Documentation updates

README.md

@@ -1,5 +1,8 @@
 # VerifierUi
 
+:heavy_exclamation_mark: **Important!** Before you proceed, please read
+the [EUDI Wallet Reference Implementation project description](https://github.com/eu-digital-identity-wallet/.github-private/blob/main/profile/reference-implementation.md)
+
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)
 
 This project was generated with [Angular CLI](https://github.com/angular/angular-cli) version 15.2.5.

SECURITY.md

@@ -0,0 +1,62 @@
+# EU Digital Identity Wallet Vulnerability Disclosure Policy (VDP)
+
+At the European Commission, we treat the security of our Communication and Information Systems as a
+top priority, in line with Commission Decision EC 2017/46. However, vulnerabilities can never be
+completely eliminated, despite all efforts. If exploited, such vulnerabilities can harm the
+confidentiality, integrity or availability of the Commission's systems and of the information
+processed therein. To identify and remediate vulnerabilities as soon as possible, we value the input
+of external entities acting in good faith, and we encourage responsible vulnerability research and
+disclosure. This document sets out our definition of good faith in the context of finding and
+reporting vulnerabilities, as well as what you can expect from us in return.
+
+## Scope
+
+- Architecture and Reference Framework
+- Source code in [eu-digital-identity-wallet](https://github.com/eu-digital-identity-wallet) public
+  repositories
+
+## If you have identified a vulnerability, please do the following:
+
+* E-mail your findings to [email protected], specifying whether or not you
+  agree to your name or pseudonym being made publicly available as the discoverer of the problem.
+* Encrypt your findings using
+  our [PGP key](https://pgp.mit.edu/pks/lookup?op=get&search=0x6773AACDF09F6628)
+  to prevent this critical information from falling into the wrong hands.
+* Provide us with sufficient information to reproduce the problem so that we can resolve it as quickly as
+  possible. Usually, the IP address or the URL of the affected system and a description of the
+  vulnerability will be sufficient, but complex vulnerabilities may require further explanation in
+  terms of technical information or potential proof-of-concept code.
+* Provide your report in English, preferably, or in any other official language of the European
+  Union.
+* Inform us if you agree to make your name/pseudonym publicly available as the discoverer of the
+  vulnerability.
+
+## Please do not do the following
+
+* Do not take advantage of the vulnerability or problem you have discovered, for example, by
+  downloading more data than necessary to demonstrate the vulnerability, deleting, or modifying
+  other people’s data.
+* Do not reveal any data downloaded during the discovery to any other parties.
+* Do not reveal the problem to others until it has been resolved.
+* Do not perform the following actions:
+  * Placing malware (virus, worm, Trojan horse, etc.) within the system.
+  * Reading, copying, modifying or deleting data from the system.
+  * Making changes to the system.
+  * Repeatedly accessing the system or sharing access with others.
+  * Using any access obtained to attempt to access other systems.
+  * Changing access rights for any other users.
+  * Using automated scanning tools.
+  * Using the so-called "brute force" of access to the system.
+  * Using denial-of-service or social engineering (phishing, vishing, spam etc.).
+* Do not use attacks on physical security.
+
+## What we promise:
+
+* We will respond to your report within three business days with our evaluation of the report.
+* We will handle your report with strict confidentiality.
+* Where possible, we will inform you when the vulnerability has been remedied.
+* We will process the personal data that you provide (such as your e-mail address and name) in
+  accordance with the applicable data protection legislation and will not pass on your personal
+  details to third parties without your permission.
+* In the public information concerning the problem reported, we will publish your name as the
+  discoverer of the problem if you have agreed to this in your initial e-mail

security/.well-known/security.txt

@@ -0,0 +1,6 @@
+Contact: mailto:[email protected],
+Expires: 2025-12-31T23:59:59.000Z
+Encryption: https://github.com/eu-digital-identity-wallet/eudi-web-verifier/blob/main/security/pgp-key.txt
+Preferred-Languages: en
+Canonical: https://github.com/eu-digital-identity-wallet/eudi-web-verifier/blob/main/security/.well-known/security.txt
+Policy: https://github.com/eu-digital-identity-wallet/eudi-web-verifier/blob/main/SECURITY.md

