- changed status to new
Issue when building an entity chain from entity to trust anchor when entity is trusted by multiple intermediates
Issue #2144
new
In the below example, we have a set of entities that are both trusted and can have entities issued for by the Banking Authority and the Insurance Authority. In this scenario, the banking authority will issue a metadata policy dictating what is allowed/needed to act as a bank and the insurance provider will do the same providing what's required to act as an insurance provider.
The concern arises when an entity wishes to produce a statement when its acting as both. Currently, the spec requires two chains to be built either manually or through the use of the resolve endpoint and then manually combined to produce the final entity statement.
How should this be best addressed/communicated?
Comments (3)
-
-
There’s nothing preventing implementations from building multiple trust chains in parallel, potentially ending at multiple mutually trusted trust anchors. At most, we might want to relax the language about choices made while following authority hints to explicitly say that multiple options can be explored if desired.
Would that do the job?
-
I think the key point in your description is “acting as both”.
It’s easy to verify that an entity is both a bank and an insurance provider but that is not the same as proving that it is acting as both.
Right ?
- Log in to comment
