On Mon, 2024-07-22 at 19:43 -0400, Richard Barnes wrote:
> I would observe that any solution based on garden-variety digital
> signature (not something zero-knowledge like BBS / JWP) will have
> problems with issuer/verifier collusion. One-time tokens and batch
> issuance don't help. There is no
IMHO, it is just a matter of setting the reader's expectations right
through adequate privacy considerations. When it comes to collusion
attacks, we can think not only of issuer-verifier but other varieties as
well. We should perhaps list those scenarios. In ISO/IEC 27551 that only
deals with the m
