<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class="">Some concerns remaining…</div><div class=""><pre style="word-wrap: break-word; white-space: pre-wrap;" class="">3.4. Vectors of Trust
Servers MUST check for the presence of the "vtr" parameter before
"acr" in Requests. If both parameters are present the server will
default to "vtr" as the request to respond to. "acr" MUST then be
ignored.</pre><pre style="word-wrap: break-word; white-space: pre-wrap;" class=""><br class=""></pre><pre style="word-wrap: break-word; white-space: pre-wrap;" class=""><font face="Helvetica" class=""><PH> I thought this was to be changed to “SHOULD” select “vtr” and ignore “acr”.</font></pre><pre style="word-wrap: break-word; white-space: pre-wrap;" class=""><font face="Helvetica" class="">I would prefer language, </font></pre><pre style="word-wrap: break-word; white-space: pre-wrap;" class="">"If both parameters are present the server MUST choose either “vtr” or “acr” and</pre><pre style="word-wrap: break-word; white-space: pre-wrap;" class="">ignore the other parameter."</pre><pre style="word-wrap: break-word; white-space: pre-wrap;" class="">
Varley & Grassi Expires November 23, 2017 [Page 9]
�
openid-igov-profile May 2017
OpenID Providers MAY provide the "vot" and contain valid values from
the Vectors of Trust [I-D.richer-vectors-of-trust] standard.</pre><pre style="word-wrap: break-word; white-space: pre-wrap;" class=""><font face="Helvetica" class=""><PH>OpenID Providers MAY provide the “vot" — when ? I wonder if it might be helpful to say either</font></pre><pre style="word-wrap: break-word; white-space: pre-wrap;" class=""><font face="Helvetica" class="">1. “In response to a request containing a “vtr””, or</font></pre><pre style="word-wrap: break-word; white-space: pre-wrap;" class=""><font face="Helvetica" class="">2. “When responding, an OpenID Provider MAY provide a “vot” whether or not a “vtr” was requested."</font>
The "vtr" and contain valid values from the Vectors of Trust
[I-D.richer-vectors-of-trust] standard.</pre><pre style="word-wrap: break-word; white-space: pre-wrap;" class=""><font face="Helvetica" class=""><PH> Is there a word missing above?</font>
It is out of scope of this document to determine how an organization
maps their digital identity practices to valid VOT component values.</pre><pre style="word-wrap: break-word; white-space: pre-wrap;" class=""><PH>If a “vtr” is provided, is a “vot” required in the response? For example, as written, an implementer could process “vtr” and ignore “acr” but it would still be compliant if it did not return a “vot” in response. Is that the intent?</pre></div><br class=""><div class="">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class=""><span class="Apple-style-span" style="border-collapse: separate; line-height: normal; border-spacing: 0px;"><div class="" style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div class=""><div class=""><div class="">Phil</div><div class=""><br class=""></div><div class="">Oracle Corporation, Identity Cloud Services Architect</div><div class="">@independentid</div><div class=""><a href="http://www.independentid.com" class="">www.independentid.com</a></div></div></div></div></span><a href="mailto:phil.hunt@oracle.com" class="" style="orphans: 2; widows: 2;">phil.hunt@oracle.com</a></div></div></div></div></div></div></div></div></div></div></div></div></div>
</div>
<br class=""></body></html>