WUM-8.2.2-Sec-11 — Securely destroy WSCA/WSCD key material on deletion
ARF PAD_04 If the wallet unit deletes a PID or device-bound attestation on the user's request, the wallet unit shall ensure that all cryptographic key material in the WSCA/WSCD or keystore related to this PID or attestation is securely destroyed.
| Property | Value |
|---|---|
| Section | 8.2.2 Delete |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-CRYPTO-03 | AES-256-GCM Encrypted Keystore |
| SID-KEY-03 | WSCD Client Library with rawSign API |
Source: ENISA – Security Requirements for European Digital Identity Wallets v0.5