[Openid-specs-ab] [E] OpenID Connect for Identity Proofing(Proposal)

Tue Feb 12 19:53:15 UTC 2019

Thanks Torsten, that's very interesting to see new use cases poping up.
Great initiative.

I will read carefully as I'm very attached to 63A and even if as a starter
I tend to thing like Tom (and by extension John.

Best,

JF

Le lun. 11 févr. 2019, à 15 h 26, Tom Jones via Openid-specs-ab <
openid-specs-ab at lists.openid.net> a écrit :

> At a recent conference on strong identities (dec 10-11 redmond) John brady
> suggested that we needed to separate identity claims from authentication.
>
> I strongly support John’s concept.
>
> From my perspective what that means is that the OP should be primarily in
> the business of authentication.
>
> Verified claims should not be mixed into that same basket.
>
> I would strong support creating some sort of “attribute provider”
> (whatever) to supplied claims.
>
> Note that the verified claims working group ahs a different meaning for
> verified.
>
> I believe to avoid confusion this concept needs a different name, like
> validated claims.
>
>
>
> thx ..tom
>
>
>
> *From: *Hjelm, Bjorn via Openid-specs-ab
> <openid-specs-ab at lists.openid.net>
> *Sent: *Monday, February 11, 2019 11:35 AM
> *To: *Artifact Binding/Connect Working Group
> <openid-specs-ab at lists.openid.net>; Torsten Lodderstedt
> <torsten at lodderstedt.net>
> *Cc: *Hjelm, Bjorn <Bjorn.Hjelm at VerizonWireless.com>; Paul Grassi
> <pgrassi at easydynamics.com>
> *Subject: *Re: [Openid-specs-ab] [E] OpenID Connect for Identity
> Proofing(Proposal)
>
>
>
> Torsten,
>
> Thank you for submitting this draft. I see a clear need for this
> functionality. Besides support for NIST SP 800-63A, I would also like to
> discuss how this work aligns with some of the discussions in the iGov WG
> about developing support for NISTIR 8112.
>
>
>
> Looking forward to a productive WG discussion.
>
>
>
> BR,
>
> Bjorn
>
>
>
> On 2/9/19, 4:41 AM, "Openid-specs-ab on behalf of Torsten Lodderstedt via
> Openid-specs-ab" <openid-specs-ab-bounces at lists.openid.net on behalf of
> openid-specs-ab at lists.openid.net> wrote:
>
>
>
>     Hi all,
>
>
>
>     please find attached a document specifying an OpenID Connect Extension
> for the purpose of strong Identity Proofing. On behalf of yes.com, I
> would be delighted to contribute this document to the AB/Connect Working
> Group.
>
>
>
>     Background: At IIW I held a session about Identity Proofing with
> OpenID Connect to get a feeling regarding the communities appetite to
> standardize an OpenID Extension for this important but also challenging
> topic. The feedback was tremendous so I started to work on this
> specification. It is based on yes.com’s experience with strong identity
> attestation in highly regulated contexts in the European Union, mainly in
> Germany. For example, it will be used to attest user identities in the
> context of creating Qualified (Remote) Electronic Signature according to
> eIDAS. This kind of signature is legally equivalent to a traditional (wet)
> signature on paper.
>
>
>
>     The approach taken is focused on fulfilling the business requirements
> for natural person identification in the EU. So my assumption (and hope) is
> we together as a WG will refine and enhance the concept to cover the
> requirements of jurisdictions around the world. I look forward to having
> productive discussions.
>
>
>
>     best regards,
>
>     Torsten.
>
>
>
>
>
>
>
> _______________________________________________
>
> Openid-specs-ab mailing list
>
> Openid-specs-ab at lists.openid.net
>
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20190212/4a3d0e2b/attachment.html>