilit": [2, 14], "review": [2, 16], "chang": [2, 5, 9, 10, 11, 14], "befor": [2, 3, 6, 14, 15], "thei": [2, 3, 9, 10, 11, 12, 14, 15], "merg": 2, "main": [2, 5, 6, 11, 12, 14, 15], "branch": 2, "version": [2, 5, 7, 9, 15, 16], "corrent": 2, "italia": 2, "slack": 2, "channel": [2, 7, 9, 11], "messag": [2, 6, 7, 9, 10, 11], "applic": [2, 3, 6, 9, 10, 11, 12, 13, 14, 15, 16], "design": [2, 3, 12, 14, 15, 16], "busi": 2, "connect": [2, 5, 6, 7, 9, 11, 13, 16], "peopl": [2, 12], "inform": [2, 3, 5, 7, 9, 10, 11, 12, 14, 15, 16], "need": [2, 6, 9, 10, 11, 12, 14, 15, 16], "from": [2, 3, 5, 6, 7, 9, 10, 11, 14, 15, 16], "public": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "administr": [2, 5, 11, 12, 14], "technician": 2, "student": 2, "citizen": [2, 3, 5, 12], "ha": [2, 4, 5, 6, 7, 9, 10, 11, 14, 15, 16], "everyon": 2, "join": 2, "free": 2, "http": [2, 4, 5, 7, 13, 14, 15, 16], "where": [2, 5, 6, 9, 10, 11, 12, 14, 15], "learn": 2, "about": [2, 4, 9, 10, 11, 12, 15, 16], "partak": 2, "would": [2, 6, 12], "like": [2, 3, 14], "thank": [2, 14], "individu": [2, 12, 14, 15], "comment": 2, "concern": [2, 4, 14], "idea": 2, "some": [2, 5, 6, 9, 10, 11, 14], "which": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "substanti": [2, 3], "implement": [2, 3, 5, 6, 7, 9, 10, 11, 14], "profil": [2, 3, 5, 6, 7, 9, 11, 13, 14], "set": [2, 4, 5, 6, 7, 9, 10, 11, 14, 15, 16], "alen": 2, "horvat": 2, "amir": 2, "sharif": 2, "andrea": 2, "prosseda": 2, "emanuel": 2, "de": 2, "cupi": 2, "emiliano": 2, "vernini": 2, "francesco": 2, "grauso": 2, "marino": 2, "ventola": 2, "giada": 2, "sciarretta": 2, "giusepp": 2, "marco": 2, "klaa": 2, "wierenga": 2, "kristina": 2, "yasuda": [2, 13], "leif": 2, "johansson": 2, "lorenzo": 2, "cerini": 2, "marta": 2, "sciunnach": 2, "michel": 2, "silletti": 2, "nicola": 2, "saitto": 2, "niel": 2, "van": 2, "dijk": 2, "paul": 2, "bastien": 2, "pasqual": 2, "rose": 2, "peter": 2, "altmann": 2, "riccardo": 2, "iaconelli": 2, "roland": 2, "hedberg": 2, "salvator": 2, "laiso": 2, "manfredi": 2, "stefano": 2, "alifuoco": 2, "takahiko": 2, "kawasaki": 2, "torsten": 2, "lodderstedt": [2, 13], "vladimir": 2, "duzhinov": 2, "anyon": 2, "been": [2, 6, 11, 15], "forgotten": 2, "pleas": [2, 4, 14, 16], "accept": [2, 6, 7, 9, 10, 11], "our": 2, "apolog": 2, "modif": [2, 14], "page": [2, 9, 10, 16], "via": [2, 6, 7, 9, 14, 15], "com": [2, 9, 10, 15], "eudi": [2, 6, 7, 9, 10, 13, 16], "doc": [2, 6], "brief": 2, "offer": [2, 6, 9, 10, 15, 16], "dure": [2, 3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "event": 2, "period": [2, 9, 10, 11, 14, 15], "have": [2, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "opportun": 2, "again": [2, 9, 10], "make": [2, 5, 6, 14, 15], "amend": 2, "soon": 2, "possibl": [2, 5, 7, 9, 10, 14], "word": [3, 13], "requir": [3, 4, 5, 6, 7, 9, 10, 13], "shall": [3, 5, 6, 7, 9, 11], "should": [3, 5, 6, 7, 9, 10, 11, 14, 15], "mai": [3, 5, 6, 7, 9, 10, 11, 13, 14, 15, 16], "option": [3, 5, 7, 9, 10, 12], "interpret": 3, "describ": [3, 5, 6, 7, 9, 10, 11, 14, 15], "bcp": [3, 13], "14": [3, 6, 9, 10, 13, 14, 15], "rfc2119": 3, "rfc8174": [3, 13], "when": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "appear": 3, "capit": 3, "shown": [3, 6, 9, 10], "here": [3, 16], "user": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "trust": [3, 4, 5, 6, 9, 10, 12, 15, 16], "servic": [3, 4, 5, 6, 11, 12, 14, 15, 16], "model": [3, 4, 6, 7, 9, 10, 12, 15, 16], "framework": [3, 4, 6, 9, 10, 13, 14, 16], "attribut": [3, 4, 5, 7, 9, 10, 11, 14, 16], "electron": [3, 4, 14, 16], "attest": [3, 4, 5, 6, 9, 10, 12], "provid": [3, 4, 5, 6, 7, 9, 10, 11, 12, 14, 15], "tsp": [3, 14], "person": [3, 5, 6, 9, 10, 11, 12, 14, 15, 16], "identif": [3, 4, 5, 6, 9, 10, 11, 12, 14, 16], "data": [3, 4, 6, 7, 9, 10, 11, 12, 13, 14, 15, 16], "pid": [3, 4, 9, 10, 11, 14, 16], "revoc": [3, 4, 6, 9, 10, 13, 14, 15, 16], "qualifi": [3, 14, 16], "qtsp": [3, 14], "eaa": [3, 4, 9, 14, 16], "eida": [3, 4, 5, 6, 7, 9, 12, 13, 14], "arf": [3, 4, 5, 6, 13, 14], "definit": [3, 9, 10, 11, 12, 13, 14, 16], "further": [3, 4, 6, 7, 9, 11, 14, 15, 16], "insight": 3, "topic": 3, "complement": [3, 14], "interact": [3, 6, 9, 10, 12, 14, 15, 16], "compon": [3, 4, 6, 7, 9, 10, 14], "accredit": [3, 14, 15], "bodi": [3, 6, 9, 10, 11, 14, 15], "entiti": [3, 4, 11, 15, 16], "feder": [3, 4, 6, 9, 10, 13, 15, 16], "author": [3, 4, 5, 11, 12, 13, 14, 15, 16], "respons": [3, 4, 13, 14, 15, 16], "manag": [3, 6, 11, 12, 14, 15, 16], "verif": [3, 6, 7, 9, 11, 12, 14, 15, 16], "certif": [3, 5, 11, 12, 14, 15], "ecosystem": [3, 4, 12, 14, 16], "role": [3, 4, 11, 12, 16], "ident": [3, 4, 6, 9, 10, 11, 14, 16], "recogn": [3, 12], "state": [3, 4, 6, 9, 10, 12, 14, 15], "identifi": [3, 5, 6, 7, 9, 10, 11, 13, 14, 15, 16], "issuanc": [3, 4, 5, 9, 10, 11, 13, 14, 16], "master": 3, "alreadi": [3, 6, 15], "present": [3, 4, 5, 6, 7, 9, 10, 12, 13, 14, 15, 16], "italian": [3, 5, 6, 14], "system": [3, 6, 12, 14, 15, 16], "credenti": [3, 4, 5, 7, 9, 10, 12, 13, 14, 15, 16], "sign": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "whose": [3, 9, 10, 15], "integr": [3, 5, 6, 12, 14, 15, 16], "cryptograph": [3, 4, 5, 6, 9, 10, 11, 12, 14, 15, 16], "verifi": [3, 4, 5, 6, 7, 9, 10, 12, 13, 14, 15, 16], "its": [3, 6, 7, 9, 10, 11, 14, 15, 16], "issuer": [3, 4, 5, 7, 9, 10, 11, 12, 14], "It": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "known": [3, 4, 6, 7, 9, 10, 14, 15, 16], "A": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "govern": [3, 12, 14], "guidelin": [3, 4, 15], "administ": 3, "directli": [3, 6, 9, 10, 15], "through": [3, 5, 6, 7, 9, 10, 11, 14, 15], "intermediari": [3, 9, 10, 14], "statu": [3, 4, 5, 6, 7, 14, 15, 16], "elig": [3, 4], "evalu": [3, 4, 6, 9, 10, 16], "perform": [3, 6, 7, 9, 10, 15, 16], "oversight": 3, "instanc": [3, 4, 5, 6, 7, 9, 10, 14], "solut": [3, 4, 6, 10, 14], "instal": [3, 6, 15, 16], "mobil": [3, 4, 6, 7, 9, 10, 12, 15, 16], "devic": [3, 4, 6, 11, 12, 14, 15, 16], "control": [3, 5, 6, 12, 14, 16], "specif": [3, 5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "who": [3, 6, 11, 12, 14], "sole": 3, "owner": [3, 5, 12, 14], "fulli": 3, "autonom": [3, 14], "privat": [3, 5, 6, 7, 9, 10, 11, 14, 15], "conform": [3, 6], "prove": [3, 5, 12, 14], "compliac": 3, "format": [3, 4, 5, 6, 7, 9, 10, 11, 13, 14, 15, 16], "sent": [3, 5, 6, 9, 10], "backend": [3, 15], "obtain": [3, 5, 6, 7, 9, 10, 11, 14, 15, 16], "hardwar": [3, 9, 10, 14, 15], "back": [3, 11, 15], "environ": [3, 9, 10, 15, 16], "creat": [3, 6, 7, 9, 10, 11, 15], "store": [3, 5, 6, 7, 9, 11, 12, 14, 15, 16], "element": [3, 5, 7, 9, 12, 15], "se": [3, 6, 15], "execut": [3, 15, 16], "tee": [3, 15, 16], "strongbox": [3, 15], "relat": [3, 5, 6, 7, 9, 10, 11, 14, 15, 16], "revok": [3, 6, 11, 12, 14, 15], "manufactur": [3, 15], "app": [3, 6, 7, 9, 15, 16], "well": [3, 6, 9, 10, 11, 14, 15, 16], "certifi": [3, 6, 14, 16], "storag": [3, 6, 11, 14, 15], "within": [3, 5, 6, 7, 9, 10, 11, 14, 15, 16], "dedic": [3, 14], "s": [3, 4, 5, 7, 9, 10, 11, 12, 13, 14, 15, 16], "import": 3, "note": [3, 4, 6, 14], "terminolog": 3, "vari": [3, 14], "among": [3, 11, 14, 16], "pair": [3, 5, 6, 7, 9, 15], "remain": [3, 9, 10, 12, 14], "valid": [3, 4, 5, 6, 7, 9, 10, 11, 12, 14, 15], "entir": [3, 6, 9, 10, 14, 16], "durat": 3, "life": [3, 11], "confin": 3, "os": 3, "domain": [3, 5, 11, 14], "arbitrari": 3, "payload": [3, 4, 5, 6, 9, 10, 11, 15], "Their": [3, 16], "primari": [3, 6, 7, 9, 16], "uniqu": [3, 5, 6, 9, 10, 11, 14, 15, 16], "each": [3, 5, 6, 7, 9, 10, 11, 14, 15, 16], "tag": [3, 5, 15], "util": [3, 5, 7, 9, 10, 16], "gain": [3, 9, 10], "oem": [3, 15], "your": 3, "confid": [3, 7, 9, 16], "being": [3, 5, 6, 7, 9, 12, 15], "keystor": 3, "qeaa": [3, 16], "form": [3, 5, 6, 9, 10, 11, 12, 14, 15, 16], "possess": [3, 4, 5, 6, 9, 10, 12, 13, 14, 15, 16], "reli": [3, 4, 5, 6, 11, 12, 15, 16], "natur": [3, 5, 6, 11, 15, 16], "legal": [3, 11, 12, 14, 16], "submiss": [3, 9, 10], "mechan": [3, 4, 5, 9, 10, 11, 15, 16], "see": [3, 5, 6, 7, 9, 11, 14, 15], "complianc": [3, 5, 6, 9, 10, 14, 16], "regulatori": [3, 14], "cannot": [3, 9, 10, 11, 14], "repudi": [3, 4, 11], "over": [3, 5, 7, 9, 11, 12, 14, 16], "time": [3, 5, 6, 7, 9, 10, 11, 13, 14, 15, 16], "particular": [3, 6, 11, 14], "layer": [3, 13], "architectur": [3, 4, 6, 13, 14, 16], "establish": [3, 6, 7, 9, 10, 12, 14, 16], "reliabl": [3, 5, 11, 14, 15, 16], "how": [3, 4, 5, 7, 9, 11, 14, 15], "maintain": [3, 9, 10, 12, 14], "outlin": [3, 5, 6, 7, 9, 10, 11, 14, 16], "procedur": [3, 11, 12, 14], "other": [3, 4, 5, 6, 9, 10, 11, 12, 14, 15, 16], "level": [3, 4, 7, 9, 10, 11, 12, 13, 15, 16], "exchang": [3, 6, 7, 9, 10, 11, 12, 13, 14, 16], "assur": [3, 9, 10, 13, 16], "degre": 3, "vet": 3, "same": [3, 5, 6, 9, 10, 11, 14], "whom": [3, 12], "wa": [3, 5, 6, 9, 10, 11, 15], "holder": [3, 5, 11, 12, 15], "bind": [3, 6, 9, 10, 14, 15], "abil": [3, 12, 14, 16], "legitim": [3, 5], "part": [3, 6, 7, 9, 10, 14, 15, 16], "third": [3, 11, 14, 15], "oid4vp": [3, 9, 10], "openid": [3, 5, 6, 9, 10, 13, 14, 15, 16], "vc": [3, 5, 6, 9, 10, 13, 14, 15], "vp": [3, 9, 10], "api": [3, 4, 6, 9, 10, 15, 16], "program": 3, "interfac": [3, 6, 11, 14, 16], "loa": [3, 6, 16], "wscd": [3, 15], "european": [4, 12], "parliament": 4, "adopt": [4, 16], "revis": 4, "regul": [4, 11, 12, 14], "introduc": 4, "signific": [4, 12, 14], "innov": 4, "updat": [4, 5, 9, 10, 11, 14], "mark": [4, 5, 6, 9, 10, 14], "pivot": 4, "advanc": [4, 12, 14], "eu": [4, 5, 9, 10, 14, 15, 16], "strategi": [4, 9, 10, 14], "aim": [4, 5], "interoper": [4, 6, 9, 10, 12, 13, 14], "usabl": [4, 15], "across": [4, 12], "For": [4, 5, 6, 7, 9, 10, 11, 14, 15, 16], "detail": [4, 5, 7, 11, 12, 14, 15, 16], "resourc": [4, 5, 6, 9, 10, 13, 14], "legisl": [4, 16], "offici": 4, "commiss": 4, "websit": [4, 14, 16], "itali": 4, "launch": [4, 15], "direct": 4, "full": [4, 5, 12, 16], "align": [4, 14], "complet": [4, 9, 10, 12, 16], "purpos": [4, 5, 9, 10, 11, 12, 16], "defin": [4, 5, 6, 7, 9, 10, 11, 14, 15, 16], "involv": [4, 6, 9, 10, 11, 12, 14, 15], "accord": [4, 5, 6, 7, 9, 10, 11, 14, 15, 16], "infrastructur": [4, 12], "realiabl": [4, 16], "mdl": [4, 5, 7, 9, 10], "cbor": [4, 6, 7, 9, 10, 11], "sd": [4, 6, 9, 10, 11, 13, 14, 15], "jwt": [4, 6, 9, 10, 11, 13, 14, 15, 16], "openid4vci": [4, 6, 13, 14], "openid4vp": [4, 6, 9, 10, 13, 14], "pseudonym": 4, "siopv2": [4, 9, 10, 15], "backup": 4, "restor": 4, "self": [4, 5], "sovereign": 4, "ssi": 4, "languag": [4, 14], "convent": 4, "term": [4, 14, 16], "acronym": 4, "properti": [4, 5], "endpoint": [4, 11, 15], "configur": [4, 15, 16], "common": 4, "anchor": [4, 6, 16], "leav": 4, "intermedi": [4, 6, 12, 16], "metadata": [4, 5, 6, 9, 10, 11, 12, 15], "type": [4, 5, 6, 7, 9, 10, 11, 15, 16], "statement": [4, 6, 9, 10, 