SID-DATA-07 — Credential Re-issuance and Lifecycle Management

Property	Value
Owner	platform
Category	technical
CSF Function	protect
Group	Data Protection Controls

Description

User-initiated credential re-issuance with attribute comparison and same-wallet-unit proof. Requirements: (1) Explicit re-issuance UI showing expiring credentials with user-configurable thresholds (WUM-8.2.2-Fun-04). (2) Attribute diff display comparing old vs new credential claims on re-issuance (WUM-8.2.2-Fun-06). (3) Same wallet unit proof via tiered assurance model — Tier 1: hardware-attested via FIDO sign extension, Tier 2: same-key re-signing, Tier 3: credential presentation hint (WUM-8.2.2-Sec-07). Automated re-issuance via OID4VCI refresh token exists; this control covers the user-facing lifecycle. Implementation plan: wallet-frontend#66 with 7 sub-issues (#67-#73).

Components

• Wallet Frontend
• Wallet Backend (Go)

Source References

• wallet-frontend/docs/REISSUANCE_PLAN.md
• wallet-frontend/issues/66

Framework Requirements

EUDI Security Requirements: WUM-8.2.2-Fun-04, WUM-8.2.2-Fun-06, WUM-8.2.2-Sec-07