[OpenID-Specs-eKYC-IDA] Feedback needed

Torsten Lodderstedt torsten at lodderstedt.net
Fri Jan 17 17:43:02 UTC 2020 

I think the “trust_framework” identifiers should go into https://www.iana.org/assignments/loa-profiles/loa-profiles.xhtml. I also think we need other registries for evidence types, verification methods and document types. 

> On 17. Jan 2020, at 18:35, Leif Johansson <leifj at sunet.se> wrote:
> 
> Probably not but IANA/IESG is gona review and will also notice and push back on overlap.
> 
> Skickat från min iPhone
> 
>> 17 jan. 2020 kl. 18:30 skrev Torsten Lodderstedt <torsten at lodderstedt.net>:
>> 
>> I know. My point is, we have several different elements in our data model where we seek extensibility for. Can we put all of those into this single registry?
>> 
>>> On 17. Jan 2020, at 18:29, Leif Johansson <leifj at sunet.se> wrote:
>>> 
>>> Påls point (and mine) is that there is one already.
>>> 
>>> Skickat från min iPhone
>>> 
>>>>> 17 jan. 2020 kl. 18:16 skrev Torsten Lodderstedt <torsten at lodderstedt.net>:
>>>> 
>>>> Hi,
>>>> 
>>>> thanks for your feedback. We know the current state is not the perfect solution. 
>>>> 
>>>> Finding a sustainable solution is a key topic for the next revision of OpenId Connect for Identity Assurance. 
>>>> 
>>>> Please see https://bitbucket.org/openid/ekyc-ida/issues/1093/extensibility-how-do-we-support
>>>> 
>>>> As you can see ased on the discussion in the latest call, we are aiming at using IANA registries for the different element types. 
>>>> 
>>>> best regards,
>>>> Torsten. 
>>>> 
>>>>> On 17. Jan 2020, at 17:26, Leif Johansson via Openid-specs-ekyc-ida <openid-specs-ekyc-ida at lists.openid.net> wrote:
>>>>> 
>>>>>> On 2020-01-16 17:46, Pål Axelsson via Openid-specs-ekyc-ida wrote:
>>>>>> Hi all,
>>>>>> 
>>>>>> I subscribed to this list today due to that we're owrking with assurance
>>>>>> framework within our academic federation in Sweden. Today we uses SAML
>>>>>> and signal assurance certifications. When we start to use OpenID Connect
>>>>>> we want to be able to do that there to.
>>>>>> 
>>>>>> When I read the proposed standard earlier today I saw a large
>>>>>> enumeration in the working materials. I think this is a bad practice to
>>>>>> enumerate in the standard documentation due to these things tend to
>>>>>> change and then there will be a need to update the standard. The
>>>>>> enumeration should instead be in an external registry, for example IANA
>>>>>> registry over Level of Assurance (LoA) Profiles
>>>>>> (https://www.iana.org/assignments/loa-profiles/loa-profiles.xhtml).
>>>>>> 
>>>>>> Please correct me if I'm wrong in my assumption.
>>>>>> 
>>>>>> Pål Axelsson
>>>>> 
>>>>> As the author of RFC6711 I can tell you that you're not wrong. The
>>>>> way we setup the LOA registry was to be able to handle multiple
>>>>> protocol - something I'm sure john bradley could attest to aswell
>>>>> since he was also involved.
>>>>> 
>>>>> In fact I think I might mentioned the registry to Torsten @ IIW
>>>>> last fall :-)
>>>>> 
>>>>> Cheers Leif
>>>>> 
>>>>>> 
>>>>>> 
>>>>>> ------ Originalmeddelande ------
>>>>>> Från: "Torsten Lodderstedt via Openid-specs-ekyc-ida"
>>>>>> <openid-specs-ekyc-ida at lists.openid.net