15, 16], "offlin": [4, 7, 9, 11], "long": [4, 6, 11], "live": 4, "privaci": [4, 6, 9, 10, 11, 12, 15, 16], "remark": 4, "consider": 4, "decentr": 4, "lifecycl": [4, 15], "transit": [4, 14], "return": [4, 5, 6, 7, 9, 10, 11, 14, 15], "deactiv": 4, "header": [4, 5, 6, 9, 10, 11, 14, 15], "wallet_provid": [4, 14], "federation_ent": [4, 6, 9, 10, 14], "extern": [4, 14], "view": [4, 6, 16], "dynam": [4, 6, 14], "registr": [4, 6, 14], "q": [4, 9, 10, 14, 16], "mdoc": [4, 6, 10, 11], "namespac": [4, 7, 9, 10], "object": [4, 6, 7, 11, 13, 14, 15], "high": [4, 7, 9, 10, 11, 13, 15, 16], "flow": [4, 14, 15], "push": [4, 9, 10], "par": 4, "token": [4, 9, 10, 13, 15, 16], "remot": [4, 14], "uri": [4, 6, 13], "post": [4, 6, 11, 14, 15], "cross": [4, 14], "check": [4, 6, 7, 11, 14, 15], "redirect": [4, 6], "error": [4, 6, 11, 15], "proxim": 4, "engag": [4, 16], "session": [4, 6, 10], "termin": [4, 10, 15], "case": [4, 5, 6, 9, 10, 14], "proof": [4, 5, 6, 9, 10, 12, 13, 14, 15, 16], "rst": 4, "librari": [4, 15], "code": [4, 5, 6, 7, 9, 10, 11, 14, 15], "snippet": 4, "algorithm": [4, 5, 6, 9, 10, 11, 13, 14, 15, 16], "contribut": 4, "acknowledg": 4, "law": [5, 11], "scope": [5, 6, 9, 10, 11, 14, 15], "allow": [5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "protect": [5, 6, 9, 10, 14], "ones": 5, "current": [5, 6, 9, 10, 11, 13, 14], "first": [5, 6, 9, 10, 15], "date": [5, 6, 11, 13, 14, 15], "birth": [5, 6], "taxpay": 5, "number": [5, 6, 9, 10, 11, 14, 15, 16], "select": [5, 6, 9, 10, 15], "disclosur": [5, 9, 10, 14], "specifi": [5, 6, 7, 9, 10, 15, 16], "02": [5, 7, 9], "_sd_alg": 5, "5": [5, 6, 7, 9, 10, 11, 14, 15], "them": [5, 9, 10, 11, 12, 14, 15, 16], "disclos": [5, 6, 7, 9, 12, 14], "indic": [5, 6, 7, 9, 10, 13, 14], "digest": 5, "salt": [5, 7, 9], "omit": [5, 6], "instead": [5, 12, 14], "respect": [5, 6, 14, 16], "decoi": 5, "arrai": [5, 6, 7, 9, 10, 11, 14, 15, 16], "new": [5, 6, 7, 9, 10, 11, 12, 14, 15], "_sd": [5, 9, 10], "map": [5, 6, 9, 10, 14], "calcul": [5, 6, 7, 9], "random": [5, 6, 7, 9, 10, 15], "togeth": [5, 6, 7, 9, 11], "combin": [5, 14], "order": [5, 9, 10, 15, 16], "seri": 5, "base64url": [5, 6, 11, 15], "encod": [5, 6, 7, 9, 10, 11, 15], "separ": [5, 6, 9, 10], "next": 5, "singl": [5, 6, 14, 15], "tild": 5, "charact": [5, 6], "n": [5, 6, 9, 10, 13], "more": [5, 6, 7, 9, 10, 11, 14, 16], "jose": [5, 6, 11, 15], "mandatori": [5, 6, 7, 9, 11], "typ": [5, 6, 9, 10, 11, 14, 15, 16], "terbu": [5, 13], "latest": [5, 14], "rfc7515": [5, 6, 13], "9": [5, 6, 7, 9, 10, 14, 15], "kid": [5, 6, 9, 10, 11, 14, 15, 16], "8": [5, 6, 7, 9, 10, 11, 14, 15], "trust_chain": [5, 9, 10, 14, 15], "json": [5, 6, 9, 10, 11, 13, 14, 15, 16], "oidc": [5, 6, 9, 10, 12, 13, 14, 15], "fed": [5, 9, 10, 13, 14, 15], "whether": [5, 6, 9, 10, 14, 15], "nsd": 5, "iss": [5, 6, 9, 10, 11, 14, 15, 16], "url": [5, 6, 9, 10, 14, 15, 16], "string": [5, 6, 7, 9, 10, 14, 15, 16], "rfc7519": [5, 6, 13], "sub": [5, 6, 7, 9, 10, 14, 15, 16], "thumbprint": [5, 6, 11, 13, 15, 16], "jwk": [5, 6, 9, 10, 11, 13, 14, 15, 16], "cnf": [5, 6, 9, 10, 11, 15], "iat": [5, 6, 9, 10, 11, 14, 15, 16], "unix": [5, 6, 9, 10, 11, 14, 15, 16], "timestamp": [5, 6, 9, 10, 11, 13, 14, 15, 16], "numericd": [5, 6, 14], "7519": [5, 6, 9, 10, 11, 13, 14, 15], "6": [5, 6, 7, 9, 10, 14, 15], "exp": [5, 6, 9, 10, 11, 14, 15, 16], "expiri": [5, 6, 11, 14, 15], "read": 5, "status_attest": [5, 11], "credential_hash_alg": [5, 11], "bound": [5, 6, 11, 14, 15], "oauth": [5, 6, 9, 10, 11, 13, 15, 16], "01": [5, 7, 9, 11], "materi": [5, 6, 7, 9, 11], "confirm": [5, 6, 15], "declar": 5, "recipi": 5, "rfc7800": [5, 11, 13], "vct": 5, "personidentificationdata": [5, 6], "depend": [5, 6, 9, 10, 11, 16], "addit": [5, 6, 11, 14, 15], "ad": [5, 6, 9, 10], "given_nam": [5, 6, 7, 9, 10, 14], "core": [5, 6, 14], "0": [5, 6, 7, 9, 10, 13, 14, 15, 16], "family_nam": [5, 6, 7, 9, 10, 14], "birth_dat": [5, 6, 7, 9], "unique_id": [5, 6, 9, 10], "id": [5, 6, 9, 10, 14, 16], "anpr": 5, "given": [5, 6, 9, 10, 11, 14], "regist": [5, 6, 15], "resid": [5, 9, 10, 11], "popul": [5, 9, 10], "tax_id_cod": [5, 6], "tax": [5, 6], "en": [5, 6], "319": 5, "412": 5, "tinit": 5, "italiantaxidentificationnumb": 5, "In": [5, 6, 7, 9, 10, 11, 12, 14, 15, 16], "org": [5, 6, 7, 9, 10, 11, 14, 15, 16], "nzblsxh8udccd7nowxfzafhkxzsrgc9x": 5, "1683000000": 5, "1883000000": 5, "xxxxxxxx": 5, "xxxx": 5, "xxxxxxxxxxxx": 5, "mario": 5, "rossi": 5, "1980": 5, "10": [5, 6, 7, 9, 10, 13, 14, 15], "xxxxxxxxxxxxxxxx": 5, "correspond": [5, 6, 7, 9, 10, 11, 14, 15], "verson": 5, "db67gl7ck3tfiiaf7n6_7shvqk0mdymeqcogglkuaaw": 5, "nehrderpynlhy3m5wldwtwz2auhm": 5, "eyjhbgcioijsuzi1niisimtpzci6": 5, "ikjydmzybg5oqu11sfiwn2fqvw1b": 5, "7wg4nt6k26_r3975zcwnvwgoha7b988_3": 5, "vjzbzf6yc": 5, "noxvzjujg667ibdedwmr6tz46x": 5, "jchkwivxmafv43yc": 5, "tk2rgupyoxzcx0vv5hbn9u5m2mhlwbt41qgwllxcnu8": 5, "uhchpgtnf2bj1fvafbby1rnf7wxkxelfj5a4vsj2fo4": 5, "q6tqnxau97tu": 5, "mqudg0fsamlgzdsumumk6a2s3bcsc0": 5, "wyfxvqq9bospt7tn4shoi4e48p19ava1ktw5zf0": 5, "fc": 5, "pidprovid": 5, "kty": [5, 6, 7, 9, 10, 14, 15, 16], "ec": [5, 6, 7, 9, 10, 14, 15, 16], "crv": [5, 6, 7, 9, 10, 14, 15, 16], "x": [5, 6, 7, 9, 10, 11, 14, 15, 16], "tcaer19zvu3ohf4j4w4vfsvohip1ilildls7vcegemc": 5, "y": [5, 6, 7, 9, 10, 13, 14, 15, 16], "zxjiwwbzmqghvwkvq4hbsiirsvfuecce6t4jt9f2hzq": 5, "wyi1n212ewnuadv5wknys0xanxhuzlv3iiwgimlhdciside2odmwmdawmdbd": 5, "57mvycth5yzcrklz5xnfuw": 5, "wyjrdwnyqm1sb19otwfjrky1odvsemfriiwginvuaxf1zv9pzcisicj4ehh4": 5, "ehh4ec14ehh4lxh4ehgtehh4ec14ehh4ehh4ehh4ehgixq": 5, "kucrbmlo_hmaiff585rzaq": 5, "wyjove5sb09pdvzwunrgnknfenrkovp3iiwgimdpdmvux25hbwuilcaitwfi": 5, "aw8ixq": 5, "ntnrooiuvvrtf6ceztd9zw": 5, "wyjgrfntugdnekdcvxdrteheu0u2d1friiwgimzhbwlsev9uyw1liiwgiljv": 5, "c3npil0": 5, "fdsspggzgbuwqlhdse6wqq": 5, "wyjlwjhlnxdwrxredmixemltuee0rhpbiiwgimjpcnrox2rhdguilcaimtk4": 5, "mc0wms0xmcjd": 5, "kz8e5wvetdvb1zispa4dza": 5, "wyjwwjvnunlpehbwv1p1sexvsi15aljniiwginrhef9pzf9jb2rliiwgilrj": 5, "tklulvhywfhywfhywfhywfhywfgixq": 5, "pz5mryoxpvwzuhloj": 5, "yjrg": 5, "eyjhbgcioiairvmyntyilcaidhlwijogimv4yw1wbgurc2qtand0in0": 5, "eyjfc2qioibb": 5, "ijdxrzruvdzlmjzfujm5nzv6y3duvndnb0hbn2i5odhfmy12snpiwmy2wwmilcaitk94": 5, "vnpqvupnnjy3aujkzur3bxi2dfo0nlgtamnos3djvnhnqwz2ndn5yyisicjuszjsz3vq": 5, "ww9yekn4mhz2nwhitjl1nu0ybuhsv0j0ndfxr1dstfhdtnu4iiwgilviq2hwr3rorjji": 5, "ajfgdkfmqmj5mxjuzjdxwgt4zwxgsjvhnhztajjgtzqilcaictzucw54yxu5n3r1lu1x": 5, "vurnmgztqw1mr1pku3vnvu1rnmeyczniy3ndmcisicj3ewz4vnfxoujvc1bun3ronfni": 5, "t0k0rtq4ude5yvzbmwt0vzvazjbflwzjil0sicjlehaioiaxodgzmdawmdawlcaiaxnz": 5, "ijogimh0dhbzoi8vcglkchjvdmlkzxiuzxhhbxbszs5vcmcilcaic3viijogik56ykxz": 5, "wgg4durdy2q3bm9xwezaqwzia3hac1jhqzlycyisicjzdgf0dxmioib7inn0yxr1c19h": 5, "dhrlc3rhdglvbii6ihsiy3jlzgvudglhbf9oyxnox2fszyi6icjzagetmju2in19lcai": 5, "dmn0ijogilblcnnvbklkzw50awzpy2f0aw9urgf0ysisicjfc2rfywxnijoginnoys0i": 5, "ntyilcaiy25mijogeyjqd2sioib7imt0esi6icjfqyisicjjcnyioiaiuc0yntyilcai": 5, "eci6icjuq0ffuje5wnz1m09irjrqnfc0dmztvm9isvaxsuxpbersczd2q2vhzw1jiiwg": 5, "inkioiaiwnhqavdxylpnuudivldlvle0agjtswlyc1zmdwvjq0u2ddrqvdlgmkhausj9": 5, "fx0": 5, "a36ovweqpcppkyhx75dg": 5, "hiib7zqklfmmcaixlpocmel1cxlx": 5, "ntzbfn_kdn0nlj": 5, "ymlay4xseetmic_scltxdg": 5, "wyi1n212ewnuadv5wknys0xanxhuzlv3iiwgimlhdcisi": 5, "de2odmwmdawmdbd": 5, "wyjrdwnyqm1sb19otwfjrky1odvsemfriiwginvuaxf1zv9pzci": 5, "icj4ehh4ehh4ec14ehh4lxh4ehgtehh4ec14ehh4ehh4ehh4ehgixq": 5, "wyjove5sb09pd": 5, "vzwunrgnknfenrkovp3iiwgimdpdmvux25hbwuilcaitwfyaw8ixq": 5, "wyjgrfntugdnek": 5, "dcvxdrteheu0u2d1friiwgimzhbwlsev9uyw1liiwgiljvc3npil0": 5, "wyjlwjhlnxdwrx": 5, "redmixemltuee0rhpbiiwgimjpcnrox2rhdguilcaimtk4mc0wms0xmcjd": 5, "wyjwwjvnu": 5, "nlpehbwv1p1sexvsi15aljniiwginrhef9pzf9jb2rliiwgilrjtklulvhywfhywfhyw": 5, "fhywfhywfgixq": 5, "disabilitycard": 5, "document_numb": [5, 7, 9], "xxxxxxxxxx": 5, "expiry_d": [5, 7, 9], "2024": [5, 7, 9], "constant_attendance_allow": 5, "true": [5, 6, 7, 9, 10], "previou": [5, 6, 9, 10, 11, 15], "decod": [5, 6, 9, 10, 11], "both": [5, 7, 9, 10, 11, 12, 14, 15, 16], "d126a6a856f7724560484fa9dc59d195": 5, "lla7mch": 5, "ywwynzffwzsjbggie096fn8d60a": 5, "ml3sgo": 5, "afrjarpztmanxyu5iiwpifoaxjcnk": 5, "_h1ejt7mymcgm": 5, "i9xhlephyv8om35l3nf1mkqfpwud7ofpramsasx0": 5, "5g": 5, "rhpkitz7bggpjnwx2sgvh_ov9vhrjz9hx_inxwbbz6o": 5, "wyjrdwnyqm1sb19otwfjrky1odvsemfriiwgimrvy3vtzw50x251bwjlcii": 5, "icjywfhywfhywfhyil0": 5, "wyjwwjvnunlpehbwv1p1sexvsi15aljniiwgimv4cglyev9kyxrliiwgijiw": 5, "mjqtmdetmdeixq": 5, "wyjqdfz1s0nwbjdivgnickfnx3nlvwjriiwginrhef9pzf9jb2rliiwgilrj": 5, "jtvukcpn7btchrag_seubq": 5, "wyjxrgtknkpztmhernzmudrzmwhrzhlbiiwgimnvbnn0yw50x2f0dgvuzgfu": 5, "y2vfywxsb3dhbmnliiwgdhj1zv0": 5, "wdkd6jsnhdfvlp4s1hqdya": 5, "ii1mtee3tunolvlxv1loekzmd1pzskjhr2lfmdk2zk44zdywys1tbdnzz28ilcain1dh": 5, "ng5unksynl9smzk3nxpjd25wd2dvsee3yjk4of8zlxzkemjazjzzyyisicjbrljkyvjq": 5, "wlrnyu54wxu1sulxuglmt0fysknusy1fadflsnq3txlty2dniiwgilrlmljndvbzb1h6": 5, "q3gwdny1agjooxu1ttjtsgxxqnq0mxfhv2xmwenodtgilcaivuhdahbhde5gmmjqmuz2": 5, "qwzcynkxcm5mn1dya3hlbezknwe0dlnqmkzpncisicjpovhitgvqshlwoe9nmzvsm25m": 5, "mu1lcwzwv3ven09gcfjhbvnbc1gwltvniiwginjougtjdho3qkdhcgpuv1gyu0dwsf9p": 5, "vjlwafjqejlief9jtlh3qmj6nm8ilcaid3lmefzxctlcb3nqvdd0tjrtse9jneu0ofax": 5, "owfwqtfrdfc1wmywrs1myyjdlcaizxhwijogmtg4mzawmdawmcwgimlzcyi6icjodhrw": 5, "czovl2lzc3vlci5legftcgxllm9yzyisicjzdwiioiaitnpithnyadh1renjzddub1di": 5, "rlpbzkhrefpzukddovhziiwginn0yxr1cyi6ihsic3rhdhvzx2f0dgvzdgf0aw9uijog": 5, "eyjjcmvkzw50awfsx2hhc2hfywxnijoginnoys0yntyifx0sicj2y3qioiairglzywjp": 5, "bgl0eunhcmqilcaix3nkx2fszyi6icjzagetmju2iiwgimnuzii6ihsiandrijogeyjr": 5, "dhkioiairumilcaiy3j2ijogilatmju2iiwgingioiaivenbrvixovp2dtnpsey0ajrx": 5, "nhzmu1zvselqmulmawxebhm3dknlr2vtyyisicj5ijogilp4amlxv2jatvfhsfzxs1zr": 5, "nghiu0lpcnnwznvly0nfnnq0alq5rjjiwleifx19": 5, "1koe6igfxgbb_jtaluhm_bgjmbi": 5, "j6b63rm_wjaowpobsipskjy7hbhd2a83eusi8jqbskvhjs3wcr0kd9ppzrw": 5, "wyi1n212": 5, "ewnuadv5wknys0xanxhuzlv3iiwgimlhdciside2odmwmdawmdbd": 5, "wyjrdwnyqm1sb19": 5, "otwfjrky1odvsemfriiwgimrvy3vtzw50x251bwjlciisicjywfhywfhywfhyil0": 5, "wyj": 5, "ove5sb09pdvzwunrgnknfenrkovp3iiwgimdpdmvux25hbwuilcaitwfyaw8ixq": 5, "wyjg": 5, "rfntugdnekdcvxdrteheu0u2d1friiwgimzhbwlsev9uyw1liiwgiljvc3npil0": 5, "wyjl": 5, "wjhlnxdwrxredmixemltuee0rhpbiiwgimjpcnrox2rhdguilcaimtk4mc0wms0xmcjd": 5, "wyjwwjvnunlpehbwv1p1sexvsi15aljniiwgimv4cglyev9kyxrliiwgijiwmjqtmd": 5, "tmdeixq": 5, "wyjxrgtknkpztmhernzmudrzmwhrzhlbiiwgi": 5, "mnvbnn0yw50x2f0dgvuzgfuy2vfywxsb3dhbmnliiwgdhj1zv0": 5, "18013": [5, 7, 9, 10], "standard": [5, 9, 10, 14], "born": 5, "drive": 5, "licens": [5, 11], "8949": 5, "concis": 5, "binari": 5, "represent": [5, 14], "europa": [5, 9, 10, 14], "eudiw": [5, 6, 9, 10, 14, 15], "revers": 5, "consist": [5, 6, 16], "while": [5, 9, 