EU Trusted Lists Section

docs/en/wallet-attestation.rst

@@ -62,7 +62,8 @@ Wallet Instance Initialization and Registration
 .. note::
 
   The EUDIW Application MUST also implement the integrity services from the vendor's SDK, this service has already beed defined as **Device Integrity Service (DIS)** in this specification. The DIS helps by detecting potentially risky and fraudulent interactions, such as from tampered app versions and untrustworthy environments.
-The verification process to establish the trustworthiness of a WI for the WP begins with the initial app launch during which a Cryptographic Hardware Key Tag is generated, serving as the WI's identifier. During the *Initialization and Registration* process, the WI transmits this Cryptographic Hardware Key Tag to the WP, which in turn generates a key pair and signs the Cryptographic Hardware Key Tag with the private key. The signed Cryptographic Hardware Key Tag is then retained by the WI. Subsequently, when the WI requests WIA, it includes the signed Cryptographic Hardware Key Tag. To verify the request's reliability, the WP utilizes the public key generated before to authenticate the Cryptographic Hardware Key Tag.
+  The verification process to establish the trustworthiness of a WI for the WP begins with the initial app launch during which a Cryptographic Hardware Key Tag is generated, serving as the WI's identifier. During the *Initialization and Registration* process, the WI transmits this Cryptographic Hardware Key Tag to the WP, which in turn generates a key pair and signs the Cryptographic Hardware Key Tag with the private key. The signed Cryptographic Hardware Key Tag is then retained by the WI.
+  Subsequently, when the WI requests WIA, it includes the signed Cryptographic Hardware Key Tag. To verify the request's reliability, the WP utilizes the public key generated before to authenticate the Cryptographic Hardware Key Tag.
 
 **Step 2:**: The Wallet Instance:
 
@@ -75,7 +76,7 @@ The verification process to establish the trustworthiness of a WI for the WP beg
 
 .. note::
 
-As explained in the chapter `Trust Infrastructure <https://github.com/cmarco0/eudi-wallet-it-docs-fork/blob/cmarco0-DynamicComponentViewProcess/docs/en/trust.rst#the-infrastructure-of-trust>`_  section `Trust Chain <https://github.com/cmarco0/eudi-wallet-it-docs-fork/blob/cmarco0-DynamicComponentViewProcess/docs/en/trust.rst#trust-chainit>`_ it ensures the integrity and authenticity of wallet solutions are rigorously maintained.
+    As explained in the chapter `Trust Infrastructure <https://github.com/cmarco0/eudi-wallet-it-docs-fork/blob/cmarco0-DynamicComponentViewProcess/docs/en/trust.rst#the-infrastructure-of-trust>`_  section `Trust Chain <https://github.com/cmarco0/eudi-wallet-it-docs-fork/blob/cmarco0-DynamicComponentViewProcess/docs/en/trust.rst#trust-chainit>`_ it ensures the integrity and authenticity of wallet solutions are rigorously maintained.
 The Trust Framework helps prevent fraudulent redirections, protecting user transactions and data.
 
 **Steps 3-5:**: The Wallet Instance sends a request to the Wallet Provider Backend and receives a one-time ``challenge``. This "challenge" is a ``nonce``, which must be unpredictable to serve as the main defense against replay attacks. The backend must generate the ``nonce`` value in a manner that ensures it is single-use and valid only within a specific time frame. This endpoint is compliant with the specification `OAuth 2.0 Nonce Endpoint`_.