WUH-8.3.1-Sec-01 — App-level auth shall not enable use of WSCA/WSCD-protected keys
Application-level authentication shall not enable the use of critical cryptographic assets whose access is protected by WSCA/WSCD authentication.
| Property | Value |
|---|---|
| Section | 8.3.1 Auth |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-AUTH-01 | FIDO2/WebAuthn Passwordless Authentication |
| SID-KEY-01 | WSCA WebSocket Key Signing Delegation |
| SID-AUTH-05 | Wallet Unlock, Lockout, and PIN Security |
Source: ENISA – Security Requirements for European Digital Identity Wallets v0.5