security/pgp-key.txt

@@ -0,0 +1,99 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: SKS 1.1.6
+Comment: Hostname: pgp.mit.edu
+
+mQINBGB0SvgBEADdvQmw+kfNqunbTXwui3uLdF9HymnTyGUREsCn3bxdFDcdY2WfThI/7Sfz
+pRI8cr4Zcl9ZQPHkg+t0Yx59wQMWxGGB/jZ7+xZ7YnwPeESFDX2/zq3dC9PyCvAiTI8H6nFQ
+APNfn+wq5JsLwRcG4F9NFH93U1Q4rGhiCHFx+yvBIB8W19b6T87Nh1Ikhpkl7z/1bAfgccHK
+EtbU//9k3dj3YvKvQrp/BzRIVwDRBTqFKKRi/aL6fvC0IsFYJKZab9OvdXlyD5/wUJYrYtQE
+zAPwc/m11bNPBJvNLYqz3gs5s8XOVz6Crqrvsb5qLkB12nZt7G+Mry3rDizqGi2jCUyt6jaf
+ARF8kD3+oohp2isFrEuY/3hHK/6Sbas//toruXLa4gZvGq9TdwGST/bZechibDUaGT9UWyaj
+EgDI9xQ8rbPzqh98U3c+5xFmyyETryHqtUHqKkpm3JA6hb/s3r+XxKmWd1IlcjgMr7mJtnwY
+zwNDfEfMzH2AwAPdDB4Ru1qaJMRaxfX6hGqXdtj+0CSPE2eOgYgB24dSFIhjF8kmvnydopaa
+n8nPmV7Vv4nxo2dIqJvcfkrakZMAlmtLHAg64SFkGAkrxaOzNiRXtTP8EjM/p7AktnXeYuGQ
+c56O/FsCCCPmEVRIHsWEC1EGKBrOxiYmR9OfRUaq/hBHJ3PTtQARAQABtEZFQyBWVUxORVJB
+QklMSVRZIERJU0NMT1NVUkUgPEVDLVZVTE5FUkFCSUxJVFktRElTQ0xPU1VSRUBlYy5ldXJv
+cGEuZXU+iQEzBBABCAAdFiEEXpWfQC94SQf0rZEnsot02u2nX4kFAmJDCj0ACgkQsot02u2n
+X4mQfAf/Wz10UmEmdu169u3xvkfMcUO2bkkC7OzsZyO1hEp9LUD0Xb1uZOT3pRJtvC3HN5n0
+EI4XB1dg69qC7i7no0glPut3wRkpUnQqu4Eeel3TlJVbl/6bwgqra8YvUY+9AvV6T0KRShyn
+vZe7Hn7b0FGySobZKptrSxh5AUzTPr1mfWi75KvwV1WyT7dbJ1+3McEBaephWi4GUCar631s
+bl14CaLqqwuE7VTDJkpSvNU8Xenb/ZXtG/Xq7mgBc+Z1Ed2psNRm9LnuTfzRzr9C2OXLeL+g
+DvALUO47SOAb55KViZ+c3U0zD/uppOkqo06BYOzV92jhGhOdDWsJPExJKUQSRYkBMwQQAQgA
+HRYhBF6Vn0AveEkH9K2RJ7KLdNrtp1+JBQJiQwu/AAoJELKLdNrtp1+JXvEIALjAXjg1CA0Z
+vvXiL7eDOU+Ur9nCvTBLStuwCtAPBgbaaKPhuRTviS+uxQepEfsvoUawQgOnd1Xp9OAbKiUp
+LgsBdBQw6hsisFtvHtw+cimwv05EXmc83esZKrSx1A4rzQxM/wVc/bfnS9BbPfWIvNwyRnSj
+JlFsIvlbI+rrk05mZU3EMipjTca3EhQdVhHOcF5mq+gIhwyhLGs8UpTmd3n0fnom4Ogtn6XO
+f0hAa1WkKezS3jPjZ9StcR+LFA8ThtUpuMG4JArsihgAnD7h9HAscSo0DtUVqdl5H36UgH/H