10, 12, 14, 15], "domest": [5, 7, 9], "tstr": [5, 7, 9], "text": [5, 6, 9, 10, 11, 15], "structur": [5, 7, 9, 10, 15, 16], "wai": [5, 6], "track": [5, 11, 15], "backward": 5, "compat": [5, 14, 16], "understand": 5, "evolv": [5, 14], "uint": [5, 7, 9], "unsign": 5, "int": 5, "mean": [5, 6, 11, 14, 15], "ok": [5, 6, 9, 10, 15], "normal": 5, "bstr": [5, 7, 9], "byte": [5, 7, 9], "collect": [5, 9, 10, 14], "doctyp": [5, 6, 7, 9, 10], "issuersign": [5, 7, 9], "24": [5, 7, 9, 10, 11, 14, 15], "major": 5, "howev": [5, 6, 9, 10], "issuerauth": [5, 7, 9], "mso": [5, 11], "cose": 5, "sign1": 5, "abov": [5, 6, 7, 9, 12, 14], "devicesign": [5, 7, 9], "phase": [5, 6, 7, 9, 11, 12, 14, 15], "deviceauth": [5, 7, 9], "either": [5, 6, 9, 10], "devicesignatur": [5, 7, 9], "devicemac": 5, "two": [5, 6, 7, 9, 10, 11, 15], "empti": [5, 7, 9], "latter": [5, 6, 11], "issuersigneditembyt": [5, 7, 9], "bitsr": 5, "diagnost": [5, 7, 9], "digestid": [5, 7, 9], "integ": [5, 6], "valuedigest": [5, 7, 9], "differ": [5, 6, 7, 9, 10, 11, 12, 14, 15], "issuersigneditem": [5, 7, 9], "minimum": [5, 6, 7, 9, 10, 11, 15], "16": [5, 6, 7, 9, 10, 14], "elementidentifi": [5, 7, 9], "elementvalu": [5, 7, 9], "issue_d": [5, 7, 9], "cbortag": 5, "1004": [5, 7, 9], "expir": [5, 6, 9, 10, 11, 14, 15, 16], "issuing_author": [5, 7, 9], "issuing_countri": [5, 7, 9], "alpha": 5, "countri": 5, "3166": 5, "field": [5, 6, 7, 9, 10, 11, 12, 13], "9052": 5, "unprotect": 5, "7": [5, 6, 7, 9, 10, 11, 14, 15], "rfc8152": 5, "x5chain": 5, "label": [5, 9, 10], "33": [5, 7, 9], "9360": 5, "carri": [5, 6, 9, 10, 12, 14], "referenc": [5, 6, 9, 10], "509": [5, 14], "abl": [5, 6, 11, 14, 15], "without": [5, 6, 11, 12, 14, 15], "invalid": [5, 6, 7, 9, 10, 11, 14, 15], "mobilesecurityobject": 5, "mobilesecurityobjectbyt": 5, "validityinfo": [5, 7, 9], "datetim": [5, 11, 16], "validfrom": [5, 7, 9], "validuntil": [5, 7, 9], "digestalgorithm": [5, 7, 9], "group": 5, "devicekeyinfo": [5, 7, 9], "devicekei": [5, 7, 9], "keyauthor": 5, "keyinfo": 5, "devicesigneditem": 5, "af": 5, "a366737461747573006776657273696f6e63312e3069646f63756d656e747381a267646f6354797065781865752e6575726f70612e65632e65756469772e7069642e316c6973737565725369676e6564a26a697373756572417574688443a10126a1182159021930820215308201bca003020102021404ad06a30c1a6dc6e93be0e2e8f78dcafa7907c2300a06082a8648ce3d040302305b310b3009060355040613025a45312e302c060355040a0c25465053204d6f62696c69747920616e64205472616e73706f7274206f66205a65746f706961311c301a06035504030c1349414341205a65746573436f6e666964656e73301e170d3231303932393033333034355a170d3232313130333033333034345a3050311a301806035504030c114453205a65746573436f6e666964656e7331253023060355040a0c1c5a65746f70696120436974792044657074206f662054726166666963310b3009060355040613025a453059301306072a8648ce3d020106082a8648ce3d030107034200047c5545e9a0b15f4ff3ce5015121e8ad3257c28d541c1cd0d604fc9d1e352ccc38adef5f7902d44b7a6fc1f99f06eedf7b0018fd9da716aec2f1ffac173356c7da3693067301f0603551d23041830168014bba2a53201700d3c97542ef42889556d15b7ac4630150603551d250101ff040b3009060728818c5d050102301d0603551d0e04160414ce5fd758a8e88563e625cf056bfe9f692f4296fd300e0603551d0f0101ff040403020780300a06082a8648ce3d0403020347003044022012b06a3813ffec5679f3b8cddb51eaa4b95b0cbb1786b09405e2000e9c46618c02202c1f778ad252285ed05d9b55469f1cb78d773671f30fe7ab815371942328317c59032ad818590325a667646f6354797065781865752e6575726f70612e65632e65756469772e7069642e316776657273696f6e63312e306c76616c6964697479496e666fa3667369676e6564c074323032332d30322d32325430363a32333a35365a6976616c696446726f6dc074323032332d30322d32325430363a32333a35365a6a76616c6964556e74696cc074323032342d30322d32325430303a30303a30305a6c76616c756544696765737473a2781865752e6575726f70612e65632e65756469772e7069642e31ac015820a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a025820cd372fb85148700fa88095e3492d3f9f5beb43e555e5ff26d95f5a6adc36f8e6035820e67e72111b363d80c8124d28193926000980e1211c7986cacbd26aacc5528d48045820f7d062d662826ed95869851db06bb539b402047baee53a00e0aa35bfbe98265d0658202a132dbfe4784627b86aa3807cd19cfeff487aab3dd7a60d0ab119a72e736936075820bdca9e8dbca354e824e67bfe1533fa4a238b9ea832f23fb4271ebeb3a5a8f7200858202c0eaec2f05b6c7fe7982683e3773b5d8d7a01e33d04dfcb162add8bd99bee9a095820bfe220d85657ccec3c67e7db1df747e9148a152334bb6d4b65b273279bcc36ec0a582018e38144f5044301d6a0b4ec9d5f98d4cd950e6ea2c29b849cbd457da29b6ad30b58203c71d2f0efa09d9e3fbbdffd29204f6b292c9f79570aef72dd86c91f7a3aa5c50c582065743d58d89d45e52044758f546034fd13a4f994bc270cdfa7844f74eb3f4b6e0d5820b4a8eb5d523bffa17b41bda12ddc7da32ae1e5f7ff3dcc394a35401f16919bbf781b65752e6575726f70612e65632e65756469772e7069642e69742e31a10e58209d6c11644651126c94acdaf0803e86d4c71d15d3b2712a14295416734efd514d6d6465766963654b6579496e666fa1696465766963654b6579a401022001215820ba01aea44eee1e338eb2f04e279dbd51b34655783ee185150838c9a7a7c4db7122582025ba0044439a3871a7b975a0994a85e79b705a9ac263b3fe899b0a93412ee8c96f646967657374416c676f726974686d675348412d32353658400813c28fd62f2602cbc14724e5865733c44a0fca589b55c085ec9d5c725d6cce25ba0044439a3871a7b975a0994a85e79b705a9ac263b3fe899b0a93412ee8c96a6e616d65537061636573a2781865752e6575726f70612e65632e65756469772e7069642e3188d818586da4686469676573744944016672616e646f6d5820156df9227ad341eaa61aabd301106fd21bdc18820e01dfc16bcf5fecc447111b71656c656d656e744964656e7469666965726b6578706972795f646174656c656c656d656e7456616c7565d903ec6a323032342d30322d3232d818586fa4686469676573744944026672616e646f6d5820a3a1f13f05544d03a5b50b5fdb78465808393bcf3b7953a345fe28f820c7be0d71656c656d656e744964656e7469666965726d69737375616e63655f646174656c656c656d656e7456616c7565d903ec6a323032332d30322d3232d8185866a4686469676573744944036672616e646f6d5820852591f90f2c9ded57a03632e2c1322ab52a082a431e71a4149a6830c8f1ad0c71656c656d656e744964656e7469666965726f69737375696e675f636f756e7472796c656c656d656e7456616c7565624954d818587ca4686469676573744944046672616e646f6d5820d1d587b3512acce15c4f6b20944ceb002a464e4a158389788563408873c3fce571656c656d656e744964656e7469666965727169737375696e675f617574686f726974796c656c656d656e7456616c7565764d696e69737465726f2064656c6c27496e7465726e6fd8185864a4686469676573744944056672616e646f6d582094fdd7609c0e73dc8589b5cab11e1d9058cf8bff8a336da5f81fcba055396a0f71656c656d656e744964656e7469666965726a676976656e5f6e616d656c656c656d656e7456616c7565654d6172696fd8185865a4686469676573744944066672616e646f6d5820660c0a7bf79e0e0261ca1547a4294fb808aa70738f424b13ab1b9440b566ae1371656c656d656e744964656e7469666965726b66616d696c795f6e616d656c656c656d656e7456616c756565526f737369d818586ba4686469676573744944076672616e646f6d5820315c53491286488fa07f5c2ce67135ef5c9959c3469c99a14e9b6dc924f9eba571656c656d656e744964656e746966696572696269727468646174656c656c656d656e7456616c7565d903ec6a313935362d30312d3132d818587da4686469676573744944086672616e646f6d5820764ef39c9d01f3aa6a87f441603cfe853fba3cee3bc2c168bcc9e96271d6e06371656c656d656e744964656e74696669657269756e697175655f69646c656c656d656e7456616c7565781e78787878787878782d7878782d787878782d787878787878787878787878781b65752e6575726f70612e65632e65756469772e7069642e69742e3181d8185877a46864696765737449440d6672616e646f6d5820717df3f583b1484366c33a1f869f2b5d201d466a8b589c79ab1a2d85e595432571656c656d656e744964656e7469666965726d7461785f69645f6e756d6265726c656c656d656e7456616c75657554494e49542d585858585858585858585858585858": 5, "notat": [5, 7, 9, 13], "h": [5, 7, 9, 13], "30820215308201bca003020102021404ad30c": 5, "x_509": 5, "2023": [5, 7, 9, 13], "22t06": 5, "23": [5, 7, 9, 10, 14], "56z": 5, "22t00": 5, "00": 5, "00z": 5, "0f1571a97ffb799cc8fcdf2ba4fc2909929": 5, "0cdfe077400432c055a2b69596c90": 5, "e2382149255ae8e955af9b8984395": 5, "bbc77e6cca981a3ad0c3e544edf86": 5, "bb6e6c68d1b4b4ec5a2ae9206f5t4": 5, "f8a5966e6dac9970e0334d8f75e25": 5, "defdf1aa746718016ef1b94bfe5r6": 5, "f9ee4d36f67dbd75e23311ac1c29": 5, "ec2": [5, 7, 9], "elipt": 5, "coordin": [5, 7, 9], "p256": [5, 7, 9], "b820963964e53af064686dd9218303494a": 5, "coordiant": 5, "0a6da0af437e2943f1836f31c678d89298e9": 5, "ccordiant": 5, "1ad0d6a7313efdc38fcd765852fa2bd43debf48bf5a580d": 5, "e0b70bcefbd43686f345c9ed429343aa": 5, "22": [5, 7, 9, 10], "ae84834f389ee69888665b90a3e4fcc": 5, "960cb15a2ea9b68e5233ce902807aa95": 5, "9d3774bd5994ccfed248674b32a4f76a": 5, "ministero": [5, 6], "dell": [5, 6], "interno": [5, 6], "eb12193dc66c6174530cdc29b274381f": 5, "db143143538f3c8d41dc024f9cb25c9d": 5, "6059ff1ce27b4997b4ade1de7b01dc60": 5, "1956": [5, 7, 9], "12": [5, 6, 7, 9, 10, 14, 15], "53c15c57b3b076e788795829190220b4": 5, "xxx": 5, "11aa7273a2d2daa973f5951f0c34c2fba": 5, "tax_id_numb": 5, "xxxxxxxxxxxxxxx": 5, "relev": [6, 7, 9, 12, 14, 15], "releas": [6, 9, 10, 12], "genuin": [6, 15], "product": [6, 16], "own": [6, 7, 9, 11, 12, 14, 15, 16], "compliant": [6, 7, 9, 10], "assess": [6, 14, 15], "cab": 6, "graphic": 6, "compos": [6, 9, 10, 15], "oidc4vci": [6, 11], "13": [6, 7, 9, 10, 11, 14, 15], "net": 6, "spec": [6, 14], "1_0": 6, "html": 6, "_": 6, "eid": [6, 16], "saml2": [6, 12], "preexist": 6, "eg": [6, 9, 10, 14], "spid": [6, 9, 10, 14], "cie": 6, "notifi": [6, 9, 10, 11, 14, 16], "act": [6, 9, 10, 14], "send": [6, 7, 9, 10, 11, 15], "get": [6, 9, 10, 14, 15, 16], "fig": 6, "show": [6, 9, 10, 11], "highlight": 6, "step": [6, 7, 9, 10, 11, 15, 16], "pictur": [6, 9, 10], "setup": [6, 7, 9], "start": [6, 11, 14, 15], "preliminari": 6, "out": [6, 7, 9, 11, 14], "assert": [6, 14, 15, 16], "share": [6, 14], "discoveri": [6, 9, 10, 14], "discov": 6, "e": [6, 7, 9, 11, 12, 14, 16], "g": [6, 11, 12, 13, 14, 16], "subordin": [6, 9, 10, 14], "inspect": 6, "filter": [6, 9, 10], "ani": [6, 7, 9, 10, 11, 12, 14, 15], "proxi": [6, 9, 10], "held": 6, "expand": 6, "assumpt": 6, "most": 6, "look": 6, "capabl": [6, 9, 10, 14, 16], "9126": [6, 11, 15], "pkce": 6, "7636": 6, "receiv": [6, 7, 9, 10, 14, 15], "protocol": [6, 7, 9, 10, 11, 13, 14, 15], "fresh": [6, 9, 10, 14], "previous": [6, 9, 10, 14], "hereaft": 6, "prevent": [6, 9, 10, 15, 16], "swap": 6, "attack": [6, 15], "code_verifi": 6, "enough": 6, "entropi": [6, 9, 10], "unreserv": 6, "43": 6, "maximum": [6, 14], "impract": 6, "guess": 6, "client_assert": 6, "client": [6, 7, 9, 10, 14, 15, 16], "sinc": [6, 9, 10, 12, 14, 15, 16], "less": [6, 7, 9, 14], "than": [6, 7, 9, 11, 14], "precis": 6, "second": [6, 7, 9, 10, 15], "authorization_detail": 6, "rar": 6, "9396": 6, "upon": [6, 9, 10, 14], "receipt": 6, "9101": [6, 9, 10], "retriev": [6, 7, 9, 10, 16], "jw": [6, 9, 10, 13, 14, 15, 16], "client_id": [6, 9, 10], "match": [6, 9, 10, 11], "aud": [6, 9, 10, 11, 15], "equal": [6, 9, 10, 14, 15], "reject": [6, 9, 10, 11], "request_uri": [6, 9, 10], "expos": [6, 9, 10, 14], "far": [6, 11], "minut": 6, "jti": [6, 9, 10, 11], "mitig": 6, "replai": [6, 15], "host": [6, 9, 10, 11, 15], "www": [6, 9, 10, 11, 15], "urlencod": [6, 9, 10, 11, 15], "response_typ": [6, 