[OpenID-Specs-eKYC-IDA] Feedback needed

Pål Axelsson pax at sunet.se
Thu Jan 16 16:46:34 UTC 2020

Hi all,

I subscribed to this list today due to that we're owrking with assurance 
framework within our academic federation in Sweden. Today we uses SAML 
and signal assurance certifications. When we start to use OpenID Connect 
we want to be able to do that there to.

When I read the proposed standard earlier today I saw a large 
enumeration in the working materials. I think this is a bad practice to 
enumerate in the standard documentation due to these things tend to 
change and then there will be a need to update the standard. The 
enumeration should instead be in an external registry, for example IANA 
registry over Level of Assurance (LoA) Profiles 

Please correct me if I'm wrong in my assumption.

Pål Axelsson

------ Originalmeddelande ------
Från: "Torsten Lodderstedt via Openid-specs-ekyc-ida" 
<openid-specs-ekyc-ida at lists.openid.net>
Till: "OpenID eKYC Identity Assurance Working Group" 
<openid-specs-ekyc-ida at lists.openid.net>
Kopia: "Torsten Lodderstedt" <torsten at lodderstedt.net>
Skickat: 2020-01-16 17:34:19
Ämne: Re: [OpenID-Specs-eKYC-IDA] Feedback needed

>Hi Naohiro,
>good question.
>I would go with Wikipedia‘s definition: 
>And for every jurisdiction list the respective law(s) + further use 
>Ronald just raised the question about a use case repository. I think 
>this nicely fits together.
>We could setup a sub page listing the laws/use cases that were 
>implemented using OIDC4IDA and how.
>best regards,
>>Am 16.01.2020 um 10:35 schrieb Naohiro Fujie via Openid-specs-ekyc-ida 
>><openid-specs-ekyc-ida at lists.openid.net>:
>>Hello Torsten,
>>Any criteria to list up jurisdictions? OpenID Foundation Japan have
>>listed up financial and telco related laws earlier, but there are more
>>laws require identity assurance.
>>2020年1月16日(木) 1:29 Torsten Lodderstedt via Openid-specs-ekyc-ida
>><openid-specs-ekyc-ida at lists.openid.net>:
>>>Hi all,
>>>we have so far checked OpenID Connect 4 Identity Assurance in detail 
>>>against the requirements and use cases of certain jurisdictions (JP & 
>>>DE) or are expecting such feedback from other jurisdictions (UK, 
>>>Scandinavia, Australia).
>>>We are seeking for detailed review feedback regarding applicability 
>>>of OpenID Connect 4 Identity Assurance from other jurisdictions since 
>>>we want to make sure we develop a truly International standard.
>>>We would highly appreciate any feedback!
>>>Thanks in advance,
>>>Openid-specs-ekyc-ida mailing list
>>>Openid-specs-ekyc-ida at lists.openid.net
>>Openid-specs-ekyc-ida mailing list
>>Openid-specs-ekyc-ida at lists.openid.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ekyc-ida/attachments/20200116/7998f241/attachment.html>

More information about the Openid-specs-ekyc-ida mailing list