You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Within Credential Lifecycle revocation is considered "absolute", for example is described as follows: "A Credential that has been revoked, due to legal requirements, inaccuracy or compromise, is valueless and potentially harmful." Link
Credential revocation is not always 'absolute', i.e. a credential can be revoked today (e.g. driving license revoked temporarily by police) but its validity up to the revocation is still correct and any further use should be still allowed provided that the connected status attestation claims that the credential is not valid in a specific timeframe From-To (e.g. 3-months revocation of driving license).
A covid certificate that has been temporarily revoked can be used anytime to demonstrate for example that before revocation holder was entitled to perform some public activity.
Revocation therefore must include a Timeframe (From-To), a tipology, and should not invalidate further use of the credential as it may be used to attest activity outside revocation interval.
The text was updated successfully, but these errors were encountered:
we don't want to take into account credential suspections at this stage, a revoked credential is revoked, while if possibile a new one of the same type can be requested and issued, if the requester is eligible in requesting and obtaining it
Suspension is only one of the 2 problematic elements that were described in this issue.
The major one is related to the fact that the Credential in some cases must be considered valid (thus is still accurate, useful and valid) for the period before the revocation: a driving license, revoked due expiration or other reasons, is still Valid for the period before the revocation. The inability for user and wallet to present the Credential would limit its rightful & lawful use that depends only from the related Relying Party process and means of use
SaraConsoliACN
added a commit
to SaraConsoliACN/eudi-wallet-it-docs
that referenced
this issue
Jun 3, 2024
Within Credential Lifecycle revocation is considered "absolute", for example is described as follows: "A Credential that has been revoked, due to legal requirements, inaccuracy or compromise, is valueless and potentially harmful." Link
Credential revocation is not always 'absolute', i.e. a credential can be revoked today (e.g. driving license revoked temporarily by police) but its validity up to the revocation is still correct and any further use should be still allowed provided that the connected status attestation claims that the credential is not valid in a specific timeframe From-To (e.g. 3-months revocation of driving license).
A covid certificate that has been temporarily revoked can be used anytime to demonstrate for example that before revocation holder was entitled to perform some public activity.
Revocation therefore must include a Timeframe (From-To), a tipology, and should not invalidate further use of the credential as it may be used to attest activity outside revocation interval.
The text was updated successfully, but these errors were encountered: