SID-TRUST-03 — Issuer and Verifier Trust Gating
| Property | Value |
|---|---|
| Status | verified |
| Owner | platform |
| Category | technical |
| CSF Function | protect |
| Group | Trust Evaluation Controls |
Description
Mandatory trust evaluation before credential acceptance (issuance) and before credential disclosure (presentation). In OID4VCI: issuer signed_metadata JWT verified, key material evaluated via AuthZEN. In OID4VP: verifier request JWT x5c/jwk extracted and evaluated before disclosing any credentials. Untrusted entities rejected with user-facing error.
Components
- Wallet Backend (Go)
- Trust Service (AuthZEN)