eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework

ATAG ARF Feedback: 2.1 Identification and access to online services - fundamental missing feature

heatherdahl opened this issue · 0 comments

Description

Name: Heather Dahl, Sam Curren, Indicio

ARF Chapter: 2.1 Identification and access to online service
"In this specific use case, a User employs the EUDI Wallet to authenticate with their identity accessing online services by using high-security authentication. This process involves the use of multiple identity verification methods. The User is particularly mindful of the privacy and security concerns associated with sharing person identification data (PID) online. Their primary goals include reliably identifying themselves to services that demand user identification while maintaining control over the sharing of their personal data."

Recommendation: This section makes clear that “identifying and authenticating themselves for an online service” is the goal of this use case. We find the exclusion of DIDs as identifiers to be a fundamental missing feature, as it relies on either keys (used in the credential) or personal attributes for identification. Solve this gap by including DiDs as identifiers in the ARF.