Trust Frameworks
Issue #1149
wontfix
Is there a proactive push by this WG to expand the trust_framework
jurisdictions or do you expect that the petition would come from other parties once adoption increases visibility of this extension
Comments (2)
-
-
- changed status to wontfix
Should be defined by implementer
- Log in to comment
I suspect probably the latter. I’m working with a couple of countries that would drive use (over 200M combined users), but I suspect they will point to NIST standards rather than create their own. My real concern here is that what we call a trust framework in this profile actually isn’t a trust framework but a level of assurance taken from a national or international standard e.g. eidas_ial_substantial as taken from the EU Commission Implementing Regulation (EU) 2015/1502, or nist_800_63A_ial_2 taken from NIST 800.63.