add sec considerations

openid · Feb 2, 2025 · 52f5c7c · 52f5c7c
1 parent 38cd86b
commit 52f5c7c
Show file tree

Hide file tree

Showing 3 changed files with 47 additions and 32 deletions.
diff --git a/dcp/openid4vc-high-assurance-interoperability-profile-1_0-03.html b/dcp/openid4vc-high-assurance-interoperability-profile-1_0-03.html
@@ -1344,25 +1344,28 @@ <h2 id="abstract"><a href="#abstract" class="selfRef">Abstract</a></h2>
             </ul>
 </li>
           <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.11">
-            <p id="section-toc.1-1.11.1"><a href="#section-11" class="auto internal xref">11</a>. <a href="#name-normative-references" class="internal xref">Normative References</a></p>
+            <p id="section-toc.1-1.11.1"><a href="#section-11" class="auto internal xref">11</a>. <a href="#name-security-considerations" class="internal xref">Security Considerations</a></p>
 </li>
           <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.12">
-            <p id="section-toc.1-1.12.1"><a href="#section-12" class="auto internal xref">12</a>. <a href="#name-informative-references" class="internal xref">Informative References</a></p>
+            <p id="section-toc.1-1.12.1"><a href="#section-12" class="auto internal xref">12</a>. <a href="#name-normative-references" class="internal xref">Normative References</a></p>
 </li>
           <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.13">
-            <p id="section-toc.1-1.13.1"><a href="#appendix-A" class="auto internal xref">Appendix A</a>.  <a href="#name-combined-issuance-of-sd-jwt" class="internal xref">Combined Issuance of SD-JWT VC and mdocs</a></p>
+            <p id="section-toc.1-1.13.1"><a href="#section-13" class="auto internal xref">13</a>. <a href="#name-informative-references" class="internal xref">Informative References</a></p>
 </li>
           <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.14">
-            <p id="section-toc.1-1.14.1"><a href="#appendix-B" class="auto internal xref">Appendix B</a>.  <a href="#name-acknowledgements" class="internal xref">Acknowledgements</a></p>
+            <p id="section-toc.1-1.14.1"><a href="#appendix-A" class="auto internal xref">Appendix A</a>.  <a href="#name-combined-issuance-of-sd-jwt" class="internal xref">Combined Issuance of SD-JWT VC and mdocs</a></p>
 </li>
           <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.15">
-            <p id="section-toc.1-1.15.1"><a href="#appendix-C" class="auto internal xref">Appendix C</a>.  <a href="#name-notices" class="internal xref">Notices</a></p>
+            <p id="section-toc.1-1.15.1"><a href="#appendix-B" class="auto internal xref">Appendix B</a>.  <a href="#name-acknowledgements" class="internal xref">Acknowledgements</a></p>
 </li>
           <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.16">
-            <p id="section-toc.1-1.16.1"><a href="#appendix-D" class="auto internal xref">Appendix D</a>.  <a href="#name-document-history" class="internal xref">Document History</a></p>
+            <p id="section-toc.1-1.16.1"><a href="#appendix-C" class="auto internal xref">Appendix C</a>.  <a href="#name-notices" class="internal xref">Notices</a></p>
 </li>
           <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.17">
-            <p id="section-toc.1-1.17.1"><a href="#appendix-E" class="auto internal xref"></a><a href="#name-authors-addresses" class="internal xref">Authors' Addresses</a></p>
+            <p id="section-toc.1-1.17.1"><a href="#appendix-D" class="auto internal xref">Appendix D</a>.  <a href="#name-document-history" class="internal xref">Document History</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.18">
+            <p id="section-toc.1-1.18.1"><a href="#appendix-E" class="auto internal xref"></a><a href="#name-authors-addresses" class="internal xref">Authors' Addresses</a></p>
 </li>
         </ul>
 </nav>
@@ -1856,9 +1859,17 @@ <h3 id="name-validity-period-of-the-sign">
 </div>
 </section>
 </div>
+<div id="security_considerations">
 <section id="section-11">
+      <h2 id="name-security-considerations">
+<a href="#section-11" class="section-number selfRef">11. </a><a href="#name-security-considerations" class="section-name selfRef">Security Considerations</a>
+      </h2>
