[OpenID-Specs-eKYC-IDA] Information about the RP in the verified_claims structure
Steinar Noem
steinar at udelt.no
Mon Jul 4 13:01:20 UTC 2022
Hi eKYC-IDA peoples!
Have you discussed adding information about the RP in the verified claims
structure?
I am dealing with a case where I would like to include information about
the system the user uses in the verified claims structure. At the same time
I understand that this information is not directly related to the end-user
identity - and would perhaps not be a natural fit for the IA specification.
The systems in my scenario has the following characteristics:
- They are always used by health personnel.
- They are always used in a healthcare organization
- They are always used for health information
- They must adhere to national legislation
- They must adhere to a national code-of-conduct
- They are subject to a set of contractual agreements where technical
requirements are described (e.g. FAPI)
- They are self-declared in a management system
- They always have to authenticate themselves in the OP (strong
authentication)
- Their client secrets are always associated with an organization with a
high LoA
My feeling is that the verfied_claims structure could include information
about the system that requested authentication of the end-user.
This could be expressed in two main categories of information:
- The software e.g.:
- identifier (something else than client_id)
- version(?)
- type of software (not technical platform, but businessfunction)
- Information about the runtime instance:
- The organization that operates the software - most often a data
processor in my case
- On whose behalf the data processor operates (similar to the
authority structure) - also an organization
Any thoughts/feelings about this?
--
Vennlig hilsen
Steinar Noem
Partner Udelt AS
Systemutvikler
| steinar at udelt.no | hei at udelt.no | +47 955 21 620 | www.udelt.no |
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ekyc-ida/attachments/20220704/e46ed33a/attachment.html>
More information about the Openid-specs-ekyc-ida
mailing list