diff --git a/index.html b/index.html index 9d8f817..221a55c 100644 --- a/index.html +++ b/index.html @@ -777,7 +777,28 @@

Privacy Considerations

This section details the general privacy considerations and specific privacy implications of deploying this specification into production environments.

-
+
+

Personally Identifiable Information

+

+ Data associated with schemas and verifiable credentials are susceptible + to privacy violations when shared. Personally identifying data, such as a + government-issued identifier, address, or name, can be used to track and correlate + entities. Even less overt personal data such as a birthdate or postal code has + the ability to result in correlation and de-anonymization. +

+

+ Implementers are strongly advised to avoid constructing schemas with any personally + identifiable information (PII). +

+

+ If such personally identifiable information is necessary in a schema, or a credential + schema, implementers are strongly advised to use mechanisms while storing and + transporting verifiable credentials that protect the data from those who should + not access it such as Transportation Layer Security (TLS) or other means of encrypting + the data whether in transit or at rest. +

+
+

Verifier Caching

Since schemas are immutable, they are highly cachable. @@ -788,7 +809,7 @@

Verifier Caching

verifier-based access patterns on the schema.

-
+

Content Distribution Networks

The use of content distribution networks by issuers can increase the @@ -808,7 +829,7 @@

Security Considerations

not understanding the implications of this section can result in security vulnerabilities.

-
+

Issuer Impersonation

It is possible for a schema to become authoritative, such as schemas