Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft for wallet attestation #408

Open
wants to merge 20 commits into
base: main
Choose a base branch
from
Open

Draft for wallet attestation #408

Changes from 16 commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
3fb4666
initial draft for wallet attestation
paulbastian Oct 28, 2024
526a16c
Update openid-4-verifiable-credential-issuance-1_0.md
paulbastian Oct 28, 2024
194b16e
examples for wallet attestation
paulbastian Nov 6, 2024
7820bca
Update openid-4-verifiable-credential-issuance-1_0.md
paulbastian Nov 12, 2024
acccaef
add history
paulbastian Nov 12, 2024
94676a9
Merge branch 'main' into wallet-attestations
paulbastian Nov 12, 2024
a3c93d2
Update openid-4-verifiable-credential-issuance-1_0.md
paulbastian Nov 13, 2024
63daa67
Apply suggestions from Giuseppe
paulbastian Nov 14, 2024
85cbd14
some minor changes on Torsten's review
paulbastian Dec 3, 2024
3acc0e8
Update openid-4-verifiable-credential-issuance-1_0.md
paulbastian Dec 3, 2024
fc78c4a
Apply suggestions from code review
paulbastian Dec 5, 2024
693197f
Update openid-4-verifiable-credential-issuance-1_0.md
paulbastian Dec 6, 2024
699b7b6
Apply suggestions from code review
paulbastian Dec 6, 2024
d3858e0
Apply suggestions from code review
paulbastian Dec 6, 2024
e1391a9
Apply suggestions from code review
paulbastian Dec 6, 2024
e149a8c
Update openid-4-verifiable-credential-issuance-1_0.md
paulbastian Dec 6, 2024
e96f24b
Update openid-4-verifiable-credential-issuance-1_0.md
paulbastian Dec 6, 2024
c33c267
Update openid-4-verifiable-credential-issuance-1_0.md
paulbastian Dec 6, 2024
9b1eb85
Update openid-4-verifiable-credential-issuance-1_0.md
paulbastian Dec 6, 2024
e7f7105
Apply suggestions from code review
paulbastian Dec 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 49 additions & 8 deletions openid-4-verifiable-credential-issuance-1_0.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1413,15 +1413,9 @@ The following mechanisms in concert can be utilized to fulfill those objectives:

**Key attestation** is a mechanism where the device or security element in a device asserts the key management policy to the application creating and using this key. The Android Operating System, for example, provides apps with a certificate including a certificate chain asserting that a particular key is managed, for example, by a hardware security module. The Wallet can provide this data along with the proof of possession in the Credential Request (see (#credential-request) for an example) to allow the Credential Issuer to validate the key management policy. This requires the Credential Issuer to rely on the trust anchor of the certificate chain and the respective key management policy. Another variant of this concept is the use of a Qualified Electronic Signature as defined by the eIDAS regulation [@eIDAS]. This signature will not reveal the properties of the associated private key to the Credential Issuer. However, as one example, due to the regulatory regime of eIDAS, the Credential Issuer can deduce that the signing service manages the private keys according to this regime and fulfills very high security requirements. As another example, FIDO2 allows RPs to obtain an attestation along with the public key from a FIDO authenticator. That implicitly asserts the key management policy, since the assertion is bound to a certain authenticator model and its key management capabilities.

**App Attestation**: Key attestation, however, does not establish trust in the application storing the Credential and producing presentation of that Credential. App attestation, as provided by mobile operating systems, e.g., iOS's DeviceCheck or Android's SafetyNet, allows a server system to ensure it is communicating to a legitimate instance of its genuine app. Those mechanisms can be utilized to validate the internal integrity of the Wallet (as a whole).
**Client Authentication** allows a Wallet to authenticate with the Authorization Server of the Credential Issuer. Authorization Server may want to authenticate Wallets to determine whether they communicate to a Wallet that meets its security, compliance or governance requirements, based on the trust framework in use, regulatory requirements, laws, or internal design decisions. Any token endpoint authentication method as registered in the [OAuth Token Endpoint Authentication Methods IANA Registry](https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#token-endpoint-auth-method) may be used with the Pushed Authorization or Token Request. An Authorization Server SHOULD communicate its client authentication requirement through its `token_endpoint_auth_method` metadata parameter.
paulbastian marked this conversation as resolved.
Show resolved Hide resolved

**Device Attestation**: Device Attestation attests to the health of the device on which the Wallet is running, as a whole. It helps prevent compromises such as a malicious third-party application tampering with a Wallet that manages keys and Credentials, which cannot be captured only by obtaining app attestation of a Wallet.

**Client Authentication** allows a Wallet to authenticate with a Credential Issuer. To securely authenticate, the Wallet needs to utilize a backend component managing the key material and processing the secure communication with the Credential Issuer. The Credential Issuer MAY establish trust with the Wallet based on its own auditing or a trusted third-party attestation of the conformance of the Wallet to a certain policy.