9, 10, 15], "thumprint": 6, "code_challeng": 6, "e9melhoa2owvfremtjguchaoek1t8urwbugjsstw": 6, "cm": 6, "code_challenge_method": 6, "s256": [6, 11], "client_assertion_typ": 6, "urn": [6, 15, 16], "ietf": [6, 15, 16], "param": [6, 15, 16], "wia": 6, "pop": [6, 11, 15], "appli": [6, 9, 10, 14, 15], "vbexjksm45xphtanncig6mcyuu4jfgnzopgukvogg9c": [6, 9, 10, 15], "ad25868c": 6, "8377": 6, "479b": 6, "8094": 6, "46fb1e797625": 6, "1686645115": [6, 15], "1686652315": [6, 15], "fifyx03bnosd8m6gyqifnhnp9cm_sam9tc5nlloiirc": [6, 14], "1672422065": [6, 9, 10], "1672418465": [6, 9, 10], "ac80df576e7109686717bf50b869e882": 6, "fyziol9lf2cekunt2jzxilrdink0upcd": 6, "openid_credenti": 6, "credential_configuration_id": 6, "redirect_uri": [6, 9, 10], "suffici": [6, 9, 10], "larg": 6, "adequ": 6, "risk": [6, 12], "exce": 6, "ascii": 6, "due": [6, 9, 10, 11], "reason": [6, 11], "mani": 6, "phone": [6, 12], "market": 6, "still": [6, 14, 15], "do": [6, 14, 15], "restrict": [6, 9, 10, 12, 14], "1024": 6, "On": 6, "slow": 6, "2g": 6, "caus": 6, "therefor": [6, 9, 10, 11, 12], "advis": [6, 9, 10], "experi": [6, 9, 10, 12, 16], "point": [6, 7, 9, 10, 15], "201": [6, 9, 10, 11, 15], "cach": 6, "bwc4jk": 6, "esc0w8acc191": 6, "y1ltc2": 6, "expires_in": 6, "60": 6, "treat": [6, 15], "duplic": 6, "reload": 6, "refresh": 6, "agent": [6, 9, 10], "result": [6, 7, 9, 10, 11, 14], "submit": [6, 15], "pass": [6, 7, 9, 15], "3aietf": [6, 15], "3aparam": [6, 15], "3aoauth": [6, 15], "3arequest_uri": 6, "3abwc4jk": 6, "consent": [6, 7, 9, 10, 14], "perspect": [6, 9, 10, 14], "prior": 6, "transact": [6, 9, 10, 14, 16], "11": [6, 7, 9, 10, 14, 15], "6749": [6, 11, 13], "intend": [6, 7, 9, 10, 14], "9027": 6, "univers": 6, "local": [6, 11, 14, 15], "so": [6, 7, 9, 11], "resolv": [6, 14], "302": [6, 9, 10], "found": [6, 9, 10, 11, 15], "locat": [6, 7, 9, 10], "splxlobezqqybys6wxsbia": 6, "3a": [6, 9, 10], "2f": [6, 9, 10], "2fpid": 6, "dpop": [6, 13], "instruct": 6, "9449": [6, 13], "certain": [6, 7, 9, 10], "misus": [6, 9, 10], "leak": 6, "stolen": 6, "repli": 6, "tokenrequest": 6, "eyj0exaioijkcg9wk2p3dcisimfszyi6ikvtmju2iiwiandrijp7imt0esi6ik": 6, "vdiiwieci6imw4dezyahgtmzr0vjnoukldukrzoxpda0rscejorjqyvvfvzldwqvdcr": 6, "nmilcj5ijoiovzfngpmx09rx282nhpivfrsy3vosmfqsg10nny5verwcluwq2r2r1j": 6, "qsisimnydii6ilatmju2in19": 6, "eyjqdgkioiitqnddm0vtyzzhy2mybfrjiiwiahrtij": 6, "oiue9tvcisimh0dsi6imh0dhbzoi8vc2vydmvylmv4yw1wbguuy29tl3rva2vuiiwia": 6, "wf0ijoxntyymjyynje2fq": 6, "gxa6t8lp4vfrg8v": 6, "fdwp0a0zdrj8igimlvqrmuvwnqg": 6, "4ptflbdlxiossx0x7nvi": 6, "fnyjk70nfbv37xrzt3lg": 6, "grant_typ": [6, 15], "authorization_cod": 6, "dbjftjez4cvp": 6, "mb92k27uhbuju1p1r_ww1gfwfoejxk": 6, "cb": [6, 9, 10], "15": [6, 9, 10, 14], "success": [6, 9, 10, 11, 14], "c_nonc": 6, "unpredict": [6, 15], "later": [6, 9, 10], "18": [6, 9, 10, 14, 15], "countermeasur": 6, "against": [6, 14, 15], "200": [6, 9, 10, 15], "access_token": 6, "kz": 6, "8mxk1ealyznwh": 6, "lc": 6, "1fbao": 6, "4ljp": 6, "zspe_neo": 6, "gxu": 6, "token_typ": 6, "2677": 6, "tzign": 6, "snfbp": 6, "c_nonce_expires_in": 6, "86400": 6, "17": [6, 9, 10, 14, 15], "demonstr": [6, 7, 9, 13, 14], "evid": [6, 7, 9, 11], "To": [6, 9, 10, 11, 15, 16], "conduct": 6, "explicitli": 6, "server": [6, 7, 9, 10, 11, 15], "nonc": [6, 9, 10, 15], "furthermor": [6, 11, 14, 16], "creation": [6, 9, 10, 11, 14, 15], "window": 6, "determin": [6, 9, 10, 12, 14, 16], "schema": [6, 14], "nmilcj5ijoiovzfngpmx09rx282nhpivfrsy3vosmfqsg10nny5verwcluwq2r2r": 6, "1jeqsisimnydii6ilatmju2in19": 6, "eyjqdgkioijlmwozvl9is2ljoc1mquvciiwiahrtij": 6, "oir0vuiiwiahr1ijoiahr0chm6ly9yzxnvdxjjzs5legftcgxllm9yzy9wcm90zwn0z": 6, "wryzxnvdxjjzsisimlhdci6mtu2mji2mjyxocwiyxroijoizlvieu8ycjjam0rantnf": 6, "c05yv0jimhhxwg9htnk1oulps0nbcwtzbvffbyj9": 6, "2ow9rp35yrqzhrtnp86l": 6, "ey71": 6, "optxrimpptoa1plemagr6pxhf8y6": 6, "yqyvnmcw6fy1dqd": 6, "jfxsyomxhajplja": 6, "credential_definit": 6, "proof_typ": 6, "eyjrawqioijkawq6zxhhbxbsztplym": 6, "l8tfrhx": 6, "34tv3hricrdy9zckdlpbhf42uqufwvawbf": 6, "9ve4jf_ok_o64zbttlcunjajhmt6v9tdvru0cdvgrda": 6, "And": 6, "0b434530": [6, 11], "e151": [6, 11], "4c40": [6, 11], "98b7": [6, 11], "74c75a5ef760": [6, 11], "1504699136": [6, 9, 10, 11], "19": [6, 9, 10, 13, 14], "21": [6, 9, 10, 14], "suitabl": 6, "succe": 6, "proceed": 6, "proce": 6, "pragma": 6, "lupixvcwjk0eot4cxqe1nxk": 6, "wzwmhmn9oqp6yxx0a2l": 6, "fgff7": 6, "ukhla": 6, "insid": [6, 11, 15], "challeng": [6, 15], "per": [6, 11, 15], "iana": [6, 11, 15], "web": [6, 9, 10, 11, 13, 14, 15, 16], "registri": [6, 9, 10, 11, 12, 14, 15, 16], "symmetr": [6, 9, 10, 11, 15], "mac": [6, 9, 10, 11, 15], "7638": [6, 11, 13, 15], "section_3": [6, 11, 15], "assum": [6, 14], "implicit": 6, "side": [6, 9, 10], "end": [6, 7, 9, 10, 14], "alphanumer": 6, "32": [6, 9, 10], "authrequest": 6, "credential_configurations_support": 6, "reus": 6, "alon": 6, "collis": [6, 15], "resist": [6, 15], "under": [6, 9, 10, 11, 12, 14, 16], "uuid": [6, 7, 9, 11], "v4": [6, 11], "4122": [6, 11], "top": 6, "media": [6, 9, 10, 14, 16], "8259": 6, "strong": [6, 16], "pseudorandom": 6, "lifetim": 6, "posit": 6, "occur": [6, 7, 9, 10, 11, 15], "error_descript": [6, 9, 10, 11, 15], "human": [6, 11, 15], "readabl": [6, 9, 10, 11, 15], "clarifi": [6, 9, 10, 11, 15], "encount": [6, 9, 10, 11, 15], "400": [6, 9, 10, 11], "bad": [6, 9, 10, 11], "invalid_request": [6, 9, 10, 11], "grant": [6, 9, 10, 12, 15, 16], "browser": 6, "serial": 6, "queri": 6, "invalid_dpop_proof": 6, "least": [6, 7, 9, 10, 16], "7515": [6, 11, 13], "8725": [6, 13], "chosen": [6, 9, 10, 16], "7517": [6, 9, 10, 11, 13, 14, 16], "htm": 6, "attach": [6, 14], "9110": 6, "htu": 6, "target": [6, 9, 10], "fragment": [6, 9, 10], "successfulli": [6, 9, 10, 11], "claimset": 6, "simplifi": 6, "even": [6, 9, 10, 11, 12, 14], "charset": [6, 9, 10, 11], "utf": [6, 9, 10, 11], "invalid_cli": 6, "fail": [6, 9, 10, 14], "accomplish": [6, 16], "methodolog": 6, "9068": 6, "subject": [6, 9, 10, 14, 16], "subjectidtyp": 6, "uuid4": 6, "rp": [6, 9, 10, 14], "jkt": 6, "ath": 6, "denot": 6, "mso_mdoc": [6, 9, 10], "renew": [6, 14], "invalid_proof": 6, "oauth_authorization_serv": 6, "openid_credential_issu": [6, 14], "openid_relying_parti": [6, 14], "fanfs3ync9tjicaivhwlvuj3axwggz_98urfaqme": 6, "1649610249": 6, "1649437449": 6, "sig": 6, "1ta": 6, "aqab": [6, 9, 10], "authority_hint": [6, 9, 10, 14, 16], "superior": [6, 14, 16], "organization_nam": [6, 7, 9, 10, 14, 16], "organ": [6, 9, 10, 12, 16], "homepage_uri": [6, 9, 10, 14, 16], "policy_uri": [6, 9, 10, 16], "privacy_polici": [6, 16], "tos_uri": [6, 16], "info_polici": [6, 16], "logo_uri": [6, 9, 10, 14, 16], "logo": [6, 9, 10, 14, 16], "svg": [6, 9, 10, 14, 16], "contact": [6, 9, 10, 14], "op": [6, 9, 10], "federation_resolve_endpoint": [6, 14], "authorization_endpoint": [6, 9, 10, 15], "pushed_authorization_request_endpoint": 6, "dpop_signing_alg_values_support": 6, "token_endpoint": [6, 16], "introspection_endpoint": 6, "introspect": 6, "client_registration_types_support": 6, "automat": [6, 14], "code_challenge_methods_support": 6, "authorization_details_types_support": 6, "acr_values_support": 6, "gov": [6, 7, 9, 10], "spidl2": [6, 9, 10], "spidl3": [6, 9, 10], "grant_types_support": [6, 16], "scopes_support": 6, "request_parameter_support": 6, "request_uri_parameter_support": 6, "fals": [6, 7, 9, 10, 15], "response_types_support": [6, 9, 10, 15], "subject_types_support": 6, "pairwis": [6, 9, 10], "token_endpoint_auth_methods_support": [6, 16], "attest_jwt_client_auth": 6, "token_endpoint_auth_signing_alg_values_support": [6, 16], "request_object_signing_alg_values_support": [6, 9, 10, 15], "credential_issu": 6, "credential_endpoint": 6, "revocation_endpoint": 6, "status_attestation_endpoint": 6, "displai": [6, 7, 9, 10], "italiano": 6, "di": 6, "esempio": 6, "alt_text": 6, "questo": 6, "newk5qdymekrcppo": 6, "yeytdjvwjmtzasmavt2vm1mb": 6, "vizxalo6dzeeszpxfpgzabtk3ctxtbubiiqpmiyrts": 6, "ff0bded045fe63fe5d1d64dd83b567e0": 6, "cryptographic_binding_methods_support": 6, "credential_signing_alg_values_support": 6, "proof_types_support": 6, "proof_signing_alg_values_support": 6, "credenzial": 6, "background_color": 6, "12107c": 6, "text_color": 6, "ffffff": 6, "trust_framework": [6, 7, 9], "assurance_level": [6, 7, 9], "electronic_record": [6, 7, 9], "record": [6, 7, 9], "sourc": [6, 7, 9, 11, 12], "organization_id": [6, 7, 9], "ipa_cod": 6, "m_it": 6, "country_cod": [6, 7, 9], "credentialsubject": [6, 9, 10], "nome": 6, "cognom": 6, "nascita": 6, "identificativo": 6, "univoco": 6, "codic": 6, "fiscal": 6, "supervis": [7, 9], "divid": [7, 9, 11, 15], "three": [7, 9, 16], "subphas": [7, 9], "begin": [7, 9], "prompt": [7, 9, 10], "between": [7, 9, 10, 11, 12, 14, 15, 16], "transmit": [7, 9, 10], "rang": [7, 9], "technolog": [7, 9, 14], "limit": [7, 9, 15], "intercept": [7, 9, 10], "eavesdrop": [7, 9], "exclus": [7, 9], "qr": [7, 9, 10], "up": [7, 9, 10, 11, 14], "stage": [7, 9], "condit": [7, 9, 10, 11], "iso18013": [7, 9], "appropri": [7, 9, 10, 11], "decrypt": [7, 9, 10], "bluetooth": [7, 9], "low": [7, 9, 16], "energi": [7, 9], "ble": [7, 9], "figur": [7, 9], "illustr": [7, 9], "diagram": [7, 9, 10, 11], "reveal": [7, 9, 11, 12], "temporari": [7, 9, 11], "edevicekei": [7, 9], "priv": [7, 9], "pub": [7, 9], "incorpor": [7, 9, 14, 15], "suit": [7, 9], "immedi": [7, 9, 14, 16], "after": [7, 9, 10, 11, 15, 16], "final": [7, 9, 10, 14], "a30063312e30018201d818584ba4010220012158205a88d182bce5f42efa59943f33359d2e8a968ff289d93e5fa444b624343167fe225820b16e8cf858ddc7690407ba61d4c338237a8cfcf3de6aa672fc60a557aa32fc670281830201a300f401f50b5045efef742b2c4837a9a3b0e1d05a6917": [7, 9], "embed": [7, 9], "item": [7, 9, 12], "5a88d182bce5f42efa59943f33359d2e8a968ff289d93e5fa444b624343": [7, 9], "167fe": [7, 9], "b16e8cf858ddc7690407ba61d4c338237a8cfcf3de6aa672fc60a557aa32fc67": [7, 9], "deviceretrievalmethod": [7, 9], "peripher": [7, 9], "central": [7, 9, 12, 14], "45efef742b2c4837a9a3b0e1d05a6917": [7, 9], "scan": [7, 9, 10], "ereaderkei": [7, 9], "newli": [7, 9], "independ": [7, 9, 14], "along": [7, 9, 10, 11, 