Difference between revisions of "Mobile Driver's License with OIDC"
From MgmtWiki
(→Context) |
|||
| Line 3: | Line 3: | ||
==Context== | ==Context== | ||
| − | * If the mDL reader receives the token and URL from the mDL, either during device engagement or device data retrieval, it may retrieve mDL data from the issuing authority via the Internet or locally. If the | + | * If the mDL reader receives the token and URL from the mDL, either during device engagement or device data retrieval, it may retrieve mDL data from the issuing authority via the Internet or locally. If the reader chooses to use the internet, either OIDC or WebAPI can be used to retrieve the information. |
| + | |||
| + | ===Taxonomy=== | ||
| + | * Holder - the subject | ||
| + | * Wallet - the device software that holds th mDL. | ||
| + | * Reader - the device used by the verifier to get data from the mDL. | ||
| + | * Attacker - a bogus wallet that is attempting to illicitly gain access or steal data from the reader. | ||
==Problems== | ==Problems== | ||
| + | * If the Reader might use the internet for some transactions, but not all, then the type of access can be | ||
| − | == | + | ==Solutions== |
* The transaction has been designed such that it is not necessary for the mDL holder to physically hand over the mobile device to the mDL verifier. | * The transaction has been designed such that it is not necessary for the mDL holder to physically hand over the mobile device to the mDL verifier. | ||
Revision as of 14:48, 21 May 2021
Full Title
How to use OpenID Connect (OIDC) with a Mobile Driver's License (mDL) compliant with ISO 18013-5,
Context
- If the mDL reader receives the token and URL from the mDL, either during device engagement or device data retrieval, it may retrieve mDL data from the issuing authority via the Internet or locally. If the reader chooses to use the internet, either OIDC or WebAPI can be used to retrieve the information.
Taxonomy
- Holder - the subject
- Wallet - the device software that holds th mDL.
- Reader - the device used by the verifier to get data from the mDL.
- Attacker - a bogus wallet that is attempting to illicitly gain access or steal data from the reader.
Problems
- If the Reader might use the internet for some transactions, but not all, then the type of access can be
Solutions
- The transaction has been designed such that it is not necessary for the mDL holder to physically hand over the mobile device to the mDL verifier.
