5.3.1. Relying Party Solution RequirementsΒΆ

This section lists the requirements to be met by Relying Parties and Relying Party Solutions.

  • The Relying Party MUST register with the Federation Authority to obtain both the Access Certificate and the Registration Certificate.

  • The Relying Party MUST implement secure mechanisms for handling and processing received Digital Credentials, ensuring the integrity and confidentiality of the Relying Party Solution.

  • The Relying Party MUST expose an endpoint for the erasure of personal attributes presented by Users whenever the attributes requested by the Relying Party include a unique identifier of the User (e.g. the "tax_id_code" claim of the PID).

  • The Relying Party Solution MUST implement proper revocation procedures for compromised or decommissioned instances.

  • The Relying Party Solution MUST maintain an audit trail of Credential verifications while respecting privacy requirements and data protection regulations.

  • The Relying Party Solution MUST allow Selective Disclosure mechanisms during presentation scenarios.

  • The Relying Party Backend MUST provide a RESTful set of services for registering Relying Party Instances and issuing Access Certificates.

  • The Relying Party Instance MUST periodically reestablish trust with the Relying Party through integrity checks and Certificate renewal procedures.

  • The Relying Party Instance MUST provide both a Registration Certificate and Access Certificate to Wallet Instances during their interaction to prove the legitimacy and authorization of its requests.

  • The Relying Party Instance MUST communicate to Users which attributes are requested and for what purpose during any Credential presentation flow.

  • The Mobile Relying Party Instances MUST be compatible and functional on both Android and iOS operating systems and available on the Play Store and App Store, respectively.

  • The Mobile Relying Party Instances MUST handle both online and offline presentation scenarios, with appropriate security measures and user notifications.