[OpenID-Specs-eKYC-IDA] Feedback needed

Torsten Lodderstedt torsten at lodderstedt.net
Fri Jan 17 17:29:27 UTC 2020


I know. My point is, we have several different elements in our data model where we seek extensibility for. Can we put all of those into this single registry?

> On 17. Jan 2020, at 18:29, Leif Johansson <leifj at sunet.se> wrote:
> 
> Påls point (and mine) is that there is one already.
> 
> Skickat från min iPhone
> 
>> 17 jan. 2020 kl. 18:16 skrev Torsten Lodderstedt <torsten at lodderstedt.net>:
>> 
>> Hi,
>> 
>> thanks for your feedback. We know the current state is not the perfect solution. 
>> 
>> Finding a sustainable solution is a key topic for the next revision of OpenId Connect for Identity Assurance. 
>> 
>> Please see https://bitbucket.org/openid/ekyc-ida/issues/1093/extensibility-how-do-we-support
>> 
>> As you can see ased on the discussion in the latest call, we are aiming at using IANA registries for the different element types. 
>> 
>> best regards,
>> Torsten. 
>> 
>>> On 17. Jan 2020, at 17:26, Leif Johansson via Openid-specs-ekyc-ida <openid-specs-ekyc-ida at lists.openid.net> wrote:
>>> 
>>>> On 2020-01-16 17:46, Pål Axelsson via Openid-specs-ekyc-ida wrote:
>>>> Hi all,
>>>> 
>>>> I subscribed to this list today due to that we're owrking with assurance
>>>> framework within our academic federation in Sweden. Today we uses SAML
>>>> and signal assurance certifications. When we start to use OpenID Connect
>>>> we want to be able to do that there to.
>>>> 
>>>> When I read the proposed standard earlier today I saw a large
>>>> enumeration in the working materials. I think this is a bad practice to
>>>> enumerate in the standard documentation due to these things tend to
>>>> change and then there will be a need to update the standard. The
>>>> enumeration should instead be in an external registry, for example IANA
>>>> registry over Level of Assurance (LoA) Profiles
>>>> (https://www.iana.org/assignments/loa-profiles/loa-profiles.xhtml).
>>>> 
>>>> Please correct me if I'm wrong in my assumption.
>>>> 
>>>> Pål Axelsson
>>> 
>>> As the author of RFC6711 I can tell you that you're not wrong. The
>>> way we setup the LOA registry was to be able to handle multiple
>>> protocol - something I'm sure john bradley could attest to aswell
>>> since he was also involved.
>>> 
>>> In fact I think I might mentioned the registry to Torsten @ IIW
>>> last fall :-)
>>> 
>>>   Cheers Leif
>>> 
>>>> 
>>>> 
>>>> ------ Originalmeddelande ------
>>>> Från: "Torsten Lodderstedt via Openid-specs-ekyc-ida"
>>>> <openid-specs-ekyc-ida at lists.openid.net
>>>> <mailto:openid-specs-ekyc-ida at lists.openid.net>>
>>>> Till: "OpenID eKYC Identity Assurance Working Group"
>>>> <openid-specs-ekyc-ida at lists.openid.net
>>>> <mailto:openid-specs-ekyc-ida at lists.openid.net>>
>>>> Kopia: "Torsten Lodderstedt" <torsten at lodderstedt.net
>>>> <mailto:torsten at lodderstedt.net>>
>>>> Skickat: 2020-01-16 17:34:19
>>>> Ämne: Re: [OpenID-Specs-eKYC-IDA] Feedback needed
>>>> 
>>>>> Hi Naohiro,
>>>>> 
>>>>> good question. 
>>>>> 
>>>>> I would go with Wikipedia‘s
>>>>> definition: https://en.m.wikipedia.org/wiki/Jurisdiction
>>>>> 
>>>>> And for every jurisdiction list the respective law(s) + further use cases.
>>>>> 
>>>>> Ronald just raised the question about a use case repository. I think
>>>>> this nicely fits together. 
>>>>> 
>>>>> We could setup a sub page listing the laws/use cases that were
>>>>> implemented using OIDC4IDA and how.
>>>>> 
>>>>> Thoughts?
>>>>> 
>>>>> best regards,
>>>>> Torsten.
>>>>> 
>>>>>> Am 16.01.2020 um 10:35 schrieb Naohiro Fujie via
>>>>>> Openid-specs-ekyc-ida <openid-specs-ekyc-ida at lists.openid.net
>>>>>> <mailto:openid-specs-ekyc-ida at lists.openid.net>>:
>>>>>> 
>>>>>> Hello Torsten,
>>>>>> 
>>>>>> Any criteria to list up jurisdictions? OpenID Foundation Japan have
>>>>>> listed up financial and telco related laws earlier, but there are more
>>>>>> laws require identity assurance.
>>>>>> 
>>>>>> Naohiro
>>>>>> 
>>>>>> 2020年1月16日(木) 1:29 Torsten Lodderstedt via Openid-specs-ekyc-ida
>>>>>> <openid-specs-ekyc-ida at lists.openid.net
>>>>>> <mailto:openid-specs-ekyc-ida at lists.openid.net>>:
>>>>>>> 
>>>>>>> Hi all,
>>>>>>> 
>>>>>>> we have so far checked OpenID Connect 4 Identity Assurance in detail
>>>>>>> against the requirements and use cases of certain jurisdictions (JP
>>>>>>> & DE) or are expecting such feedback from other jurisdictions (UK,
>>>>>>> Scandinavia, Australia).
>>>>>>> 
>>>>>>> We are seeking for detailed review feedback regarding applicability
>>>>>>> of OpenID Connect 4 Identity Assurance from other jurisdictions
>>>>>>> since we want to make sure we develop a truly International standard.
>>>>>>> 
>>>>>>> We would highly appreciate any feedback!
>>>>>>> 
>>>>>>> Thanks in advance,
>>>>>>> Torsten.
>>>>>>> 
>>>>>>> --
>>>>>>> Openid-specs-ekyc-ida mailing list
>>>>>>> Openid-specs-ekyc-ida at lists.openid.net
>>>>>>> <mailto:Openid-specs-ekyc-ida at lists.openid.net>
>>>>>>> http://lists.openid.net/mailman/listinfo/openid-specs-ekyc-ida
>>>>>>> 
>>>>>> -- 
>>>>>> Openid-specs-ekyc-ida mailing list
>>>>>> Openid-specs-ekyc-ida at lists.openid.net
>>>>>> <mailto:Openid-specs-ekyc-ida at lists.openid.net>
>>>>>> http://lists.openid.net/mailman/listinfo/openid-specs-ekyc-ida
>>>> 
>>> 
>>> -- 
>>> Openid-specs-ekyc-ida mailing list
>>> Openid-specs-ekyc-ida at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs-ekyc-ida
>> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3923 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ekyc-ida/attachments/20200117/16cfed76/attachment-0001.p7s>


More information about the Openid-specs-ekyc-ida mailing list