+<p id="section-11-1">The security considerations in <span>[<a href="#OIDF.OID4VCI" class="cite xref">OIDF.OID4VCI</a>]</span> and <span>[<a href="#OIDF.OID4VP" class="cite xref">OIDF.OID4VP</a>]</span> apply.<a href="#section-11-1" class="pilcrow">¶</a></p>
+</section>
+</div>
+<section id="section-12">
       <h2 id="name-normative-references">
-<a href="#section-11" class="section-number selfRef">11. </a><a href="#name-normative-references" class="section-name selfRef">Normative References</a>
+<a href="#section-12" class="section-number selfRef">12. </a><a href="#name-normative-references" class="section-name selfRef">Normative References</a>
       </h2>
 <dl class="references">
 <dt id="I-D.ietf-oauth-sd-jwt-vc">[I-D.ietf-oauth-sd-jwt-vc]</dt>
@@ -1881,10 +1892,6 @@ <h2 id="name-normative-references">
       <dd>
 <span class="refAuthor">Lodderstedt, T.</span>, <span class="refAuthor">Yasuda, K.</span>, and <span class="refAuthor">T. Looker</span>, <span class="refTitle">"OpenID for Verifiable Credential Issuance"</span>, <time datetime="2022-06-20" class="refDate">20 June 2022</time>, <span>&lt;<a href="https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html">https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html</a>&gt;</span>. </dd>
 <dd class="break"></dd>
-<dt id="OIDF.OID4VP">[OIDF.OID4VP]</dt>
-      <dd>
-<span class="refAuthor">Terbu, O.</span>, <span class="refAuthor">Lodderstedt, T.</span>, <span class="refAuthor">Yasuda, K.</span>, and <span class="refAuthor">T. Looker</span>, <span class="refTitle">"OpenID for Verifiable Presentations - draft 24"</span>, <time datetime="2025-01-27" class="refDate">27 January 2025</time>, <span>&lt;<a href="https://openid.net/specs/openid-4-verifiable-presentations-1_0-24.html">https://openid.net/specs/openid-4-verifiable-presentations-1_0-24.html</a>&gt;</span>. </dd>
-<dd class="break"></dd>
 <dt id="OIDF.SIOPv2">[OIDF.SIOPv2]</dt>
       <dd>
 <span class="refAuthor">Microsoft</span>, <span class="refAuthor">Jones, M. B.</span>, and <span class="refAuthor">T. Lodderstedt</span>, <span class="refTitle">"Self-Issued OpenID Provider V2"</span>, <time datetime="2021-12-18" class="refDate">18 December 2021</time>, <span>&lt;<a href="https://openid.net/specs/openid-connect-self-issued-v2-1_0.html">https://openid.net/specs/openid-connect-self-issued-v2-1_0.html</a>&gt;</span>. </dd>
@@ -1935,15 +1942,19 @@ <h2 id="name-normative-references">
 <dd class="break"></dd>
 </dl>
 </section>
-<section id="section-12">
+<section id="section-13">
       <h2 id="name-informative-references">
-<a href="#section-12" class="section-number selfRef">12. </a><a href="#name-informative-references" class="section-name selfRef">Informative References</a>
+<a href="#section-13" class="section-number selfRef">13. </a><a href="#name-informative-references" class="section-name selfRef">Informative References</a>
       </h2>
 <dl class="references">
 <dt id="ISO.18013-7">[ISO.18013-7]</dt>
       <dd>
 <span class="refAuthor">ISO/IEC JTC 1/SC 17 Cards and security devices for personal identification</span>, <span class="refTitle">"ISO/IEC DTS 18013-7 Personal identification — ISO-compliant driving license — Part 7: Mobile driving license (mDL) add-on functions"</span>, <time datetime="2024" class="refDate">2024</time>, <span>&lt;<a href="https://www.iso.org/standard/82772.html">https://www.iso.org/standard/82772.html</a>&gt;</span>. </dd>
 <dd class="break"></dd>
+<dt id="OIDF.OID4VP">[OIDF.OID4VP]</dt>
+      <dd>
+<span class="refAuthor">Terbu, O.</span>, <span class="refAuthor">Lodderstedt, T.</span>, <span class="refAuthor">Yasuda, K.</span>, and <span class="refAuthor">T. Looker</span>, <span class="refTitle">"OpenID for Verifiable Presentations - draft 24"</span>, <time datetime="2025-01-27" class="refDate">27 January 2025</time>, <span>&lt;<a href="https://openid.net/specs/openid-4-verifiable-presentations-1_0-24.html">https://openid.net/specs/openid-4-verifiable-presentations-1_0-24.html</a>&gt;</span>. </dd>
+<dd class="break"></dd>
 <dt id="w3c.digital_credentials_api">[w3c.digital_credentials_api]</dt>
     <dd>
 <span class="refAuthor">Caceres, M.</span>, <span class="refAuthor">Goto, S.</span>, and <span class="refAuthor">T. Cappalli</span>, <span class="refTitle">"Digital Credentials API"</span>, <span>&lt;<a href="https://wicg.github.io/digital-credentials/">https://wicg.github.io/digital-credentials/</a>&gt;</span>. </dd>

