[OpenID-Specs-eKYC-IDA] Feedback needed
Torsten Lodderstedt
torsten at lodderstedt.net
Fri Jan 17 17:15:23 UTC 2020
Hi,
thanks for your feedback. We know the current state is not the perfect solution.
Finding a sustainable solution is a key topic for the next revision of OpenId Connect for Identity Assurance.
Please see https://bitbucket.org/openid/ekyc-ida/issues/1093/extensibility-how-do-we-support
As you can see ased on the discussion in the latest call, we are aiming at using IANA registries for the different element types.
best regards,
Torsten.
> On 17. Jan 2020, at 17:26, Leif Johansson via Openid-specs-ekyc-ida <openid-specs-ekyc-ida at lists.openid.net> wrote:
>
> On 2020-01-16 17:46, Pål Axelsson via Openid-specs-ekyc-ida wrote:
>> Hi all,
>>
>> I subscribed to this list today due to that we're owrking with assurance
>> framework within our academic federation in Sweden. Today we uses SAML
>> and signal assurance certifications. When we start to use OpenID Connect
>> we want to be able to do that there to.
>>
>> When I read the proposed standard earlier today I saw a large
>> enumeration in the working materials. I think this is a bad practice to
>> enumerate in the standard documentation due to these things tend to
>> change and then there will be a need to update the standard. The
>> enumeration should instead be in an external registry, for example IANA
>> registry over Level of Assurance (LoA) Profiles
>> (https://www.iana.org/assignments/loa-profiles/loa-profiles.xhtml).
>>
>> Please correct me if I'm wrong in my assumption.
>>
>> Pål Axelsson
>
> As the author of RFC6711 I can tell you that you're not wrong. The
> way we setup the LOA registry was to be able to handle multiple
> protocol - something I'm sure john bradley could attest to aswell
> since he was also involved.
>
> In fact I think I might mentioned the registry to Torsten @ IIW
> last fall :-)
>
> Cheers Leif
>
>>
>>
>> ------ Originalmeddelande ------
>> Från: "Torsten Lodderstedt via Openid-specs-ekyc-ida"
>> <openid-specs-ekyc-ida at lists.openid.net
>> <mailto:openid-specs-ekyc-ida at lists.openid.net>>
>> Till: "OpenID eKYC Identity Assurance Working Group"
>> <openid-specs-ekyc-ida at lists.openid.net
>> <mailto:openid-specs-ekyc-ida at lists.openid.net>>
>> Kopia: "Torsten Lodderstedt" <torsten at lodderstedt.net
>> <mailto:torsten at lodderstedt.net>>
>> Skickat: 2020-01-16 17:34:19
>> Ämne: Re: [OpenID-Specs-eKYC-IDA] Feedback needed
>>
>>> Hi Naohiro,
>>>
>>> good question.
>>>
>>> I would go with Wikipedia‘s
>>> definition: https://en.m.wikipedia.org/wiki/Jurisdiction
>>>
>>> And for every jurisdiction list the respective law(s) + further use cases.
>>>
>>> Ronald just raised the question about a use case repository. I think
>>> this nicely fits together.
>>>
>>> We could setup a sub page listing the laws/use cases that were
>>> implemented using OIDC4IDA and how.
>>>
>>> Thoughts?
>>>
>>> best regards,
>>> Torsten.
>>>
>>>> Am 16.01.2020 um 10:35 schrieb Naohiro Fujie via
>>>> Openid-specs-ekyc-ida <openid-specs-ekyc-ida at lists.openid.net
>>>> <mailto:openid-specs-ekyc-ida at lists.openid.net>>:
>>>>
>>>> Hello Torsten,
>>>>
>>>> Any criteria to list up jurisdictions? OpenID Foundation Japan have
>>>> listed up financial and telco related laws earlier, but there are more
>>>> laws require identity assurance.
>>>>
>>>> Naohiro
>>>>
>>>> 2020年1月16日(木) 1:29 Torsten Lodderstedt via Openid-specs-ekyc-ida
>>>> <openid-specs-ekyc-ida at lists.openid.net
>>>> <mailto:openid-specs-ekyc-ida at lists.openid.net>>:
>>>>>
>>>>> Hi all,
>>>>>
>>>>> we have so far checked OpenID Connect 4 Identity Assurance in detail
>>>>> against the requirements and use cases of certain jurisdictions (JP
>>>>> & DE) or are expecting such feedback from other jurisdictions (UK,
>>>>> Scandinavia, Australia).
>>>>>
>>>>> We are seeking for detailed review feedback regarding applicability
>>>>> of OpenID Connect 4 Identity Assurance from other jurisdictions
>>>>> since we want to make sure we develop a truly International standard.
>>>>>
>>>>> We would highly appreciate any feedback!
>>>>>
>>>>> Thanks in advance,
>>>>> Torsten.
>>>>>
>>>>> --
>>>>> Openid-specs-ekyc-ida mailing list
>>>>> Openid-specs-ekyc-ida at lists.openid.net
>>>>> <mailto:Openid-specs-ekyc-ida at lists.openid.net>
>>>>> http://lists.openid.net/mailman/listinfo/openid-specs-ekyc-ida
>>>>>
>>>> --
>>>> Openid-specs-ekyc-ida mailing list
>>>> Openid-specs-ekyc-ida at lists.openid.net
>>>> <mailto:Openid-specs-ekyc-ida at lists.openid.net>
>>>> http://lists.openid.net/mailman/listinfo/openid-specs-ekyc-ida
>>
>
> --
> Openid-specs-ekyc-ida mailing list
> Openid-specs-ekyc-ida at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ekyc-ida
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3923 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ekyc-ida/attachments/20200117/86358d4b/attachment.p7s>
More information about the Openid-specs-ekyc-ida
mailing list