>>>>>> <mailto:openid-specs-ekyc-ida at lists.openid.net>>
>>>>>> Till: "OpenID eKYC Identity Assurance Working Group"
>>>>>> <openid-specs-ekyc-ida at lists.openid.net
>>>>>> <mailto:openid-specs-ekyc-ida at lists.openid.net>>
>>>>>> Kopia: "Torsten Lodderstedt" <torsten at lodderstedt.net
>>>>>> <mailto:torsten at lodderstedt.net>>
>>>>>> Skickat: 2020-01-16 17:34:19
>>>>>> Ämne: Re: [OpenID-Specs-eKYC-IDA] Feedback needed
>>>>>> 
>>>>>>> Hi Naohiro,
>>>>>>> 
>>>>>>> good question. 
>>>>>>> 
>>>>>>> I would go with Wikipedia‘s
>>>>>>> definition: https://en.m.wikipedia.org/wiki/Jurisdiction
>>>>>>> 
>>>>>>> And for every jurisdiction list the respective law(s) + further use cases.
>>>>>>> 
>>>>>>> Ronald just raised the question about a use case repository. I think
>>>>>>> this nicely fits together. 
>>>>>>> 
>>>>>>> We could setup a sub page listing the laws/use cases that were
>>>>>>> implemented using OIDC4IDA and how.
>>>>>>> 
>>>>>>> Thoughts?
>>>>>>> 
>>>>>>> best regards,
>>>>>>> Torsten.
>>>>>>> 
>>>>>>>> Am 16.01.2020 um 10:35 schrieb Naohiro Fujie via
>>>>>>>> Openid-specs-ekyc-ida <openid-specs-ekyc-ida at lists.openid.net
>>>>>>>> <mailto:openid-specs-ekyc-ida at lists.openid.net>>:
>>>>>>>> 
>>>>>>>> Hello Torsten,
>>>>>>>> 
>>>>>>>> Any criteria to list up jurisdictions? OpenID Foundation Japan have
>>>>>>>> listed up financial and telco related laws earlier, but there are more
>>>>>>>> laws require identity assurance.
>>>>>>>> 
>>>>>>>> Naohiro
>>>>>>>> 
>>>>>>>> 2020年1月16日(木) 1:29 Torsten Lodderstedt via Openid-specs-ekyc-ida
>>>>>>>> <openid-specs-ekyc-ida at lists.openid.net
>>>>>>>> <mailto:openid-specs-ekyc-ida at lists.openid.net>>:
>>>>>>>>> 
>>>>>>>>> Hi all,
>>>>>>>>> 
>>>>>>>>> we have so far checked OpenID Connect 4 Identity Assurance in detail
>>>>>>>>> against the requirements and use cases of certain jurisdictions (JP
>>>>>>>>> & DE) or are expecting such feedback from other jurisdictions (UK,
>>>>>>>>> Scandinavia, Australia).
>>>>>>>>> 
>>>>>>>>> We are seeking for detailed review feedback regarding applicability
>>>>>>>>> of OpenID Connect 4 Identity Assurance from other jurisdictions
>>>>>>>>> since we want to make sure we develop a truly International standard.
>>>>>>>>> 
>>>>>>>>> We would highly appreciate any feedback!
>>>>>>>>> 
>>>>>>>>> Thanks in advance,
>>>>>>>>> Torsten.
>>>>>>>>> 
>>>>>>>>> --
>>>>>>>>> Openid-specs-ekyc-ida mailing list
>>>>>>>>> Openid-specs-ekyc-ida at lists.openid.net
>>>>>>>>> <mailto:Openid-specs-ekyc-ida at lists.openid.net>
>>>>>>>>> http://lists.openid.net/mailman/listinfo/openid-specs-ekyc-ida
>>>>>>>>> 
>>>>>>>> -- 
>>>>>>>> Openid-specs-ekyc-ida mailing list
>>>>>>>> Openid-specs-ekyc-ida at lists.openid.net
>>>>>>>> <mailto:Openid-specs-ekyc-ida at lists.openid.net>
>>>>>>>> http://lists.openid.net/mailman/listinfo/openid-specs-ekyc-ida
>>>>>> 
>>>>> 
>>>>> -- 
>>>>> Openid-specs-ekyc-ida mailing list
>>>>> Openid-specs-ekyc-ida at lists.openid.net
>>>>> http://lists.openid.net/mailman/listinfo/openid-specs-ekyc-ida
>>>> 
>> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3923 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ekyc-ida/attachments/20200117/61bb1925/attachment.p7s>

More information about the Openid-specs-ekyc-ida mailing list