Comments (2)
The code in the repo is indeed based on a draft of 23220-3 from last year and these are only available to members of ISO SC17 WG4 as far as I know. You can get access by joining your national standards body associated with ISO (in the US it's INCITS, in the Netherlands it's NEN, in Germany it's DIN, and so on).
As to your questions
why first provisioning and then certify auth keys?
Because that's how the Identity Credential API works.
why two separate steps ('StartProvisioning' and 'com.android.identity_credential.StartProvisioning')? Looks like it could be done in one request.
Because you want to periodically refresh MSOs.
should the challenge really be fixed (FixedChallenge)?
Nope, both the server and client side bits of this is rough work-in-progress.
from identity-credential.
One question while we are waiting for the 23220-3 to become public... is there an option to integrate the identification procedure to the provisioning protocol?
With identification I mean taking a selfie and photos of existing physical documents with your phone and send them to the backend. Backend would perform face matching of selfie and photo from the document, OCR of the document, validation etc... Only after the identification is successfull, the person can request the actual document from the backend.
In this scenario the first message wouldnt' contain the provisioningCode, but photos (selfie, front and back photos of the physical document, etc..), and the workflow would be a bit different. I'm not sure how flexible the 23220-3 standard is regarding those challenges.
from identity-credential.
Related Issues (20)
- Show transparent background during in-person presentation
- CBOR processor observations
- Issues with Consent Prompt when a large number of items are requested HOT 2
- Not having enrolled fingerprint abruptly ends presentation
- Appverifier crashes when appholder does not auto-close with NFC data transfer
- Delete all credentials in wallet when Screenlock has been removed. HOT 1
- wallet: streamline permission workflow
- Implement passport/card scanning using CAN (card access number)
- Expose all the info from the passport
- Cbor annotation processor imports
- Pre-Consent Mechanism
- Kotlin toXxx extensions should be functions not properties
- Annotation processing for flow-based interfaces
- identity-android/ Tests Won't Build
- Simple server-based issuance
- why there is a breaking change by updating the library with new identity-mdoc, storage related and key creation changes?
- FlowProcessor doesn't work with enums
- Migrate to from Timestamp to kotlinx.datetime.Instant, everywhere except identity-android-legacy HOT 1
- Basic wallet server infrastructure
- Build errors when making the identity-credential project
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from identity-credential.