16], "a26776657273696f6e63312e306b646f63526571756573747381a26c6974656d7352657175657374d818590152a267646f6354797065756f72672e69736f2e31383031332e352e312e6d444c6a6e616d65537061636573a2746f72672e69736f2e31383031332e352e312e4954a375766572696669636174696f6e2e65766964656e6365f4781c766572696669636174696f6e2e6173737572616e63655f6c6576656cf4781c766572696669636174696f6e2e74727573745f6672616d65776f726bf4716f72672e69736f2e31383031332e352e31ab76756e5f64697374696e6775697368696e675f7369676ef47264726976696e675f70726976696c65676573f46f646f63756d656e745f6e756d626572f46a69737375655f64617465f46f69737375696e675f636f756e747279f47169737375696e675f617574686f72697479f46a62697274685f64617465f46b6578706972795f64617465f46a676976656e5f6e616d65f468706f727472616974f46b66616d696c795f6e616d65f46a726561646572417574688443a10126a11821590129308201253081cda00302010202012a300a06082a8648ce3d0403023020311e301c06035504030c15536f6d652052656164657220417574686f72697479301e170d3233313132343130323832325a170d3238313132323130323832325a301a3118301606035504030c0f536f6d6520526561646572204b65793059301306072a8648ce3d020106082a8648ce3d03010703420004aa1092fb59e26ddd182cfdbc85f1aa8217a4f0fae6a6a5536b57c5ef7be2fb6d0dfd319839e6c24d087cd26499ec4f87c8c766200ba4c6218c74de50cd1243b1300a06082a8648ce3d0403020347003044022048466e92226e042add073b8cdc43df5a19401e1d95ab226e142947e435af9db30220043af7a8e7d31646a424e02ea0c853ec9c293791f930bf589bee557370a4c97bf6584058a0d421a7e53b7db0412a196fea50ca6d4c8a530a47dd84d88588ab145374bd0ab2a724cf2ed2facf32c7184591c5969efd53f5aba63194105440bc1904e1b9": [7, 9], "docrequest": [7, 9], "itemsrequest": [7, 9], "un_distinguishing_sign": [7, 9], "driving_privileg": [7, 9, 10], "portrait": [7, 9, 10], "readerauth": [7, 9], "a10126": [7, 9], "308201253081cda00302010202012a300a06082a8648ce3d0403023020311e301c06035504030c15536f6d652052656164657220417574686f72697479301e170d3233313132343130323832325a170d3238313132323130323832325a301a3118301606035504030c0f536f6d6520526561646572204b65793059301306072a8648ce3d020106082a8648ce3d03010703420004aa1092fb59e26ddd182cfdbc85f1aa8217a4f0fae6a6a5536b57c5ef7be2fb6d0dfd319839e6c24d087cd26499ec4f87c8c766200ba4c6218c74de50cd1243b1300a06082a8648ce3d0403020347003044022048466e92226e042add073b8cdc43df5a19401e1d95ab226e142947e435af9db30220043af7a8e7d31646a424e02ea0c853ec9c293791f930bf589bee557370a4c97b": [7, 9], "null": [7, 9], "58a0d421a7e53b7db0412a196fea50ca6d4c8a530a47dd84d88588ab145374bd0ab2a724cf2ed2facf32c7184591c5969efd53f5aba63194105440bc1904e1b9": [7, 9], "comput": [7, 9, 11, 15], "ask": [7, 9, 10, 11, 12, 16], "permiss": [7, 9], "agre": [7, 9, 14], "give": [7, 9, 10, 14, 15], "a36776657273696f6e63312e3069646f63756d656e747381a367646f6354797065756f72672e69736f2e31383031332e352e312e6d444c6c6973737565725369676e6564a26a6e616d65537061636573a2746f72672e69736f2e31383031332e352e312e495483d81858f7a46864696765737449440b6672616e646f6d506d44f21ee875f2c1d502b43198e5a15271656c656d656e744964656e74696669657275766572696669636174696f6e2e65766964656e63656c656c656d656e7456616c756581a2647479706571656c656374726f6e69635f7265636f7264667265636f7264bf6474797065781f68747470733a2f2f657564692e77616c6c65742e70646e642e676f762e697466736f75726365bf716f7267616e697a6174696f6e5f6e616d65754d6f746f72697a7a617a696f6e6520436976696c656f6f7267616e697a6174696f6e5f6964656d5f696e666c636f756e7472795f636f6465626974ffffd8185866a4686469676573744944046672616e646f6d50185d84dfb71ce9b173010ddd62174fbe71656c656d656e744964656e746966696572781c766572696669636174696f6e2e74727573745f6672616d65776f726b6c656c656d656e7456616c7565656569646173d8185865a4686469676573744944006672616e646f6d50137f903174253c4585358267aae2ea4e71656c656d656e744964656e746966696572781c766572696669636174696f6e2e6173737572616e63655f6c6576656c6c656c656d656e7456616c75656468696768716f72672e69736f2e31383031332e352e318bd8185852a46864696765737449440c6672616e646f6d5053e29d0ddbbc7d2306a32bdbe2e56e5171656c656d656e744964656e7469666965726b66616d696c795f6e616d656c656c656d656e7456616c756563446f65d8185855a4686469676573744944036672616e646f6d50990cba2069fa1b33b8d6ae910b6549dc71656c656d656e744964656e7469666965726a676976656e5f6e616d656c656c656d656e7456616c756567416e746f6e696fd818585ba46864696765737449440a6672616e646f6d504086c1379975f805f1b1f4975e6a126571656c656d656e744964656e7469666965726a69737375655f646174656c656c656d656e7456616c7565d903ec6a323031392d31302d3230d818585ca4686469676573744944016672616e646f6d50ab4ca30c918dd2fd0bf35242c15fa2d871656c656d656e744964656e7469666965726b6578706972795f646174656c656c656d656e7456616c7565d903ec6a323032342d31302d3230d8185855a4686469676573744944076672616e646f6d508d9066f6c8da16619867cd4e2fab0c8871656c656d656e744964656e7469666965726f69737375696e675f636f756e7472796c656c656d656e7456616c7565624954d818587ea4686469676573744944056672616e646f6d5059fe68db795dee4c20976380ea24770571656c656d656e744964656e7469666965727169737375696e675f617574686f726974796c656c656d656e7456616c75657828497374697475746f20506f6c696772616669636f2065205a656363612064656c6c6f20537461746fd818585ba4686469676573744944026672616e646f6d5008b3f1ca5517019767be3dee3bb0614571656c656d656e744964656e7469666965726a62697274685f646174656c656c656d656e7456616c7565d903ec6a313935362d30312d3230d818585ca4686469676573744944096672616e646f6d50a2395ec214350c26066306e23279b3ae71656c656d656e744964656e7469666965726f646f63756d656e745f6e756d6265726c656c656d656e7456616c756569393837363534333231d8185850a4686469676573744944066672616e646f6d50a25e1a5b915d2d6eafee9674e023293971656c656d656e744964656e74696669657268706f7274726169746c656c656d656e7456616c75654420212223d81858eea46864696765737449440d6672616e646f6d50eeed6a3b856563627589a360939d12f771656c656d656e744964656e7469666965727264726976696e675f70726976696c656765736c656c656d656e7456616c756582a37576656869636c655f63617465676f72795f636f646561416a69737375655f64617465d903ec6a323031382d30382d30396b6578706972795f64617465d903ec6a323032342d31302d3230a37576656869636c655f63617465676f72795f636f646561426a69737375655f64617465d903ec6a323031372d30322d32336b6578706972795f64617465d903ec6a323032342d31302d3230d818585ba4686469676573744944086672616e646f6d50c0ef486b2a194ed3cbf7f354fd40092171656c656d656e744964656e74696669657276756e5f64697374696e6775697368696e675f7369676e6c656c656d656e7456616c756561496a697373756572417574688443a10126a118215901423082013e3081e5a00302010202012a300a06082a8648ce3d040302301a3118301606035504030c0f5374617465204f662055746f706961301e170d3233313132343134353430345a170d3238313132323134353430345a30383136303406035504030c2d5374617465204f662055746f7069612049737375696e6720417574686f72697479205369676e696e67204b65793059301306072a8648ce3d020106082a8648ce3d03010703420004c338ec1000b351ce8bcdfc167450aeceb": [7, 9], "6d44f21ee875f2c1d502b43198e5a152": [7, 9], "pdnd": [7, 9], "motorizzazion": [7, 9], "civil": [7, 9], "m_inf": [7, 9], "185d84dfb71ce9b173010ddd62174fb": [7, 9], "137f903174253c4585358267aae2ea4": [7, 9], "53e29d0ddbbc7d2306a32bdbe2e56e51": [7, 9], "doe": [7, 9, 10, 15], "990cba2069fa1b33b8d6ae910b6549dc": [7, 9], "antonio": [7, 9], "4086c1379975f805f1b1f4975e6a1265": [7, 9], "2019": [7, 9], "20": [7, 9, 10, 14], "ab4ca30c918dd2fd0bf35242c15fa2d8": [7, 9], "8d9066f6c8da16619867cd4e2fab0c88": [7, 9], "59fe68db795dee4c20976380ea247705": [7, 9], "istituto": [7, 9], "poligrafico": [7, 9], "zecca": [7, 9], "dello": [7, 9], "stato": [7, 9], "08b3f1ca5517019767be3dee3bb06145": [7, 9], "a2395ec214350c26066306e23279b3a": [7, 9], "987654321": [7, 9], "a25e1a5b915d2d6eafee9674e0232939": [7, 9], "20212223": [7, 9], "eeed6a3b856563627589a360939d12f7": [7, 9], "vehicle_category_cod": [7, 9], "2018": [7, 9], "08": [7, 9], "09": [7, 9], "b": [7, 9, 13], "2017": [7, 9, 13], "c0ef486b2a194ed3cbf7f354fd400921": [7, 9], "i": [7, 9], "3082013e3081e5a00302010202012a300a06082a8648ce3d040302301a3118301606035504030c0f5374617465204f662055746f706961301e170d3233313132343134353430345a170d3238313132323134353430345a30383136303406035504030c2d5374617465204f662055746f7069612049737375696e6720417574686f72697479205369676e696e67204b65793059301306072a8648ce3d020106082a8648ce3d03010703420004c338ec1000b351ce8bcdfc167450aeceb7d518bd9a519583e082d67effff06565804fc09abf0e4a08e699c9dba3796285a15f68e40ac7f9fc7700a15153a4065300a06082a8648ce3d040302034800304502210099b7d62e6bf7b1823db3713df889bf73e70bb4d9c58c21e92c58d2f1beffe932022058d039747a00d70e6d66be4797e6142b3608a014ee09b7b79af2cae2aaf27788": [7, 9], "0e5f0b6b33418e508740771e82f893372eaf5b2445bc4c84dcf08b005e9493fc": [7, 9], "de21bb62ff2897d8b986d2cda9f9bc5865c02807f7b4d9dd1fa4a79df4c0d37f": [7, 9], "bc5568239e35ce9ff8798c27ffdcd757b134b679f0fe05729aa3491381912e65": [7, 9], "e6048bdc7fd6454296f1e3f54536107c9c5b24c4064de46a98121e3630eecca2": [7, 9], "73690d92dcaa61b0203870f67c6aa9fdfea889b6f0c720de757b4b0a8516a206": [7, 9], "e353ea0b0fd92b6be90c64cc3b2ee1284153a8f0f5066b99aac599200e6eeeb2": [7, 9], "29227872ceb49923d267b5f4bade6d387b42ac2dc4b2ae26c9013067fee7018a": [7, 9], "a6a119f7cacac0b8c6aacac747fd3fe7e50b6d9bb8a507fda79f0df6646f285d": [7, 9], "6d8025d2f02a5e7e1406fb6aaeb67f9ede9b07191a53f3e23b77c528223a94e2": [7, 9], "b0d43e4e2ea534e4d5304e64bcf7a0f13e2c8ee8304b9cd23aba4909652a4647": [7, 9], "fbf4de318982f2dbad43c601caeb22628b301ac18aa8264c5831b2aaac89c486": [7, 9], "cf57377b675f64f37314739592c1e8a911a7ddaf341ce2902fe877c5a835e4c1": [7, 9], "4a4b4cc64ec9299c1a2501ea449f577005e9f7a60408057c07a7c67fb151e5f5": [7, 9], "78824fbd6fbba88a2aab44df8b6f5e9759126d87d1f4415995e658fd9239e1f": [7, 9], "afd09e720b918cedc2b8a881950bab6a1051e18ae16a814d51e609938663d5e1": [7, 9], "61fbc6c8ad24ec86a78bb4e9ac377dd2b7c711d9f2eb9afd4aa0963662847a": [7, 9], "24t14": [7, 9], "54": [7, 9], "05z": [7, 9], "f2461e4fab69e9f7bcffe552395424514524d1679440036213173101448d1b1ab4a293859b389ffa8b47aeed10e9b0c1545412ac37c51a76482cd9bbbe110152": [7, 9], "1fed7190d2975ab79c072e6f1d9d52436059d1fc959d55baf74f057d89b10fcc0dc77a50d433d4c76ddf26223c5560c4ab123b5cb5eb805a90036aa147493076": [7, 9], "subsequ": [7, 9, 11], "consid": [7, 9, 10, 11, 14, 15], "transfermethod": [7, 9], "hold": [7, 9, 11], "bleoption": [7, 9], "datael": [7, 9], "intent": [7, 9], "retain": [7, 9, 14], "intenttoretain": [7, 9], "bool": [7, 9], "cose_sign1": [7, 9], "unless": [7, 9], "responsedata": [7, 9], "respond": [7, 9, 15], "devicenamespac": [7, 9], "dataitemnam": [7, 9], "dataitemvalu": [7, 9], "action": [7, 9, 10, 11, 12, 15, 16], "responsestatu": [7, 9], "300": [7, 9], "doesn": [7, 9, 11, 14], "t": [7, 9, 11, 13, 14], "dispatch": [7, 9], "command": [7, 9], "destruct": [7, 9], "closur": [7, 9], "scenario": [9, 10, 11, 12, 14], "download": [9, 10], "workstat": [9, 10], "frame": [9, 10, 15], "extract": [9, 10], "request_uri_method": [9, 10], "client_id_schem": [9, 10], "entity_id": [9, 10], "assign": [9, 10, 14], "altern": [9, 10], "mandat": [9, 10], "fetch": [9, 10, 14], "eleg": [9, 10], "polici": [9, 10, 11, 14, 16], "successful": [9, 10], "continu": [9, 10], "navig": [9, 10], "sequenc": [9, 10, 14, 15], "summar": [9, 10], "convers": [9, 10], "suppli": [9, 10], "deselect": [9, 10], "direct_post": [9, 10], "25": [9, 10, 14], "26": [9, 10, 14], "27": [9, 10, 14], "28": [9, 10, 14], "29": [9, 10, 14], "autent": [9, 10], "succed": [9, 10], "made": [9, 10, 14, 15, 16], "featur": [9, 10, 11, 14], "deem": [9, 10], "necessari": [9, 10, 11, 12, 14, 15], "better": [9, 10, 11], "explicit": [9, 10], "regard": [9, 10, 14], "usag": [9, 10, 14, 16], "prefer": [9, 10, 16], "vp_token": [9, 10, 11, 15], "response_modes_support": [9, 10, 15], "form_post": [9, 10, 15], "vp_formats_support": [9, 10, 15], "jwt_alg_valu": [9, 10, 14, 15], "presentation_definition_uri_support": [9, 10, 15], "opaqu": [9, 10], "otherwis": [9, 10, 11], "jar": [9, 10], "2freli": [9, 10], "2fcb": [9, 10], "2frequest_uri": [9, 10], "raw": [9, 10], "correct": [9, 10], "quartili": [9, 10], "good": [9, 10, 12], "balanc": [9, 10], "densiti": [9, 10], "space": [9, 10], "qualiti": [9, 10], "damag": [9, 10], "partial": [9, 10], "obscur": [9, 10], "javascript": [9, 10, 13], "qrcode": [9, 10], "poll": [9, 10], "socket": [9, 10], "cooki": [9, 10], "httponli": [9, 10], "special": [9, 10, 15], "wait": [9, 10, 13], "202": [9, 10], "response_uri": [9, 10], "401": [9, 10], "unauthor": [9, 10, 12, 15, 16], "3be39b69": [9, 10], "6ac1": [9, 10], "41aa": [9, 10], "921b": [9, 10], "3e6c07ddcb03": [9, 10], "e0bbf2f1": [9, 10], "8c3a": [9, 10], "4eab": [9, 10], "a8ac": [9, 10], "2e8f34db8a47": [9, 10], "miicajccadogawibag": [9, 10], "awz": [9, 10], "2w3": [9, 10], "sf2": [9, 10], "walletattest": [9, 10, 15], "response_mod": [9, 10, 15], "2c128e4d": [9, 10], "fc91": [9, 10], "4cd3": [9, 10], "86b8": [9, 10], "18bdea0988cb": [9, 10], "herein": [9, 10], "alias": [9, 10], "anymor": [9, 10, 11], "insensit": [9, 10], "rfc9101": [9, 10], "presentation_definit": [9, 10, 15], "input_descriptor": [9, 10], "constraint": [9, 10, 14], "path": [9, 10, 14], "limit_disclosur": [9, 10], "aal": [9, 10, 15], "mention": [9, 10], "futur": [9, 10, 14, 15], "presentation_definition_uri": [9, 10], "Not": [9, 10, 11], "client_metadata": [9, 10], "taken": [9, 10], "client_metadata_uri": [9, 10], "miss": [9, 10], "webpath": [9, 10], "urlparam": [9, 10], "server_error": [9, 10], "unexpect": [9, 10], "fulfil": [9, 10, 11], "unabl": [9, 10, 11], "malfunct": [9, 10], "mainten": [9, 10], "try": [9, 10], "malform": [9, 10], "anoth": [9, 10, 12], "500": [9, 10, 11], "There": [9, 10, 14], "could": [9, 10, 12], "incorrect": [9, 10, 11], "failur": [9, 10, 11], "manner": [9, 10, 11, 15, 16], "addition": [9, 10, 15], "log": [9, 10, 14], "attempt": [9, 10, 15], "recov": [9, 10], "feasibl": [9, 10], "re": [9, 10], "enter": [9, 10, 14, 15, 16], "crucial": [9, 10, 11, 12], "robust": [9, 10, 11, 14], "handl": [9, 10, 14], "friendli": [9, 10], "adher": [9, 10, 14, 16], "help": [9, 10, 15], "diagnos": [9, 10], "variou": [9, 10, 14, 15, 16], "faulti": [9, 10], "potenti": [9, 10, 11, 14], "lead": [9, 10, 11, 15], "gather": [9, 10], "exploit": [9, 10], "why": [9, 10], "malici": [9, 10], "plaintext": [9, 10], "network": [9, 10], "emploi": [9, 10, 14], "tl": [9, 10, 14], "Such": [9, 10], "techniqu": [9, 10, 12], "webserv": [9, 10], "deciph": [9, 10], "transmiss": [9, 10, 14], "forward": [9, 10], "negoti": [9, 10], "actual": [9, 10, 15, 16], "actor": [9, 10, 12, 16], "segment": [9, 10], "sensit": [9, 10], "unencrypt": [9, 10], "snif": [9, 10], "eyjhbgcioijfuzi1nii": [9, 10], "9t2lq": [9, 10], "pt0ixx0": [9, 10], "presentation_submiss": [9, 10], "definition_id": [9, 10], "32f54163": [9, 10], "7166": [9, 10], "48f1": [9, 10], "93d8": [9, 10], "ff217bdb0653": [9, 10], "04a98be3": [9, 10], "7fb0": [9, 10], "4cf5": [9, 10], "af9a": [9, 10], "31579c8b0e7d": [9, 10], "descriptor_map": [9, 10], "verified_claim": [9, 10], "find": [9, 10], "3978344f": [9, 10], "8596": [9, 10], "4c3a": [9, 10], "a978": [9, 10], "8fcaba3903c5": [9, 10], "1541493724": [9, 10], "1573029723": [9, 10], "origin": [9, 10, 14, 15], "beyond": [9, 10, 11, 14], "longer": [9, 10, 11, 14, 15], "audienc": [9, 10], "becaus": [9, 10, 11], "aris": [9, 10], "403": [9, 10], "forbidden": [9, 10], "happen": [9, 10], "occour": [9, 10], "meet": [9, 10, 14, 15], "criteria": [9, 10, 14], "stem": [9, 10], "aspect": [9, 10], "clariti": [9, 10], "proper": [9, 10, 15], "credentialx": [9, 10], "write": [9, 10, 16], "response_cod": [9, 10], "091535f699ea575c7937fa5f0f454ae": [9, 10], "These": [9, 10, 11, 14, 16], "critic": [9, 10], "impact": [9, 10], "hinder": [9, 10], "seamless": [9, 10, 12, 14, 16], "implic": [9, 10], "mismatch": [9, 10], "incur": [9, 10], "rais": [9, 10], "refus": [9, 10], "precaut": [9, 10], "clear": [9, 10, 14], "2hnofs3ync9tjicaivhwlvuj3axwggz_98urfaqme": [9, 10, 14], "1649590602": [9, 10], "1649417862": [9, 10], "5s4qi": [9, 10], "wallet_relying_parti": [9, 10, 14], "application_typ": [9, 10], "client_nam": [9, 10], "9tjicaivhwlvuj3axwggz_9": [9, 10], "default_acr_valu": [9, 10], "vp_format": [9, 10, 14], "kb": [9, 10, 14], "identitycredenti": [9, 10], "const": [9, 10], "intent_to_retain": [9, 10], "enum": [9, 10], "issuer2": [9, 10], "issuer3": [9, 10], "1504700136": [9, 10, 11], "sampl": [9, 10], "eddsa": [9, 10, 15], "default_max_ag": [9, 10], "1111": [9, 10], "jarm": [9, 10, 13], "authorization_signed_response_alg": [9, 10], "authorization_encrypted_response_alg": [9, 10], "authorization_encrypted_response_enc": [9, 10], "a192cbc": [9, 10], "a128gcm": [9, 10], "a192gcm": [9, 10], "a256gcm": [9, 10], "subject_typ": [9, 10], "require_auth_tim": [9, 10], "id_token_signed_response_alg": [9, 10], "id_token_encrypted_response_alg": [9, 10], "id_token_encrypted_response_enc": [9, 10], "home": [9, 10], "tech": [9, 10, 14], "princip": [9, 10], "acr": [9, 10], "hint": [9, 10], "verifieng": [9, 10], "confgiur": [9, 10], "inaccuraci": 11, "compromis": [11, 14, 15], "valueless": 11, "harm": 11, "cycl": 11, "serv": [11, 14, 15, 16], "autom": [11, 14], "provis": [11, 14], "onlin": [11, 14], "preserv": [11, 15, 16], "internet": [11, 13], "becom": [11, 15, 16], "conjunct": 11, "greater": 11, "hour": [11, 14, 15], "rotat": 11, "kept": 11, "circumst": [11, 16], "whenev": 11, "delet": [11, 15], "band": 11, "databas": 11, "trigger": 11, "touchpoint": 11, "enforc": [11, 14], "judici": 11, "polic": 11, "loss": 11, "theft": [11, 12], "physic": [11, 12], "impli": 11, "address": 11, "lose": 11, "awar": 11, "behalf": [11, 14], "entitl": 11, "etc": [11, 14], "turn": 11, "death": 11, "decid": 11, "Then": 11, "credential_pop": 11, "credentialpopjwt": 11, "jwkid": 11, "1698744039": 11, "1698744139": 11, "6f204f7e": 11, "e453": 11, "4dfd": 11, "814e": 11, "9d155319408c": 11, "credential_hash": 11, "associ": [11, 14, 15, 16], "notif": 11, "email": [11, 14], "telephon": 11, "204": 11, "No": [11, 14], "404": 11, "problem": 11, "503": 11, "unavail": [11, 14], "registerd": 11, "take": [11, 15], "lack": 11, "interv": 11, "suspens": 11, "itself": [11, 14, 16], "eyjhbgcioijfuzi1niisinr5cci6indhbgxldc1": 11, "credential_revok": 11, "credential_upd": 11, "One": 11, "defer": 11, "paradigm": 12, "iam": 12, "improv": 12, "ownership": [12, 16], "said": 12, "histori": 12, "tradit": [12, 14], "know": [12, 14], "fact": 12, "envis": 12, "login": 12, "compani": 12, "want": 12, "acquir": [12, 15, 16], "publish": [12, 14], "educ": 12, "institut": 12, "portabl": 12, "principl": [12, 14], "character": 12, "choos": 12, "leverag": [12, 14, 16], "avoid": 12, "fraud": 12, "promot": [12, 14], "border": [12, 14], "effici": [12, 14], "cost": [12, 14], "reduct": 12, "elimin": 12, "multipl": [12, 14, 15], "repetit": 12, "streamlin": [12, 14], "reduc": [12, 14], "purchas": 12, "ag": 12, "k": 13, "looker": 13, "februari": 13, "o": 13, "d": 13, "fett": 13, "presentationexch": 13, "2119": 13, "bradner": 13, "march": 13, "1997": 13, "2616": 13, "r": 13, "getti": 13, "j": 13, "mogul": 13, "frystyk": 13, "masint": 13, "l": 13, "leach": 13, "berner": 13, "lee": 13, "hypertext": 13, "transfer": [13, 15], "june": 13, "1999": 13, "3339": 13, "klyne": 13, "c": 13, "newman": 13, "doi": 13, "17487": 13, "rfc3339": 13, "juli": 13, "2002": 13, "3986": 13, "uniform": [13, 15], "syntax": 13, "7009": 13, "dronia": 13, "scurtescu": 13, "m": 13, "rfc7009": 13, "august": 13, "2013": 13, "7159": 13, "brai": 13, "interchang": 13, "2014": 13, "jone": 13, "bradlei": 13, "sakimura": 13, "2015": 13, "hildebrand": 13, "jwe": 13, "rfc7517": 13, "jwa": 13, "rfc7638": 13, "septemb": 13, "7800": [13, 15], "tschofenig": 13, "semant": 13, "april": 13, "2016": 13, "8174": 13, "leiba": 13, "ambigu": 13, "uppercas": 13, "vs": 13, "lowercas": 13, "hardt": 13, "sheffer": 13, "best": 13, "practic": 13, "2020": 13, "campbel": 13, "novemb": 13, "2022": 13, "openid4vc": [13, 15], "haip": [13, 15], "legitimaci": 14, "compli": 14, "rest": [14, 15, 16], "distribut": 14, "call": 14, "overse": 14, "fr": 14, "stamp": 14, "artifact": 14, "confidenti": 14, "measur": [14, 15], "gdpr": 14, "empow": 14, "audit": 14, "minim": 14, "anonym": [14, 15], "retent": 14, "account": 14, "disput": 14, "resolut": 14, "liabil": 14, "those": 14, "disabl": 14, "emerg": 14, "breach": 14, "scalabl": 14, "deleg": 14, "relationship": 14, "grow": 14, "remov": [14, 16], "might": 14, "scale": 14, "horizont": 14, "accommod": 14, "increas": 14, "volum": 14, "histor": 14, "extens": 14, "behavior": 14, "relianc": 14, "adapt": 14, "load": 14, "particularli": 14, "peak": 14, "complex": 14, "task": 14, "cryptographi": 14, "flexibl": 14, "threat": [14, 15], "research": 14, "pre": 14, "candid": 14, "monitor": 14, "ongo": 14, "similar": 14, "thereof": 14, "reflect": [14, 15], "transpar": 14, "status": 14, "foster": 14, "tool": [14, 15], "aid": 14, "earli": 14, "detect": 14, "30": 14, "tamper": [14, 16], "except": 14, "summari": 14, "pki": 14, "leaf": 14, "built": 14, "p1": 14, "p2": 14, "p3": 14, "divers": 14, "p4": 14, "indirectli": 14, "p6": 14, "p5": 14, "p7": 14, "organiz": 14, "adjust": 14, "p8": 14, "autonomi": 14, "p9": 14, "unlik": 14, "coverag": 14, "satisfi": [14, 15], "recognis": 14, "publicli": 14, "summaris": 14, "trust_mark_id": 14, "motiv": 14, "plain": 14, "keep": [14, 15], "max_path_length": 14, "1649375259": 14, "1649373279": 14, "x2zomhngsdc4zlbrcxhmt3mzrmrzog9jd3o2qjzdam51cuhhufruowd0wq": 14, "1knr9ar3mzmokyty8brvriue85nixryx4xd3k4jw7vi": 14, "slt14644zbyxyf": 14, "xmw7apdlbmuw3t1urwi4nafmtkri": 14, "ta": 14, "federation_fetch_endpoint": 14, "federation_list_endpoint": 14, "federation_trust_mark_status_endpoint": 14, "trust_mark_statu": 14, "trust_mark_issu": 14, "cryptograf": 14, "x5c": 14, "entity_typ": 14, "trustworthi": [14, 16], "trust_mark_own": 14, "trust_mark": 14, "entri": 14, "don": 14, "em3cmnzghiyfsq090n6b3op7laaqj8rghmhxgmjstqg": 14, "1649623546": 14, "1649450746": 14, "metadata_polici": 14, "subset_of": 14, "allowed_leaf_entity_typ": 14, "real": 14, "concaten": [14, 15], "convei": 14, "pertain": [14, 15], "earliest": 14, "forc": 14, "higher": 14, "abstract": 14, "entityconfigur": 14, "signedjwt": 14, "selfissu": 14, "byleaf": 14, "entitystat": 14, "bytrustanchor": 14, "eyjhbgcioijfuzi1niisimtpzci6ik5gttfxvvzpvwxzelvxcexhbwxmy0vwufjwwtjwwfpjumpcblfywm1ssghlwvvwwvvszfrrbkeytkeilcj0exaioijhchbsawnhdglvbi9lbnrpdhktc3rhdgvtzw50k2p3dcj9": 