[Openid-specs-ab] Issue #1099: Use ICAO codes for nationality and issuer country? (openid/connect)

tlodderstedt issues-reply at bitbucket.org
Sun Jul 14 16:37:55 UTC 2019

New issue 1099: Use ICAO codes for nationality and issuer country?

Torsten Lodderstedt:

Marcos Sanz brought this up in his recent review.

“At the moment the spec does not link verified data to its respective   
evidence at all, even when there are multiple evidences \(s. for instance   
the example in section 6.2 with ID document AND utility bill\), so I don't   
think we would \(or actually do\) need that capability. On the other hand,   
you might be right with regard to an entity verifying one nationality and   
not all of them. So I don't really need the multiple nationalities   
What I just came up with and actually think to be more important than   
multiple nationalities \(warning: I am not an expert in this topic!\) is the   
fact that the ICAO Machine Readable Passports specification asserts   
nationality by means of their ICAO codes \(  
[https://www.icao.int/publications/Documents/9303\_p3\_cons\_en.pdf](https://www.icao.int/publications/Documents/9303_p3_cons_en.pdf)\), which   
expand ISO 3166 because they also have to deal with UN travel documents   
and other various issuing authorities. ICAO even reserve nationality codes   
for stateless people. For a good summary read  
[https://www.iso.org/news/2011/04/Ref1604.html](https://www.iso.org/news/2011/04/Ref1604.html) rather than the ICAO PDF.  
So while ISO3166 initially seemed to us initially like the natural fit to   
describe "issuer country" and "nationality", we might be excluding   
\(discriminating?\) identities from being describable with our spec.  
Are ICAO codes maybe the better way to go?“

More information about the Openid-specs-ab mailing list