Purpose

The DC4EU Interoperability Lab serves as a testing and validation environment for integrating and interacting with the components of the EU Digital Identity Wallet (EUDI Wallet) ecosystem. It enables stakeholders to explore interoperability between entities, ensuring cross-border credential issuance, management, and validation.

The lab’s primary goal is to validate compliance with international standards, including OpenID Federation, OpenID4VCI, and OpenID4VP, and to facilitate real-world use cases in the education and social security domains.



Scope

The Interoperability Lab focuses on the following:

  1. Technical Interoperability:
  2. Semantic Interoperability:
  3. Organizational Interoperability:

The lab emphasizes piloting use cases such as:



Core Components

The lab comprises the following entities:

  1. Authentic Sources:
  2. Issuers:
  3. Holders:
  4. Verifiers:
  5. Trust Infrastructure:



Participation Models

The lab supports three participation models:

  1. Piloting Agents Using DC4EU Infrastructure:
  2. Piloting Agents Integrating Their Components:
  3. Stakeholder Interoperability Testing:

Interoperability Lab Overview

The diagram illustrates how data flows through the ecosystem:



Trust Infrastructure

The trust infrastructure in the pilot setup dynamically supports trust validation across entities. As shown in the diagram, it acts as a foundational layer enabling Verifiers, Wallets, and other stakeholders to establish mutual trust. The infrastructure ensures:

  1. The authenticity of credentials issued by the Issuer.
  2. Secure and compliant interactions between wallets and Verifiers.
  3. Dynamic trust relationships, enabling entities to adapt to changes in policies and requirements.

Workflows and Outcomes

The DC4EU Pilot demonstrates how the wallet ecosystem operates, with key workflows encompassing credential issuance, credential presentation, and trust validation. These workflows are critical to ensuring interaction between ecosystem components such as Authentic Sources, Credential Issuers, Wallets, and Verifiers.

Credential Issuance:

The workflow begins with data provided by Authentic Sources, which represent national or domain-specific authorities. This data is processed by the Credential Constructor, validated, and digitally sealed using the e-seal before being issued to wallets via the SATOSA framework. The integration of multiple Authentic Sources ensures that credentials like EHIC or PDA1 are constructed using, trusted datasets.

Credential Presentation:

Wallets act as tools for Holders and relying parties, such as Verifiers. During the credential presentation, the wallet communicates with the Verifier to present a digitally signed credential. The Verifier interacts with the Trust Infrastructure to validate the trust chain and ensure the presented credential complies with the required policies and standards.

Trust Validation:

Trust relationships are maintained through the Trust Infrastructure, which dynamically validates entity metadata and credentials during interactions. Verifiers and wallets rely on the Trust Infrastructure to authenticate entities and confirm credential integrity.