14, "eyjlehaioje2ndk1ota2mdisimlhdci6mty0otqxnzg2miwiaxnzijoiahr0chm6ly9ycc5legftcgxllm9yzyisinn1yii6imh0dhbzoi8vcnauzxhhbxbszs5vcmcilcjqd2tzijp7imtlexmiolt7imt0esi6ikvdiiwia2lkijoitkznmvdvvmlvbfl6vvdwtgftbgzjrxbqulzzmlzywklsakjuuvhabvjiaetzvvzzvwxkvffuqtjoqsisimnydii6ilatmju2iiwieci6invzbemzd2qtcfgzd3o0yljzbnd5m2x6cgjhwkzotjk2aewyquhbm01rnlkilcj5ijoivkxdqlhgv2xktlnosxo4a0gyoxzmujromthca3dht1gynnprb3j1utfnncj9xx0sim1ldgfkyxrhijp7im9wzw5pzf9yzwx5aw5nx3bhcnr5ijp7imfwcgxpy2f0aw9ux3r5cguioij3zwiilcjjbgllbnrfawqioijodhrwczovl3jwlmv4yw1wbguub3jnlyisimnsawvudf9yzwdpc3ryyxrpb25fdhlwzxmiolsiyxv0b21hdgljil0simp3a3mionsia2v5cyi6w3sia3r5ijoirumilcjrawqioijork0xv1vwavvswxpvv3bmyw1szmnfcfbsvlkyvlhasvjqqm5rwfptukhos1lvvllvbgruuw5bmk5biiwiy3j2ijoiuc0yntyilcj4ijoidxnsqzn3zc1wwdn3ejriullud3kzbhpwykdarmhootzotdjbseeztve2wsisinkioijwtencwezxbgrou05jejhrsdi5dkxsne4xoejrd0dpwdi2elfvcnvrmu00in1dfswiy2xpzw50x25hbwuioijoyw1lig9migfuigv4yw1wbgugb3jnyw5pemf0aw9uiiwiy29udgfjdhmiolsib3bzqhjwlmv4yw1wbguuaxqixswiz3jhbnrfdhlwzxmiolsicmvmcmvzaf90b2tlbiisimf1dghvcml6yxrpb25fy29kzsjdlcjyzwrpcmvjdf91cmlzijpbimh0dhbzoi8vcnauzxhhbxbszs5vcmcvb2lkyy9ycc9jywxsymfjay8ixswicmvzcg9uc2vfdhlwzxmiolsiy29kzsjdlcjzy29wzsi6imv1lmv1cm9wys5lyy5ldwrpdy5wawqumsblds5ldxjvcgeuzwmuzxvkaxcucglklml0ljegzw1hawwilcjzdwjqzwn0x3r5cguioijwywlyd2lzzsj9lcjmzwrlcmf0aw9ux2vudgl0esi6eyjmzwrlcmf0aw9ux3jlc29sdmvfzw5kcg9pbnqioijodhrwczovl3jwlmv4yw1wbguub3jnl3jlc29sdmuviiwib3jnyw5pemf0aw9ux25hbwuioijfegftcgxlifjqiiwiag9tzxbhz2vfdxjpijoiahr0chm6ly9ycc5legftcgxllml0iiwicg9sawn5x3vyasi6imh0dhbzoi8vcnauzxhhbxbszs5pdc9wb2xpy3kilcjsb2dvx3vyasi6imh0dhbzoi8vcnauzxhhbxbszs5pdc9zdgf0awmvbg9nby5zdmcilcjjb250ywn0cyi6wyj0zwnoqgv4yw1wbguuaxqixx19lcj0cnvzdf9tyxjrcyi6w3siawqioijodhrwczovl3jlz2lzdhj5lmvpzgfzlnrydxn0lwfuy2hvci5legftcgxllmv1l29wzw5pzf9yzwx5aw5nx3bhcnr5l3b1ymxpyy8ilcj0cnvzdf9tyxjrijoizxlkacbcdtiwmjyifv0simf1dghvcml0ev9oaw50cyi6wyjodhrwczovl2ludgvybwvkawf0zs5lawrhcy5legftcgxllm9yzyjdfq": 14, "un315hdckvhya": 14, "irregzaml7pnfjqh2apz82blqo5s0sl1jr0tefp5e1t913g8gnuwggtmquqhpzwv6bvtla8g": 14, "eyjhbgcioijfuzi1niisimtpzci6ilnurkrxv2hky0dwwfgzqjnsvmraywtsq0xutnvna000wtngnlfutk9krxryzfhgwvlywjjjwgn0uveilcj0exaioijhchbsawnhdglvbi9lbnrpdhktc3rhdgvtzw50k2p3dcj9": 14, "eyjlehaioje2ndk2mjm1ndysimlhdci6mty0otq1mdc0niwiaxnzijoiahr0chm6ly9pbnrlcm1lzglhdguuzwlkyxmuzxhhbxbszs5vcmcilcjzdwiioijodhrwczovl3jwlmv4yw1wbguub3jniiwiandrcyi6eyjrzxlzijpbeyjrdhkioijfqyisimtpzci6ik5gttfxvvzpvwxzelvxcexhbwxmy0vwufjwwtjwwfpjumpcblfywm1ssghlwvvwwvvszfrrbkeytkeilcjjcnyioijqlti1niisingioij1c2xdm3dklxbym3d6ngjsww53etnsenbir1pgae45nmhmmkfiqtnnutzziiwiesi6ilzmq0jyrldsze5ttkl6ogtimjl2tfi0tje4qmt3r09ymjz6uw9ydvexttqifv19lcjtzxrhzgf0yv9wb2xpy3kionsib3blbmlkx3jlbhlpbmdfcgfydhkionsic2nvcguionsic3vic2v0x29mijpbimv1lmv1cm9wys5lyy5ldwrpdy5wawqumswgigv1lmv1cm9wys5lyy5ldwrpdy5wawquaxqumsjdfswicmvxdwvzdf9hdxrozw50awnhdglvbl9tzxrob2rzx3n1chbvcnrlzci6eyjvbmvfb2yiolsicmvxdwvzdf9vymply3qixx0sinjlcxvlc3rfyxv0agvudgljyxrpb25fc2lnbmluz19hbgdfdmfsdwvzx3n1chbvcnrlzci6eyjzdwjzzxrfb2yiolsiulmyntyilcjsuzuxmiisikvtmju2iiwirvm1mtiilcjquzi1niisilbtnteyil19fx0sinrydxn0x21hcmtzijpbeyjpzci6imh0dhbzoi8vdhj1c3qtyw5jag9ylmv4yw1wbguuzxuvb3blbmlkx3jlbhlpbmdfcgfydhkvchvibgljlyisinrydxn0x21hcmsioijleupoyibcdtiwmjyifv19": 14, "_qt5": 14, "t6dahp3tuwa_27kle8i9z_spk2ftqlky6pgmpchbsi2ahxy3aaxdurobpo4chtqgg3j2xcrghdfucfgeq": 14, "eyjhbgcioijfuzi1niisimtpzci6imvxa3pubwt0ww5kblzhmwxhmju1zdjkq2rvzersazqwuwt0wvlvmwfhrfzyt1robfphdfdxsgq1wncilcj0exaioijhchbsawnhdglvbi9lbnrpdhktc3rhdgvtzw50k2p3dcj9": 14, "eyjlehaioje2ndk2mjm1ndysimlhdci6mty0otq1mdc0niwiaxnzijoiahr0chm6ly90cnvzdc1hbmnob3iuzxhhbxbszs5ldsisinn1yii6imh0dhbzoi8vaw50zxjtzwrpyxrllmvpzgfzlmv4yw1wbguub3jniiwiandrcyi6eyjrzxlzijpbeyjrdhkioijfqyisimtpzci6ilnurkrxv2hky0dwwfgzqjnsvmraywtsq0xutnvna000wtngnlfutk9krxryzfhgwvlywjjjwgn0uveilcjjcnyioijqlti1niisingioijyql9bogdcunh5njhvtkxzrkzlr0zmr2vmwu5xymgtszh1os1gylqyzkzjiiwiesi6ilnuwvk2y3njznkxcjbisfhltgjuvfzsamfndzhozznrues2wfvoc2uzdkuifv19lcj0cnvzdf9tyxjrcyi6w3siawqioijodhrwczovl3rydxn0lwfuy2hvci5legftcgxllmv1l2zlzgvyyxrpb25fzw50axr5l3royxqtchjvzmlszsisinrydxn0x21hcmsioijleupoyibcdtiwmjyifv19": 14, "r3uoi": 14, "u0tx0gdflndditbcwznupy7m2tnh08jld": 14, "ej9vmzwmcxoccuwin0zt0js4m_shneig6tlxrqj": 14, "hti70g": 14, "At": 14, "attain": 14, "propag": 14, "thu": [14, 16], "build": 14, "inquir": 14, "amount": 14, "matter": 14, "especi": 14, "perimet": 14, "jurisdict": 14, "snapshot": 14, "overload": 14, "manipul": 15, "falsif": 15, "place": 15, "met": 15, "therebi": 15, "accur": 15, "repeat": 15, "pseudo": 15, "imposs": 15, "supplementari": 15, "lost": 15, "acquisit": 15, "defens": 15, "walletprovid": 15, "d2jhy2nhbg91cmvqdwfuzgft": 15, "exist": 15, "permit": 15, "achiev": 15, "reput": 15, "android": [15, 16], "io": [15, 16], "sdk": 15, "unalt": 15, "bootload": 15, "plai": [15, 16], "devicecheck": 15, "key_attest": 15, "base64": 15, "put": 15, "0fe3cbe0": 15, "646d": 15, "44b5": 15, "8808": 15, "917dd5391bd9": 15, "o2nmbxrvyxbwbgutyxbw": 15, "redact": 15, "hardware_key_tag": 15, "wqhydymfksp95ifqpzdedww4l7avna2fn4jcewhytbu": 15, "flaw": 15, "necessit": 15, "safeguard": 15, "undergo": 15, "inclus": 15, "reiniti": 15, "solicit": 15, "produc": 15, "predetermin": 15, "client_data": 15, "client_data_hash": 15, "4hnpti": 15, "xr2pjyrjkgmnz4wmdnqd_ujsq4r95nj98b44": 15, "liznsb39vfjhygs3k7jxe4r3": 15, "cogfqwztpbirqpnlrg": 15, "hardware_signatur": 15, "integrity_assert": 15, "custom": 15, "wallet_hardware_key_tag": 15, "public_jwk": 15, "war": 15, "6ec69324": 15, "60a8": 15, "4e5b": 15, "a697": 15, "a766d85790ea": 15, "walletattestationrequest": 15, "kozihvcnaqccoiawgaib": 15, "o2nmbxrvyxbwbgutyxbwyx": 15, "jwt_vc_json": 15, "alg_values_support": 15, "es256k": 15, "jwt_vp_json": 15, "7523": 15, "bearer": 15, "3agrant": 15, "3ajwt": 15, "eyjhbgcioijfuzi1niisimtpzci6imtoakzwte9nrjnheg": 15, "reconstruct": 15, "5t5yypbhn": [15, 16], "egieei5iuzr6r0mr02lnvq0omekmnkcji": [15, 16], "eyjhbgcioijfuz": 15, "6s0a": 15, "jjla": 15, "h9gw": 15, "1687281195": 15, "1687288395": 15, "eyjhbgcioijfuzi1niisinr5cci6indhbgx": 15, "var": 15, "8414": 15, "boolean": 15, "comprehens": 16, "cater": 16, "asset": 16, "effect": 16, "total": 16, "conveni": 16, "vital": 16, "guarante": 16, "utmost": 16, "distinct": 16, "unlock": 16, "pin": 16, "biometr": 16, "fingerprint": 16, "facial": 16, "recognit": 16, "unambigu": 16, "rel": 16, "revert": 16, "voluntarili": 16, "aal_values_support": 16, "context": 16, "medium": 16, "token_endpoint_auth_methods_suppor": 16, "ted": 16, "token_endpoint_auth_signing_alg_va": 16, "lues_support": 16, "experiment": 16, "qrjrj3af_b57sboirrcbm7br7woc8ynj7lhfpteffuk": 16, "1h0cwdyggvu8w": 16, "kpku_xycocunt2o0bwsliqtnpu6im": 16, "basic": 16, "private_key_jwt": 16, "1687171759": 16, "1709290159": 16, "inherit": 16, "extend": 16, "trusti": 16, "enclav": 16}, "objects": {}, "objtypes": {}, "objnames": {}, "titleterms": {"cryptograph": 0, "algorithm": 0, "backup": 1, "restor": 1, "rst": [1, 8], "gener": [1, 8, 14, 15], "properti": [1, 8, 14, 15], "requir": [1, 8, 11, 14, 15, 16], "attribut": [1, 8], "implement": [1, 4, 8], "consider": [1, 8, 14], "librari": [1, 8], "code": [1, 8], "snippet": [1, 8], "extern": [1, 8, 16], "refer": [1, 8, 13, 16], "how": 2, "contribut": 2, "acknowledg": 2, "norm": [3, 5], "languag": 3, "convent": 3, "defin": 3, "term": 3, "acronym": 3, "The": [4, 14], "italian": 4, "eudi": [4, 14], "wallet": [4, 11, 14, 15, 16], "profil": 4, "introduct": [4, 12], "index": 4, "content": 4, "pid": [5, 6], "q": [5, 6], "eaa": [5, 6], "data": 5, "model": [5, 14], "sd": 5, "jwt": 5, "paramet": [5, 6, 14], "claim": 5, "non": [5, 14], "exampl": 5, "mdoc": [5, 7, 9], "cbor": 5, "namespac": 5, "mobil": 5, "secur": [5, 9, 10], "object": [5, 9, 10], "issuanc": [6, 15], "high": 6, "level": 6, "flow": [6, 7, 9, 10, 11], "detail": [6, 9, 10], "push": 6, "author": [6, 9, 10], "request": [6, 7, 9, 10, 11, 15], "endpoint": [6, 9, 10, 14, 16], "par": 6, "http": [6, 9, 10, 11], "respons": [6, 7, 9, 10, 11], "token": 6, "access": 6, "credenti": [6, 11], "entiti": [6, 9, 10, 14], "configur": [6, 9, 10, 14], "issuer": 6, "proxim": [7, 9], "devic": [7, 9, 10], "engag": [7, 9], "session": [7, 9], "termin": [7, 9], "pseudonym": 8, "reli": [9, 10, 14], "parti": [9, 10, 14], "solut": [9, 16], "remot": [9, 10], "uri": [9, 10], "post": [9, 10], "cross": [9, 10], "statu": [9, 10, 11], "check": [9, 10], "error": [9, 10], "redirect": [9, 10], "lifecycl": [11, 16], "oper": [11, 16], "function": [11, 14], "revoc": 11, "us": 11, "case": 11, "instanc": [11, 15, 16], "attest": [11, 14, 15, 16], "present": 11, "verifi": 11, "proof": 11, "possess": 11, "self": 12, "sovereign": 12, "ident": 12, "ssi": 12, "technic": 13, "infrastructur": 14, "trust": 14, "feder": 14, "role": 14, "api": 14, "common": 14, "anchor": 14, "leav": 14, "intermedi": 14, "metadata": [14, 16], "type": 14, "statement": 14, "evalu": 14, "mechan": 14, "chain": 14, "offlin": 14, "repudi": 14, "long": 14, "live": 14, "privaci": 14, "remark": 14, "about": 14, "decentr": 14, "static": 15, "compon": 15, "view": 15, "dynam": 15, "initi": [15, 16], "registr": 15, "process": 16, "transit": 16, "valid": 16, "state": 16, "return": 16, "deactiv": 16, "provid": 16, "header": 16, "payload": 16, "wallet_provid": 16, "federation_ent": 16}, "envversion": {"sphinx.domains.c": 2, "sphinx.domains.changeset": 1, "sphinx.domains.citation": 1, "sphinx.domains.cpp": 6, "sphinx.domains.index": 1, "sphinx.domains.javascript": 2, "sphinx.domains.math": 2, "sphinx.domains.python": 3, "sphinx.domains.rst": 2, "sphinx.domains.std": 2, "sphinx.ext.intersphinx": 1, "sphinx.ext.todo": 2, "sphinx": 56}}) \ No newline at end of file diff --git a/refs/pull/233/merge/en/ssi-introduction.html b/refs/pull/233/merge/en/ssi-introduction.html index 1a6e72068..d24d92f15 100644 --- a/refs/pull/233/merge/en/ssi-introduction.html +++ b/refs/pull/233/merge/en/ssi-introduction.html @@ -644,7 +644,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -913,7 +913,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/standards.html b/refs/pull/233/merge/en/standards.html index 54133ee6a..8ebfc99d0 100644 --- a/refs/pull/233/merge/en/standards.html +++ b/refs/pull/233/merge/en/standards.html @@ -643,7 +643,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -912,7 +912,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/trust.html b/refs/pull/233/merge/en/trust.html index 7511a144d..903fa59b0 100644 --- a/refs/pull/233/merge/en/trust.html +++ b/refs/pull/233/merge/en/trust.html @@ -644,7 +644,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -913,7 +913,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View diff --git a/refs/pull/233/merge/en/wallet-attestation.html b/refs/pull/233/merge/en/wallet-attestation.html index e40cfeb02..65fa94569 100644 --- a/refs/pull/233/merge/en/wallet-attestation.html +++ b/refs/pull/233/merge/en/wallet-attestation.html @@ -644,7 +644,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -913,7 +913,7 @@

