Versions Compared

Old Version 66

changes.mady.by.user Branko Marovic

Saved on

compared with

New Version 67

changes.mady.by.user Branko Marovic

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Work Done

From Sprint Demo 4.6 - September 21/22 September 2021:

  • Implement and improve IRMA issuer in simpleSAMLphp

  • Test verification of claims from multiple schemes

  • Explore the best way to describe the scheme

  • Discuss IRMA ‘metadata’ distribution risks

  • Investigate assurance

  • Device assurance

  • Expressing assurance from the source

  • Investigate revocation

  • Multi-valued attributes

...

The source code of the system is available at : https://github.com/privacybydesign.

Technical Model

How does verification work in IRMA?

...

An obvious source of "cards" is a SAML federation. In order for For a SAML attribute of a user to be converted to a card, the user needs to visit an entity that acts as a proxy. This proxy needs to behave as a SAML SP towards the user and the SAML federation. The user needs to visit the site with the intent of adding a card to their IRMA app so that the IRMA infrastructure can store the data as a card. The user will be logged in to this SAML SP which will consume the attributes from an IdP / AA and store them in the IRMA infrastructure.

...

During attribute disclosures, IRMA can prove non-revocation, but only if explicitly asked for by the requestor. The reason for this is that computing a non-revocation proof for a credential is much more expensive than just computing a disclosure proof out of that credential. For this, IRMA will only prove non-revocation for a credential type if the requestor explicitly requests it. Requestors should only request non-revocation proofs when it is really necessary for them to establish that they received non-revoked attributes.

Additional Sourcesource: https://irma.app/docs/revocation

...