Versions Compared

Old Version 3

changes.mady.by.user Todd Gehrke

Saved on

compared with

New Version 4

changes.mady.by.user Todd Gehrke

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. What are GHP compliant ecosystems?  From an identity binding standpoint there will be different levels, we cannot dictate across the ecosystem.  
  2. What would be compliant in various different scenarios?
  3. What are the standards of data reported in the credential?
  4. If there is no identity binding data in the credential, should the recommendation be that the verifier treats it at the lowest level? (Self-Asserted)
  5. Should we provide a mapping across recognized schemes?  NIST, PCTF, TDIF, eIDAS, UK GPG, ISO/IEC 247602476


  1. [Scott] Need to be inclusive but maintain a guidance for a LOA that represents the different standards
    1. Starts with the fact that there are different LOA
  2. [Paco] We should recommend the risk levels that should be accepted.
  3. [Stew] We should decide quickly id theis is data or policy standardization. How can we encapsulate the IAL standards. Recommends we go toward data standards rather than recommending a spacific technical standard.
    1. Propose we look at the facts and report what was done, could be null or NIST or ISO. . . It is up to the verifier how they want to handle that.
    2. We shouldn’t be pushing policy, we should be defining the data.
  4. [Kayila] This group is the identity binding, we need to define the standard for recording LOA and send someone to the data structure group and recommend they include the information.
  5. [Bryn] We need to consider binding across all three zones. 
    1. We have a clear direction from steerco to focus on international travel.
  • Next steps

Everyone should contribute to the documents:       

Action Items

  1. Action: Todd to circulate the links to the key documents to the DG and the task for this week to review the content that exists in the draft paper https://docs.google.com/document/d/1Gf9XjOS4lmb3Hs80ITqgtoYaJnXxGasMNCnIrHoQN1I/edit# and fill the gaps that exist in requirements and recommendations.

  2. Action: Ensure we identify the interaction with the credential definition WG - the level of assurance should be included with the credential.

  3. Action: Discuss with rules engine WG how different LoAs can be translated by the Verifier

...