    {{ item.title }}

  • Static Component View
  • Dynamic Component View @@ -1089,9 +1089,9 @@

    Requirements @@ -1120,7 +1120,7 @@

    Wallet Instance initialization and registrationNote

    Federation Check: The Wallet Instance needs to check if the Wallet Provider is part of the Federation, obtaining its protocol specific Metadata. A non-normative example of a response from the endpoint .well-known/openid-federation with the Entity Configuration and the Metadata of the Wallet Provider is represented within the section Wallet Provider metadata.

    -

    Steps 3-5:: The Wallet Instance request and receive a one time challenge from the Wallet Provider Backend. The challenge is a nonce, which MUST be unpredictable and it is the primary countermeasure against replay attack. The value of the nonce returned by the backend must be generated in such a way as to guarantee that it can only be used once and in a pre-established time interval.

    +

    Steps 3-5:: The Wallet Instance sends a request to the Wallet Provider Backend and receives a one-time challenge. This "challenge" is a nonce, which must be unpredictable to serve as the main defense against replay attacks. The backend must generate the nonce value in a manner that ensures it is single-use and valid only within a specific time frame.

    GET /nonce HTTP/1.1
 Host: walletprovider.example.com
    @@ -1133,33 +1133,32 @@

    Wallet Instance initialization and registration}

    -

    Step 6: The Wallet Instance generates the Wallet Hardware Keys pair via the operating system and store the relative Wallet Hardware Key Tag in a local storage:

    +

    Step 6: The Wallet Instance, through the operating system, creates a pair of Wallet Hardware Keys and stores the corresponding Wallet Hardware Key Tag in local storage once the following requirements are met:

    1. It MUST ensure that Wallet Hardware Keys do not already exist, if they exist and the Wallet is in the initialization phase they must be deleted.

    2. It MUST generate a pair of asymmetric EC keys (Wallet Hardware Keys) via a local WSCD.

      3. -

    3. It SHOULD obtain a unique identifier (Wallet Hardware Key Tag) of the generated Wallet Hardware Keys from the operating system. If the operating system allows you to define a tag when creating keys, then a random string for Wallet Hardware Key Tag must be chosen.

      4. -

    4. It MUST store the relative Wallet Hardware Key Tag in a local storage.

      5. +

    5. It SHOULD obtain a unique identifier (Wallet Hardware Key Tag) for the generated Wallet Hardware Keys from the operating system. If the operating system permits specifying a tag during the creation of keys, then a random string for the Wallet Hardware Key Tag must be selected. This random value MUST be collision-resistant and unpredictable to ensure security. To achieve this, consider using a cryptographic hash function or a secure random number generator provided by the operating system or a reputable cryptographic library.

      6. +

    6. If the previous points are satisfied, It MUST store the Wallet Hardware Key Tag in a local storage.

    Note

    WSCD: For key generation, the Wallet Instance will always rely on a local WSCD on devices that support it. For Android, Strongbox will be used or, if it is not available, a Trusted Execution Environment (TEE) while for iOS Secure Elements (SE). Since each OEM develops a different SDK for accessing the local WSCD, it will be treated in a generic manner below.

    -

    Step 7: The Wallet Instance: invokes the operating system attestation service (Device Integrity Service) passing challenge and Wallet Hardware Key Tag in order to obtain a Key Attestation.

    +

    Step 7: The Wallet Instance uses the Device Integrity Service, providing a "challenge" and the Wallet Hardware Key Tag to acquire the Key Attestation.

    Note

    -

    Device Integrity Service: Below we will treat a Device Integrity Service as an abstract entity made available by device OEMs which allows us to certify via a signed payload (attestation) that a particular key is hardware backed in a safe and protected environment of the device. Furthermore, the service will also allow you to demonstrate via a signed payload (assertion) that that particular app instance (Wallet Instance) is intact and genuine and has not been tampered with. Furthermore, both within the attestation and the assertion, the service includes essential information to recover the type of device, the model, the app version, the operating system version, the bootloader status and other information that allows you to understand whether the device has been tampered with or not. For Android the service used is Key Attestation in addition to Play Integrity API, while for iOS the DeviceCheck service.

    +

    Device Integrity Service: In this section the Device Integrity Service is considered as it is provided by device manufacturers. This service allows the verification of a key being securely stored within the device's hardware through a signed document (attestation). Additionally, it offers the verifiable proof that a specific app instance (Wallet Instance) is authentic, unaltered, and in its original state using a specialized signed document (assertion) made for this scope.

    +

    The service also incorporates details in both the attestation and the assertion, such as the device type, model, app version, operating system version, bootloader status, and other relevant information to assess the device has not been compromised. For Android the service used is Key Attestation in addition to Play Integrity API, while for iOS the DeviceCheck service.

    -

    Step 8: The Device Integrity Service:

    -
    -
      -

    • generate a Key Attestation holder binded with challenge and Wallet Hardware public key.

      • -

    • adds relevant information on the security of the device.

      • -

    • sign the Key Attestation with an OEM certificate which in addition to certifying the integrity of the Wallet Instance also certifies that the Wallet Hardware Keys is secure stored by the OS (hardware backed).

      • +

      Step 8: The Device Integrity Service performs the following actions:

      +
        +

      • Creates a Key Attestation that is linked with the provided "challenge" and the public key of the Wallet Hardware.

        • +

      • Incorporates information pertaining to the device's security.

        • +

      • Uses an OEM certificate to sign the Key Attestation, thereby not only verifying the integrity of the Wallet Instance but also confirming that the Wallet Hardware Keys are securely managed by the operating system (hardware-backed).

      -
    -

    Step 9: The Wallet Instance send the challenge with Key Attestation and Wallet Hardware Key Tag to the Wallet Provider Backend in order to register the Wallet Instance identified by the Wallet Hardware Key public key.

    +

    Step 9: The Wallet Instance sends the challenge with Key Attestation and Wallet Hardware Key Tag to the Wallet Provider Backend in order to register the Wallet Instance identified by the Wallet Hardware Key public key.

    Note

    The Key Attestation (key_attestation) must always be encoded in base64 as the format is different between the various operating systems.

    @@ -1186,7 +1185,7 @@

    Wallet Instance initialization and registrationkey_attestation as defined by the device manufacturers' guidelines.

  • It MUST verify that the device in use has no security flaws and reflects the minimum security requirements defined by the Wallet Provider.

  • If these checks are passed, it MUST register the Wallet Instance, keeping the Wallet Hardware Key Tag and all useful information related to the device.

    • -

  • It SHULD associate the Wallet Instance with a specific user uniquely identified within the Wallet Provider's systems. This will be useful for the lifecycle of the Wallet Instance and for a future revocation.

    • +

  • It SHOULD associate the Wallet Instance with a specific user uniquely identified within the Wallet Provider's systems. This will be useful for the lifecycle of the Wallet Instance and for a future revocation.

    • HTTP/1.1 201 Created
@@ -1203,25 +1202,25 @@ 
    Wallet Instance initialization and registration
 
    Note
    
-
    Threat Model: Although the registration endpoint does not require any authentication, it is protected by the presence of the key_attestation which, if validated correctly, only allows the registration of valid and intact instances of the app. Any other claims sent will not be validated and therefore the endpoint will return an error. The presence of a challenge also avoids reply attacks. Finally, the integrity of the challenge and the hardware_key_tag is guaranteed by the signature present within the key_attestation.
    
+
    Threat Model: While the registration endpoint does not necessitate any client authentication, it is safeguarded through the use of key_attestation. Proper validation of this attestation permits only the registration of authentic and unaltered app instances. Any other claims submitted will not undergo validation, leading the endpoint to respond with an error. Additionally, the inclusion of a challenge helps prevent replay attacks. The authenticity of both the challenge and the hardware_key_tag is ensured by the signature found within the key_attestation.
    -
    -

    Wallet Attestation acquisition

    +
    +

    Wallet Attestation Issuance

    This section describes the Wallet Attestation format and how the Wallet Provider issues it.

    The figure illustrates the sequence diagram for issuing a Wallet Attestation, with the steps explained below.
    -

    Step 1:: The user requests a new operation which requires obtaining a Wallet Attestation.

    +

    Step 1:: The user initiates a new operation that necessitates the acquisition of a Wallet Attestation.

    Steps 2-3:: The Wallet Instance check if a Wallet Hardware Key exist and generates an ephemeral asymmetric key pair.

      -

    1. It MUST ensure that Wallet Hardware Keys exist. If they do not exist, it is necessary to reinitialize the wallet.

      2. +

    2. It MUST ensure that Wallet Hardware Keys exist. If they do not exist, it is necessary to reinitialize the Wallet.

    3. It MUST generates an ephemeral asymmetric key pair whose public key will be linked with the Wallet Attestation.

    4. it MUST check if Wallet Provider is part of the federation and obtain its metadata.

    -

    Steps 4-6:: The Wallet Instance request and receive a one time challenge from the Wallet Provider Backend. The challenge is a nonce, which MUST be unpredictable and it is the primary countermeasure against replay attack. The value of the nonce returned by the backend must be generated in such a way as to guarantee that it can only be used once and in a pre-established time interval.

    +

    Steps 4-6:: The Wallet Instance solicits a one-time "challenge" from the Wallet Provider Backend. This "challenge" takes the form of a "nonce," which is required to be unpredictable and serves as the main defense against replay attacks. The backend must produce the "nonce" in a manner that ensures its single-use within a predetermined time frame.

    GET /nonce HTTP/1.1
 Host: walletprovider.example.com
    @@ -1234,11 +1233,11 @@

    Wallet Attestation acquisition}

    -

    Step 7: The Wallet Instance:

    +

    Step 7: The Wallet Instance performs the following actions:

      -

    • generate a client_data which is a JSON containing challenge and ephemeral public jwk.

      • -

    • generate a client_data_hash as SHA256 of client_data.

      • +

    • Creates a client_data, a JSON structure that includes the challenge and the ephemeral public jwk.

      • +

    • Computes a client_data_hash by applying the SHA256 algorithm to the client_data.

    Below a non-normative example of the client_data.

    @@ -1254,12 +1253,12 @@

    Wallet Attestation acquisition} -

    Steps 8-10: The Wallet Instance:

    +

    Steps 8-10: The Wallet Instance takes the following steps:

      -

    • generate an hardware_signature signing client_data_hash with Wallet Hardware private key. It will be used as a PoP of the Wallet Hardware Keys.

      • -

    • ask to Device Integrity Service to generate an integrity_assertion bounded with client_data_hash.

      • -

    • obtain from Device Integrity Service an integrity_assertion signed by OEM.

      • +

    • Produces an hardware_signature by signing the client_data_hash with the Wallet Hardware's private key, serving as a Proof of Possession (PoP) for the Wallet Hardware Keys.

      • +

    • Requests the Device Integrity Service to create an integrity_assertion linked to the client_data_hash.

      • +

    • Receives a signed integrity_assertion from the Device Integrity Service, authenticated by the OEM.

    @@ -1277,7 +1276,7 @@

    Wallet Attestation acquisition
    {
   "alg": "ES256",
   "kid": "vbeXJksM45xphtANnCiG6mCyuU4jfGNzopGuKvogg9c",
-  "typ": "var+jwt"
+  "typ": "war+jwt"
 }
 .
 {
@@ -1326,7 +1325,7 @@ 
    Wallet Attestation acquisition
 
  • It MUST check the Wallet Attestation Request contains all the defined parameters according to Table of the Wallet Attestation Request parameters.
    • 
diff --git a/refs/pull/233/merge/en/wallet-solution.html b/refs/pull/233/merge/en/wallet-solution.html
index 93f53d9ef..0bca40b79 100644
--- a/refs/pull/233/merge/en/wallet-solution.html
+++ b/refs/pull/233/merge/en/wallet-solution.html
@@ -644,7 +644,7 @@ 
    {{ item.title }}
    
 
  • Static Component View
    • 
 
  • Dynamic Component View
@@ -913,7 +913,7 @@ 
    {{ item.title }}
    
 
  • Static Component View
    • 
 
  • Dynamic Component View
diff --git a/refs/pull/233/merge/it/.doctrees/environment.pickle b/refs/pull/233/merge/it/.doctrees/environment.pickle
index 5ba1e4b7b..53899e0d2 100644
Binary files a/refs/pull/233/merge/it/.doctrees/environment.pickle and b/refs/pull/233/merge/it/.doctrees/environment.pickle differ