Topic p final paper and version update topic q and r (#1535) (#616)

phin10 · web-flow · commit da30fa37421a · 2025-10-20T10:25:39.000+02:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,8 +7,8 @@ and this project adheres to [Semantic Versioning](https://semverdoc.org/).
 
 ## [2.6.0] - 2025-10-13
 
-- The [Discussion Paper for Topic O](./discussion-topics/o-catalogues-for-attestations.md) was integrated into [Section 5.5](#55-catalogue-of-attributes-and-catalogue-of-attestation-schemes), and into [Topic 25](./annexes/annex-2/annex-2-high-level-requirements.md#a2325-topic-25---unified-definition-and-controlled-vocabularies-for-attributes-catalogue-of-attributes) and [Topic 26](./annexes/annex-2/annex-2-high-level-requirements.md#a2326-topic-26---catalogue-of-attestation-schemes) in Annex 2.
-- The [Discussion Paper for Topic Z](./discussion-topics/z-device-bound-attestations.md) was integrated into [Sections 6.6.2.3.3](#66233-verifies-that-pid-key-or-device-bound-attestation-key-is-protected-by-the-wscd) and [6.6.3.8](#6638-relying-party-instance-verifies-device-binding), among others. Moreover, multiple requirements in Annex 2 where changed or slightly adapted to account for the fact that device binding is now recommended, not mandatory.
+- The Discussion Paper for Topic O, and into Topic 25 and Topic 26 in Annex 2.
+- The Discussion Paper for Topic Z was integrated into Sections 6.6.2.3.3 and 6.6.3.8, among others. Moreover, multiple requirements in Annex 2 where changed or slightly adapted to account for the fact that device binding is now recommended, not mandatory.
 
 - Apart from these changes, a limited number of editorial mistakes were corrected.
 
diff --git a/docs/discussion-topics/p-secure-cryptographic-interface-between-the-Wallet-Instance-and-WSCA.md b/docs/discussion-topics/p-secure-cryptographic-interface-between-the-Wallet-Instance-and-WSCA.md
@@ -1,6 +1,6 @@
 # Topic P - Secure Cryptographic Interface between the Wallet Instance and WSCA
 
-Version 0.4, updated 23 Sep. 2025
+Version 1.0, updated 14 Oct. 2025
 
 [Link to GitHub discussion](https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/discussions/578)
 
@@ -131,7 +131,24 @@ generated cryptographic keys and sensitive data [WIAM_13, WIAM_21, PAD_04, PAD_0
  private key [WIAM_19].
 
 
+
 ## 3. Existing technologies
+This section presents a number of technologies that potentially can be used to 
+implement a WSCA. It is important to clarify that the ARF does not endorse any 
+specific technology. The Wallet Provider must ensure that its implementation of 
+the WSCA and WSCD in combination can be certified for security. Moreover, it is 
+possible that the Wallet Provider may need to develop some bespoke components to 
+be able to fulfill all requirements for a WSCA in the ARF and the CIRs. For 
+example, if the WSCD is a smart card, the Wallet Provider may develop a 
+dedicated JavaCard applet that runs on the WSCD and augments the native OS of 
+the smart card with additional functionalities. If so, the security of this 
+JavaCard applet needs to be considered during certification of the Wallet 
+Solution, whereas the OS of the WSCD itself (which is not provided by the Wallet 
+Provider) may be covered under an assumption regarding its resistance against 
+attackers with high attack potential, in accordance with CIR 2024/2981, Annex 
+IV, paragraph 3(3). Furthermore, in accordance with CIR 2024/2981 "every 
+architecture and implementation of wallets" shall properly address the security
+and privacy risks set in Annex I of CIR 2024/2981. 
 
 In mobile devices, the Wallet Secure Cryptographic Device (WSCD) is often embedded within 
 the device hardware. The WSCA, in this case is platform-dependent and acts as the interface 
diff --git a/docs/discussion-topics/q-interface-user-wallet-instance.md b/docs/discussion-topics/q-interface-user-wallet-instance.md
@@ -1,5 +1,5 @@
 
-Version 0.4, updated 22 September 2025
+Version 1.0, date 14 October 2025
 
 [Link to GitHub discussion](https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/discussions/586)
 
diff --git a/docs/discussion-topics/r-authentication-of-user-to-device.md b/docs/discussion-topics/r-authentication-of-user-to-device.md
@@ -1,8 +1,8 @@
-Version 0.9.1, updated 24 September 2025
+Version 1.0, date 14 October 2025
 
 [Link to GitHub discussion](https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/discussions/585)
 
-# R - Authentication of the User to the device
+# Topic R - Authentication of the User to the device
 
 ## 1 Introduction
 

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`
`2`		`-Version 0.4, updated 22 September 2025`
	`2`	`+Version 1.0, date 14 October 2025`
`3`	`3`
`4`	`4`	`[Link to GitHub discussion](https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/discussions/586)`
`5`	`5`