Comment by lvass
14 hours ago
You can maybe, trust the user to handle it's own certificate in their own devices? Though I admit requiring attestation is probably a good default.
14 hours ago
You can maybe, trust the user to handle it's own certificate in their own devices? Though I admit requiring attestation is probably a good default.
One important feature of a legal ID is that it's hard to copy, so attestation from the hardware storage would have to be basically mandatory.
But yeah, the user could have a choice to this extent.