diff --git a/dcp/openid4vc-high-assurance-interoperability-profile-1_0-03.xml b/dcp/openid4vc-high-assurance-interoperability-profile-1_0-03.xml
@@ -345,6 +345,10 @@ The JWE <tt>enc</tt> (encryption algorithm) header parameter (see <xref target="
 </section>
 </section>
 
+<section anchor="security_considerations"><name>Security Considerations</name>
+<t>The security considerations in <xref target="OIDF.OID4VCI"></xref> and <xref target="OIDF.OID4VP"></xref> apply.</t>
+</section>
+
 </middle>
 
 <back>
@@ -376,24 +380,6 @@ The JWE <tt>enc</tt> (encryption algorithm) header parameter (see <xref target="
     <date year="2022" month="June" day="20"></date>
   </front>
 </reference>
-<reference anchor="OIDF.OID4VP" target="https://openid.net/specs/openid-4-verifiable-presentations-1_0-24.html">
-  <front>
-    <title>OpenID for Verifiable Presentations - draft 24</title>
-    <author fullname="Oliver Terbu" initials="O." surname="Terbu">
-      <organization>Mattr</organization>
-    </author>
-    <author fullname="Torsten Lodderstedt" initials="T." surname="Lodderstedt">
-      <organization>SPRIND</organization>
-    </author>
-    <author fullname="Kristina Yasuda" initials="K." surname="Yasuda">
-      <organization>SPRIND</organization>
-    </author>
-    <author fullname="Tobias Looker" initials="T." surname="Looker">
-      <organization>Mattr</organization>
-    </author>
-    <date year="2025" month="January" day="27"></date>
-  </front>
-</reference>
 <reference anchor="OIDF.SIOPv2" target="https://openid.net/specs/openid-connect-self-issued-v2-1_0.html">
   <front>
     <title>Self-Issued OpenID Provider V2</title>
@@ -454,6 +440,24 @@ The JWE <tt>enc</tt> (encryption algorithm) header parameter (see <xref target="
     <date year="2024"></date>
   </front>
 </reference>
+<reference anchor="OIDF.OID4VP" target="https://openid.net/specs/openid-4-verifiable-presentations-1_0-24.html">
+  <front>
+    <title>OpenID for Verifiable Presentations - draft 24</title>
+    <author fullname="Oliver Terbu" initials="O." surname="Terbu">
+      <organization>Mattr</organization>
+    </author>
+    <author fullname="Torsten Lodderstedt" initials="T." surname="Lodderstedt">
+      <organization>SPRIND</organization>
+    </author>
+    <author fullname="Kristina Yasuda" initials="K." surname="Yasuda">
+      <organization>SPRIND</organization>
+    </author>
+    <author fullname="Tobias Looker" initials="T." surname="Looker">
+      <organization>Mattr</organization>
+    </author>
+    <date year="2025" month="January" day="27"></date>
+  </front>
+</reference>
 <reference anchor="w3c.digital_credentials_api" target="https://wicg.github.io/digital-credentials/">
   <front>
     <title>Digital Credentials API</title>

diff --git a/dcp/openid4vc-high-assurance-interoperability-profile-1_0-03.zip b/dcp/openid4vc-high-assurance-interoperability-profile-1_0-03.zip