[Openid-specs-ab] Review of openid-connect-4-identity-assurance-04

Tom Jones thomasclinganjones at gmail.com
Fri Jun 14 19:56:00 UTC 2019


Tony: that's not the real world meaning of claim. A claim of title is not a
title. It is only a title when it is recognized and registered. So a more
historically accurate term would be a registered claim.

thx ..Tom (mobile)

On Fri, Jun 14, 2019, 9:48 AM Anthony Nadalin via Openid-specs-ab <
openid-specs-ab at lists.openid.net> wrote:

> It’s not a claim then, it’s a statement, it does not matter who has the
> claim, the issuer or the beholder, it’s still in doubt. I don’t understand
> enough of the “verified” statement since the language is vague in the
> specification, is it the provenance of the data or the truth of the data ?
>
>
>
> *From:* Mike Jones <Michael.Jones at microsoft.com>
> *Sent:* Friday, June 14, 2019 9:45 AM
> *To:* Anthony Nadalin <tonynad at microsoft.com>; Artifact Binding/Connect
> Working Group <openid-specs-ab at lists.openid.net>; Torsten Lodderstedt <
> torsten at lodderstedt.net>
> *Subject:* Re: Review of openid-connect-4-identity-assurance-04
>
>
>
> A claim is a statement made by the issuer. A verified claim is one with
> evidence backing it beyond the veracity of the issuer.
>
> Doubt or belief are both properties of the beholder - not the issuer.
>
> -- Mike
> ------------------------------
>
> *From:* Anthony Nadalin
> *Sent:* Friday, June 14, 2019 6:44:29 PM
> *To:* Artifact Binding/Connect Working Group; Torsten Lodderstedt
> *Cc:* Mike Jones
> *Subject:* RE: Review of openid-connect-4-identity-assurance-04
>
>
>
> A claim is something in doubt, how can you have a verified claim?
>
>
>
> *From:* Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> *On
> Behalf Of *Mike Jones via Openid-specs-ab
> *Sent:* Friday, June 14, 2019 8:42 AM
> *To:* Torsten Lodderstedt <torsten at lodderstedt.net>
> *Cc:* Mike Jones <Michael.Jones at microsoft.com>;
> openid-specs-ab at lists.openid.net
> *Subject:* Re: [Openid-specs-ab] Review of
> openid-connect-4-identity-assurance-04
>
>
>
> I agree with "verified_claims".
>
> Thanks!
>
> -- Mike
> ------------------------------
>
> *From:* Torsten Lodderstedt <torsten at lodderstedt.net>
> *Sent:* Friday, June 14, 2019 5:47:17 PM
> *To:* Mike Jones
> *Cc:* Daniel Fett; openid-specs-ab at lists.openid.net
> *Subject:* Re: Review of openid-connect-4-identity-assurance-04
>
>
>
> Hi Mike,
>
> Thanks a lot for your substantial feedback.
>
> While I'm incorporating it, I would like to sort out one question:
>
> > On 1. Jun 2019, at 02:16, Mike Jones <Michael.Jones at microsoft.com>
> wrote:
> >
> > All Sections:  Generalize kinds of verified claims.  The most important
> issue is to generalize the goal of the document from defining how to use
> “verified person data” to defining how to use “verified data”.  This work
> isn’t happening in a vacuum.  There are other efforts to define
> representations of verified claims in the industry, including
> https://w3c.github.io/vc-data-model/
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fvc-data-model%2F&data=04%7C01%7Ctonynad%40microsoft.com%7C751b6b0b0ffb4842def908d6f0e7a856%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636961275087950014%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C-1&sdata=cV1XZpHoSMWZ%2BUNfp6jDGKyBRrKkly%2F4D8JQJ7eFov0%3D&reserved=0>,
> that take this more general approach, but propose much more complicated
> data representations that are not based on JWTs.  It would be highly
> beneficial to have a simple general JWT-based “verified data”
> representation that is general-purpose.  Indeed, that’s the possibility
> that excites me about this work.  Don’t get me wrong – I believe that all
> the particulars for verified people data can and should remain.  The main
> concrete change needed is to rename “verified_person_data” to
> “verified_data”.
>
> I think “verified_claims” would fit even better. What do you think?
>
> best regards,
> Torsten.
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20190614/1f5001ce/attachment-0001.html>


More information about the Openid-specs-ab mailing list