+VUFAvqWBffmjc4nwRtW9GvcfPQAEkVvczoy4somirquJATMEEAEIAB0WIQRelZ9AL3hJB/St
+kSeyi3Ta7adfiQUCZOX8hwAKCRCyi3Ta7adfibonB/4q73G/63vyCDTIIUfcmx+OAe/FZnkM
+KjXFnlch1p8dMKBLqHd4anj8BnOYHSyBA1uGDPhivYeNE0LX8DZ25qTCw6MDHxeUjl7yDrOW
+4cUMVtY/aCFQkNJkD8own5Nyf4Al5QBfFyUWT0BmZBqLdcSZpsB5ATD6XoippVvJX/QYen6s
+xymdBnq1zvkTb6e9EtBi+OSUFdsUsHS+Z3P49LUDrYiIbHjScPAMI779opVWx0ShsGYgJlmn
+VoGXP8ggGg0VYJZwF4O4zi2Dh+vZZr5gnc2raX5ZQ2bqG8BWktNABPWxCSb/j7litSKsGdF4
+E5M8XtPZAPNv3QlgoKp4sNl+iQJUBBMBCAA+AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA
+FiEER2BObTDbig6L3gVdZ3OqzfCfZigFAmJmt6AFCQPUAmYACgkQZ3OqzfCfZiiLXxAAvU1g
+ljMEfSSOfCIYDFWb8BLRiYiEnrkA/0QvL9Ul49qw0ZT0JVMH0FcAKDWL2injESEiqQeae9v+
+AuH9KtgW5dFML6zX5eZjC6E4nGcMGTCuUNwvhxiUqjtBixmu9dnuvJGmgxZn/dMpMfByYYve
+EcbdKmU7ZzK4h0WFL5nX4c2WF50v4W9LhZ6EjZHTjIZy2QrVdsr2qiTFfya8/DPV0HmPoCrI
+SIE/UIZc3FoUFnZB2VnMYhBnZKMNRgSAiogHW7ilg9NUTAs9ztVX7ln39fEIpT9vs0bbLF8y
+G4cHrzIgrTu2Ft88xN6KhP1JE8UWwlsDMU7peyXAvtwBoloIiH/Vm7TxNfCYsxJYO/TA7div
+6XVT/RcatTFPRf7eIZnFDL39lStfc14CtsQZbhA5hNl+IV2TLgo7NH8ZOpeTMeR88g2Jrlwc
+cUFi204F1bYVpc4CnKhed4frhD5D9/dfBIND869o4z+fA7lKw7eQ3zm3ZEiA/Jsu4bdk6VKC
+cVFPGQ8r0yDOiDgae8FXYkiuuPKE0a66Nf69dL27qTRTWzjTwnWwtSq6oTGnH7jX5qyjHRU9
+mNlpDoUJkhnpuaX3fj6AOEIr9+gs6t89GwFAUG+cH0UbBMuQwVVRX+MzfAKnuTH1WDKXa9T+
+TkQB6TY/O/+2kR6kZFmXhHAsoREXayCJAlQEEwEIAD4CGwMFCwkIBwIGFQoJCAsCBBYCAwEC
+HgECF4AWIQRHYE5tMNuKDoveBV1nc6rN8J9mKAUCZFyuVwUJBcpN5wAKCRBnc6rN8J9mKAe2
+D/4jnI1u48JUrI5F/GSlVTiJPOf699TzFwOLayIxGAHZol5+pRRdCzEUr2GFENV1VNS6oo1d
+E0UQ6ygWdFye48crD5jzMccLCsAiHSBVDRugJNMVjTJnrOwVTdvpDHLSpEm9uYze6RnvrVcY
+KRnEmhf8erxAYbM5UBhTnneKfhVVVEMyJ3a6UcYPBPHOL64sYH1bhdC0MBxIkZLu8CeikGwI
+oudNKx/ns+GLlnnGJ38RHxVysiwGW9bZSwicaFN9HNRtv8S3JjQrrrS3ujTCOE9BbjySII05
+QY/2XddcBIB2UfJmPHRi8wZix6Lut3szrRQc/eHzeY+lu1Q95pvqMQH4m2G/wQtdf1n3qvNa
