diff --git a/index.html b/index.html
index a15be98..309583f 100644
--- a/index.html
+++ b/index.html
@@ -306,6 +306,7 @@ What can go wrong?
Other lists
RFC 3552 (Security Attacks): Replay Attacks, Message Insertion, Message Deletion, Message Modification, Man-In-The-Middle
RFC 6973 (Privacy Threats): Correlation, Identification, Secondary Use, Disclosure, Exclusion
+ Note: In OSSTMM, Security and Privacy are together, and anyway there are some overlaps.
What can go wrong?
Using LINDDUN
@@ -316,16 +317,10 @@ What can go wrong?
Using LINDDUN
- What are we going to do about it?
Presentation and Verification
+ What are we going to do about it?
Mitigations
- Anonymous Revocation: a verifier must be able to verify the status of a credential, without having the ability to correlate information about the credentials and the holder.
- Privacy-Preserving DID methods: For example, during resolution, it is possible that the method communicates with the issuer. If the DID uses a distributed ledger, it would be better not to write private information into it.
-
-
-
-
- What are we going to do about it?
Cryptography
-
- Selective Disclosure and Unlinkable Credentials: is the ability to show only a part of the credential and not the full one, in an unlinkable manner. For example, we can show only the date of birth rather than the full passport where it is contained, we are working on BBS cryptosuites.
- Post-Quantum Cryprography: Quantum-safe cryptosuites for signatures.