Directly using key, app, and/or device attestations to prove certain capabilities to a Credential Issuer is an obvious option. However, this at least requires platform mechanisms that issue signed assertions that third parties can evaluate, which is not always the case (e.g., iOS's DeviceCheck). Also, such an approach creates dependencies on platform specific mechanisms, trust anchors, and platform specific identifiers (e.g., Android `apkPackageName`) and it reveals information about the internal design of a Wallet. Implementers should take these consequences into account.

The approach recommended by this specification is that the Credential Issuer relies on the OAuth 2.0 Client Authentication to establish trust in the Wallet and leaves it to the Wallet to ensure its internal integrity using app and key attestation (if required). This establishes a clean separation between the different components and a uniform interface irrespective of the Wallet's architecture (e.g., native vs. Web Wallet). Client Authentication can be performed with assertions registered with the Credential Issuer or with assertions issued to the Wallet by a third party the Credential Issuer trusts for the purpose of Client Authentication.
**Wallet attestation** is a client authentication mechanism where the Wallet Provider asserts the client's authenticity and genuinity utlizing the mechanisms of Attestation-Based Client Authentication as defined in [@!I-D.ietf-oauth-attestation-based-client-auth], for details see (reference)
paulbastian marked this conversation as resolved.
Show resolved Hide resolved

## Credential Offer {#credential-offer-security}

Expand Down Expand Up @@ -2257,6 +2251,52 @@ The following is a non-normative example of a Credential Response containing a C

<{{examples/credential_response_sd_jwt_vc.txt}}

# Wallet Attestations in JWT format {#walletattestation}

The Wallet Attestation defined in this section is a client authentication method especially designed for native App Wallets. Instead of using platform-specific key, app, and/or device attestations directly, it uses a key-bound, platform agnostic common format based on JWTs. This allows Authorization Servers to authenticate Wallets across different platforms in a unified fashion and exposes only a minimum dataset. Also, it allows the Wallet app to directly interact with the Credential Issuer without involving the Wallet Provider's backend. The Wallet Attestation MUST be signed by an issuer that the Authorization Server of the Credential Issuer trusts for this purpose.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

technically the wallet attestation is a signed attestation that can be used in the client authentication mechanisms, as outlined in my previous comment.

if agreed, I can therefore purpose a rewording also here


In a typical architecture of a native Wallet App, the Wallet Provider's backend will use attestations provided by the mobile operating system, like iOS's DeviceCheck or Android's Play Integrity, to validate the app's integrity and authenticity before issuing the Wallet Attestation.

paulbastian marked this conversation as resolved.
Show resolved Hide resolved
There are two requests where Wallets may need to authenticate during Credential issuance:
- The Wallet sends it in the Pushed Authorization Request
- The Wallet sends it in the Token Request

The Wallet Attestation format follows Section 5.1 "Client Attestation JWT" of [@!I-D.ietf-oauth-attestation-based-client-auth]. The Wallet Attestation additionally includes the following JWT Claims:

* `wallet_name`: OPTIONAL. String containing a human-readable name of the Wallet.
* `wallet_link`: OPTIONAL. String containing a URL to get further information about the Wallet and the Wallet Provider.
* `status`: OPTIONAL. Status mechanism for the Wallet Attestation as defined in [@!I-D.ietf-oauth-token-status-list]

paulbastian marked this conversation as resolved.
Show resolved Hide resolved
The following is a non-normative example of a Wallet Attestation:

```
{
"typ": "oauth-client-attestation+jwt"
"alg": "ES256",
"kid": "11"
}
.
{
"iss": "https://client.example.com",
"sub": "https://client.example.com",
"wallet_name": "Wallet Solution X by Wonderland State Department",
"wallet_link": "https://example.com/wallet/detail_info.html",
"nbf":1300815780,
"exp":1300819380,
paulbastian marked this conversation as resolved.
Show resolved Hide resolved
"cnf": {
"jwk": {
"kty": "EC",
"use": "sig",
"crv": "P-256",
"x": "18wHLeIgW9wVN6VD1Txgpqy2LszYkMf6J8njVAibvhM",
"y": "-V4dS4UaLMgP_4fY4j8ir7cl1TXlFdAgcx55o7TkcSA"
}
}
}
```

To use the Wallet Attestation towards the Authorization Server, the Wallet MUST generate a proof of possession according to Section 5.2 "Client Attestation PoP JWT" of Attestation-Based Client Authentication.

paulbastian marked this conversation as resolved.
Show resolved Hide resolved
# IANA Considerations

## OAuth URI Registry
Expand Down Expand Up @@ -2455,6 +2495,7 @@ The technology described in this specification was made available from contribut

-15

* add section on Wallet Attestations
* remove `claims` parameter from ISO mdoc and SD-JWT VC Credential Request
* credential response always returns an array when not returning a transaction_id with the option for additional meta-data
* deferred credential response always returns an array (same as credential response)
Expand Down