+CzGtd3qnePN+Ndep7GvRXL8upd3FEDe5wu1GB6ZnuKadQkGAejgRYp5qMC4kEgD2M3QT9vYc
+DFI8El5pM4X3ESMim7RuMn1lL7NMrDPvlltY6fTBfTe5cud3pxikTiIiOkHhgtp8QLVbDNEe
+auGbhJuejYfuITYpvqUhmg3j3yoa0cd+DLKkVSTKoTCLu31oXiJLBJ2zQuSHZU/GOF3jRw7Z
+RtbgdTRcIFMXROO650PsPdp8VsXFpLuulO9nGElDtYUuq0Ia2dYlhxLqcPrZdxBRL19fPbZJ
+AXkrkAL66Dms5d3q/dWkcLtF32BNa7mRDr8UaYkCVAQTAQgAPhYhBEdgTm0w24oOi94FXWdz
+qs3wn2YoBQJgdEr4AhsDBQkB4QKoBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEGdzqs3w
+n2YodkEQAJevULEYkA7Wu8C8kNIdH/FMCAGx3PAY0AiKzoUH2r5juX4SrxnFQA+G+sFXHJ9q
+9adUQ7hju/0S9lA5uF4EGW7IxfQ5vJFDTh12sz9qPr9Pz58QVZTBtMfwWwVpH7+ePtapMG9Z
+enb/dMI7/GYkNpvBr+cqQPyF2L3ddzGkqKtjvme04vgMVx6MInmdW5Mf2+lUjbCOM6KUiZU+
+SCku4fRuA+Wnvq5GmWbVOIXmXK8VEUx0Xnp7aG1gpOXrkgykNh/67j2drjoFDsInkaU1Z8vc
+IYhoXOVeIz0YegY8DEMEia3kFFjNH5wXGUy3l1jbtzMvlwgn/Ly/KNeY8ME//lUSB8U/Fan9
+4mYpVo521tG35mz71zaS5VfL3scnjaGU9QdoqdB4eLwNp0seZHDE5014hgUsbB5OMOflCxVI
+clBV9FN4SEosaJ5XIyVfCYe83j3+49BtI34wu32G2oiyB4eiH6+YJoGS6BA+o2f3lM0QOW92
++b8BPlSK2fE2cmTxPzjGslaoVibdRhWIfLPTPZVMJU8KcoiTPk9C5zmdbPM/+eUzUgVQ45j6
+NDJ0voCWz4GF7XP79DYekzw72kv93sIRiWku1wguKmNmaH+cSymXHY75EIGTEwPtEYPUVktv
+IMvCqd2YmMh+cUqVx5uAeV7iRmZHyAZ8uhhQgt5xVCpKuQINBGB0SvgBEACo+WXBBrNKr9Cz
+dYwOyEy1uRRhxgS5DrYbdbqp8FfSTTlgNFWGhOBwt5feKUd2SKvPEihYAKT5OSsFTs3U1uFf
+lE/zzsMbAUgt3cOGaRTEpPJ8dTjyPKkrY+8O0YnD6g3lH677zVRwfukXs8h77n1FYLWwvwQM
+TQImLprKokWEp2+Q9dJQuNddHHGATkMEQ6+TSVt+B8Yi73FZzG96sCkMUH8isjXm0OV5/lsA
+rSOjt61I2X6sz42wcEbpCqnWCp6HVe/+uqi1d2if9XhmNBy5FXuKP0cJXRoUPLoPXp/g1FYM
+N9qgNUpet1m5zNCg2RR1cf8SlmrroO6ox5rUoiVu7yopY+iX9bQbiV3kwLHUZiG8rliAGaeu
+SXXDe0vOJ/IWekmFBI8OVLI37hLitCHjKdiDPHhTMcjj4Bumm1H8kL2Ft8EkaTi99Jj59LbO
++vfLsTxigmjTv07AniS2FB3kDRY8ArR90pDMaA0ZF/At9z3jaoIZP1/R8N9SCieRcNCTuvF+
