Skip to main content

EAA ConformanceETSI TS 119 472-1 (v1.2.1) clause 5.2.7.1

EAA-5.2.7.1-01:EAA includes the nbf claim for technical-validity start

  • shall
  • Ordinary EAA
  • QEAA
  • PuB-EAA
  • SD-JWT VC
  • Issuer
  • Verifier

Spec text

A SD-JWT VC EAA shall include the nbf claim specified in IETF RFC 7519 clause 4.1.5, and further profiled in IETF SD-JWT VC clause 3.2.2.2.

ETSI TS 119 472-1 (v1.2.1), clause 5.2.7.1, page 31.

In plain English

Every SD-JWT VC EAA must carry the nbf ("not before") claim. This is the earliest moment in time at which the EAA is technically valid; before this instant a verifier must reject it.

Why it matters

Without an explicit start of validity, an EAA could be replayed before it is supposed to be active or treated as valid forever. nbf is one half of the bounded-validity window every EAA needs.

Common mistakes

  • Treating nbf as optional (it is mandatory for clause 5 EAAs).
  • Setting nbf to a sentinel like 0 to skip the check.
  • Confusing nbf (start of technical validity) with iat (time of issuance).

Conformance check

Auto-tested. Use the action in the sidebar to run a Self-Assessment for this control.

Last reviewed against ETSI TS 119 472-1 v1.2.1 on 2026-05-01.

iGrant.io’s EAA Issuer SDK handles this control out of the box. Talk to our team about closing your conformance gaps.

Chat on WhatsAppEmail support