From 6f38f8f02fdb928e308421edabb50c6f9163d8a5 Mon Sep 17 00:00:00 2001 From: Dima Postnikov Date: Wed, 11 Feb 2026 19:18:23 +1100 Subject: [PATCH 1/4] Add security analysis comment As discussed here: https://github.com/openid/OpenID4VP/issues/645 --- openid-4-verifiable-presentations-1_0.md | 33 ++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/openid-4-verifiable-presentations-1_0.md b/openid-4-verifiable-presentations-1_0.md index e59dd4fa..193a75ca 100644 --- a/openid-4-verifiable-presentations-1_0.md +++ b/openid-4-verifiable-presentations-1_0.md @@ -2367,6 +2367,27 @@ Ecosystems intending to use trusted authority mechanisms SHOULD ensure that the + + + Formal Security Analysis of the OpenID for Verifiable Presentations Specification (with DC API) + + + + + + + + + + + OpenID for Verifiable Credentials: Formal Security Analysis using the Web Infrastructure Model + + + + + + + # OpenID4VP over the Digital Credentials API {#dc_api} This section defines how to use OpenID4VP with the Digital Credentials API. @@ -2544,13 +2565,21 @@ The audience for the response (for example, the `aud` value in a Key Binding JWT ## Security Considerations {#dc_api_security_considerations} -The following security considerations from OpenID4VP apply: +### Formal Security Analysis + +The security properties of the OpenID for Verifiable Credentials family of specifications have been formally analyzed, see [@secanalysis.openid4vp]. + +In addition, the security properties of this protocol, when used in conjunction with Digital Credentials API (DC API) [@!W3C.Digital_Credentials_API], have been formally analyzed, see [@secanalysis.openid4vp.dc]. + +### Additional security considerations + +The following security considerations apply: * Preventing Replay of Verifiable Presentations as described in (#preventing-replay), with the difference that the origin is used instead of the Client Identifier to bind the response to the Client. * End-User Authentication using Credentials as described in (#end-user-authentication-using-credentials). * Encrypting an Unsigned Response as described in (#encrypting_unsigned_response). * TLS Requirements as described in (#tls-requirements). -* Always Use the Full Client Identifier as described in (#full-client-identifier) for signed requests. +* Always use the Full Client Identifier as described in (#full-client-identifier) for signed requests. * Security Checks on the Returned Credentials and Presentations as described in (#dcql_query_security). * DCQL Value Matching as described in (#dcql-value-matching). From 60648152b56eef8d6ea54dfed2f25daf94fc63e6 Mon Sep 17 00:00:00 2001 From: Dima Postnikov Date: Wed, 11 Feb 2026 19:55:08 +1100 Subject: [PATCH 2/4] Applicable to different sections of the document --- openid-4-verifiable-presentations-1_0.md | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/openid-4-verifiable-presentations-1_0.md b/openid-4-verifiable-presentations-1_0.md index 193a75ca..dc2da11e 100644 --- a/openid-4-verifiable-presentations-1_0.md +++ b/openid-4-verifiable-presentations-1_0.md @@ -1769,6 +1769,10 @@ While breaking changes to the specifications referenced in this specification ar # Security Considerations {#security_considerations} +## Formal Security Analysis + +The security properties of the OpenID for Verifiable Credentials family of specifications have been formally analyzed, see [@secanalysis.openid4vp]. + ## Preventing Replay of Verifiable Presentations {#preventing-replay} An attacker could try to inject Presentations obtained from (for example) a previous Authorization Response into another Authorization Response, thus impersonating the End-User that originally presented the respective Verifiable Presentation. Holder Binding aims to prevent such attacks. @@ -2565,15 +2569,9 @@ The audience for the response (for example, the `aud` value in a Key Binding JWT ## Security Considerations {#dc_api_security_considerations} -### Formal Security Analysis - -The security properties of the OpenID for Verifiable Credentials family of specifications have been formally analyzed, see [@secanalysis.openid4vp]. - -In addition, the security properties of this protocol, when used in conjunction with Digital Credentials API (DC API) [@!W3C.Digital_Credentials_API], have been formally analyzed, see [@secanalysis.openid4vp.dc]. - -### Additional security considerations +The security properties of the OpenID4VP protocol, when used in conjunction with the Digital Credentials API (DC API) [@!W3C.Digital_Credentials_API], have been formally analyzed, see [@secanalysis.openid4vp.dc]. -The following security considerations apply: +The following security considerations from the OpenID4VP apply: * Preventing Replay of Verifiable Presentations as described in (#preventing-replay), with the difference that the origin is used instead of the Client Identifier to bind the response to the Client. * End-User Authentication using Credentials as described in (#end-user-authentication-using-credentials). From 01c7b4482446c77cb22e4b1e895ece09c237d18f Mon Sep 17 00:00:00 2001 From: Dima Postnikov Date: Wed, 11 Feb 2026 19:58:00 +1100 Subject: [PATCH 3/4] reference typo --- openid-4-verifiable-presentations-1_0.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openid-4-verifiable-presentations-1_0.md b/openid-4-verifiable-presentations-1_0.md index dc2da11e..f2066eb6 100644 --- a/openid-4-verifiable-presentations-1_0.md +++ b/openid-4-verifiable-presentations-1_0.md @@ -1771,7 +1771,7 @@ While breaking changes to the specifications referenced in this specification ar ## Formal Security Analysis -The security properties of the OpenID for Verifiable Credentials family of specifications have been formally analyzed, see [@secanalysis.openid4vp]. +The security properties of the OpenID for Verifiable Credentials family of specifications have been formally analyzed, see [@secanalysis.openid4vc]. ## Preventing Replay of Verifiable Presentations {#preventing-replay} From 75aeba6202458207568a181ff8a4b9c01c587a67 Mon Sep 17 00:00:00 2001 From: Kristina <52878547+Sakurann@users.noreply.github.com> Date: Thu, 12 Mar 2026 16:44:21 +0100 Subject: [PATCH 4/4] Apply suggestions from code review Co-authored-by: Frederik Krogsdal Jacobsen --- openid-4-verifiable-presentations-1_0.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openid-4-verifiable-presentations-1_0.md b/openid-4-verifiable-presentations-1_0.md index f2066eb6..8a6c849f 100644 --- a/openid-4-verifiable-presentations-1_0.md +++ b/openid-4-verifiable-presentations-1_0.md @@ -2571,7 +2571,7 @@ The audience for the response (for example, the `aud` value in a Key Binding JWT The security properties of the OpenID4VP protocol, when used in conjunction with the Digital Credentials API (DC API) [@!W3C.Digital_Credentials_API], have been formally analyzed, see [@secanalysis.openid4vp.dc]. -The following security considerations from the OpenID4VP apply: +The following security considerations from OpenID4VP apply: * Preventing Replay of Verifiable Presentations as described in (#preventing-replay), with the difference that the origin is used instead of the Client Identifier to bind the response to the Client. * End-User Authentication using Credentials as described in (#end-user-authentication-using-credentials).