[ID4me Governance] Trust models for identity validation

Vittorio Bertola vittorio.bertola at open-xchange.com
Fri Sep 21 12:48:07 UTC 2018



> Il 21 settembre 2018 alle 13.51 "Matthias Pfeifer | dotBERLIN GmbH & Co. KG" <pfeifer at dot.berlin> ha scritto:
> 
> 
> Hello Jörg,
> 
> > I'd envision something like:
> > 
> > No restrictions on who validates a claim. Additionally, ID4me must be able to
> > - "flag" if a a claim is validated or not
> 
> [>] What is, when we have a trustfully identity agent/provider (like a CA), we could treat all claims stored there as validated and it's up to the user to choose such a identiy agent when he wishes to use validated claims. Could this become an reasonable model?

The relying party however cannot know so easily whether an agent is trusted or not, so the agent should still sign all claims (we could even provide a mode in which it is possible to sign all claims at once rather than have a signature for each of them).

The question that then follows is: could we say that all agents working with a specific authority are trusted as long as they sign their claims, implying that the authority has to check and validate each and every agent, or should authorities provide lists of which agents should be considered trusted...?

Ciao
-- 

Vittorio Bertola
Head of Policy & Innovation

Cell:+39 348 7015022Skype:in-skype-ox at bertola.eu
Email:vittorio.bertola at open-xchange.com

Twitter: [@openexchange](http://twitter.com/openexchange)- Facebook: [OpenXchange](https://www.facebook.com/OpenXchange)- Web: [www.open-xchange.com](http://www.open-xchange.com)
Open-Xchange AG, Rollnerstr. 14, 90408 Nuremberg, District Court Nuremberg HRB 24738
Managing Board: Rafael Laguna de la Vera, Carsten Dirks, Michael Knapstein, Stephan Martin 
Chairman of the Board: Richard Seibt

European Office: 
Open-Xchange GmbH, Olper Huette 5f, D-57462 Olpe, Germany, District Court Siegen, HRB 8718 
Managing Director: Frank Hoberg

US Office: 
Open-Xchange. Inc., 530 Lytton Avenue, Palo Alto, CA 94301, USA 

Confidentiality Warning: This message and any attachments are intended only for the use of the intended recipient(s), are confidential, and may be privileged. If you are not the intended recipient, you are hereby notified that any review, retransmission, conversion to hard copy, copying, circulation or other use of this message and any attachments is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, and delete this message and any attachments from your system.


More information about the Governance_wg mailing list