+n2CmADOdiZfVX40/Mg3Spce4oBAC/FwRr3cQskeP6950dHIAqNox507eALVyo+Ya3xsjecMS
+I0j+QntIuMh6b5SxwpuQVadGM45LGI//63eOkqREHgzxWwIJLs4V2Qn0flvV3QjbucjrMLkn
+dtUWg14Oy1LGN3bZvLsyqwARAQABiQI8BBgBCAAmAhsMFiEER2BObTDbig6L3gVdZ3OqzfCf
+ZigFAmTl/FcFCQXKTeYACgkQZ3OqzfCfZigzHhAAwHWjZKv/kTOudm0e2uEfehcOZOKsOiJv
+GOYRNUezcHZKqjfaLeicieQCZ/JWOiCmiI4Z7S1qZIC3fb6WRmOtsC5sCU9K7Ko7KRJHjwZK
+0xff6PWXCpR4CCtpyt6iYeDFu+ENEuhdbSBfwEW043gZCEvOhGn7RL499N7kfnXq04k060gv
+PgliM2roVmAtBT8DSak0Dt+FrdLnioPjqJb0F9GYOrnndCnkJyNFIXNIMcEm2HDWed6rxP8t
+pRMx/bsrFbM/ZbDOUqMJO4uJ/AXvprhUDrHxWWC5VW6gucIVCmMNtwvFd47DzkXglWgnjLqC
+oEXlQcmJ624jy6+f43iZH98BYIM3GyqtK5NaG1Eez6LTWOH4ZtMJr6/lcBtOZPUuJn8vtUhw
+sZaZ/56Ua2eVWm+db3yyQltApjDBQuC+nN0XuIyleeSVfDJZ6u6Hb0v9OklnhcNpNH0Fog2k
+zM8R/B034Ig8ymTIqITYv7Vh2eVHpwtwmUQypcBw5eMRdOOCcF2whICQAnQZLoZlqMnmwXa1
+LTbtKumieyISSxYoFMbGAkKrPF6ABeOGdQbFaZh/KSoginRqslvBxCcbDwnkYxaWYkzQacF9
+N4Wlm1aXQFgmhPTyAFRk6KJYXP5ojVPHQaii6J5UqjUN9f92rYu3MI9Efem3eGv0SG4N3fO1
+sYGJAjwEGAEIACYWIQRHYE5tMNuKDoveBV1nc6rN8J9mKAUCYHRK+AIbDAUJAeECqAAKCRBn
+c6rN8J9mKKd3D/9dIzmTr+snTXT4pU0aa8+p0Nj6AMkZjJHdLCWcL/56l+S4g4akdOUfWI4Z
+ufCNXKJ4GcLde8UWX7Zhr9xq/00a8sbsupmk4pLinJgwC6Tmg6KHWGb4ScRV3z+2TWuhhkeT
+WWIvnscxmXjuXWecRJ9nbwUcFZ7zl26P72eOmK1Omvmhm+dTqt4UyhKnBoIQ0BA45hNrOvWy
+9Pp702LO/BhI4Su1EFfjJ9jiqXuEsXab90Q+ig3PauRgJ95nWB8tGPKMGDnooZSTve5gtjGw
+6W2FJbL7HFKYZZCM95+ROYO6D9XJr78hZ2ocOhDuTwU1oGy1hUpCm29h2BfKUiqeYkHZ9w/s
+tyk5TyD1Ca5RsIbEFqUtiVJdhMcQuaT0WQYcVzXUKyiiOlOxbjVhWZ0WtkOsuCQWkHUAbRUs
+1NGsBldo31jQxTE/M+AIxEB0X0z0Pz/WxK4RQeMlK1qm3MraaZ9hh8gNyvfojvgEE7P/Mqv4
+PMNoqregEBqhVMzilk6eVAcY3axs/HLu7iqgJar+NqlEfklar1pm0ls9XJcn/vfv7XRAHWnm
+tpKeHLVpEEpZjDf5hAgU0BjxecC9pSOu5S12OYa4NQ6P49Kb2IIZRvxooSzH7MF4gIfi7/8C
+ItKxho+oBdJyG5cUpedCHB/YwNJFTpLfSlXItLxW2AxOqtfzDg==
+=wS9M
+-----END PGP PUBLIC KEY BLOCK-----