VC-T-1 — Tamper with credential claims between issuer and registry
Component: vc Platform. Mitigations: Internal HTTP (issuer → registry) lacks TLS in some configs; gRPC mTLS available. Action: Enforce mTLS on issuer → registry HTTP paths; prefer gRPC mTLS only
| Property | Value |
|---|---|
| Section | Tampering |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-TRANS-01 | TLS 1.2+ Minimum with Configurable Version |
| SID-TRANS-02 | OpenID4VCI Credential Issuance Protocol |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md