openid / ekyc-ida / issues / #1339 - Create profiles of the OIDC4IDA spec — Bitbucket

Issue #1339 new

Mark Haine created an issue 2023-01-25

There are discussions involving implementers in Japan, Australia and the UK about how to document profiles of the OIDC4IDA spec.

Comments (7)

Mark Haine reporter
Suggest starting to write profiles for the three and see if we can find a consistent format for documenting them ad share those profiles on the wiki section?

Australian profile is quite lightweight at present as far as I understand

UK profile is rich around the assurance details

JP profile includes use of scopes and pre-defined sets of attributes

Should we also consider the possibility of “Pending Verification” being addressed through a profile?
- 2023-01-25T11:21:14+00:00
Takahiko Kawasaki
IMHO, considering the historical context in which RAR was developed, the approach being discussed in the OIDF-J KYC WG (mapping pre-defined sets to scopes) is not so good. I recommend that OIDF-J KYC WG members attend eKYC-IDA WG calls and discuss their needs directly with experts.

Transaction Authorization or why we need to re-think OAuth scopes (by Torsten Lodderstedt on April 21, 2019)
https://medium.com/oauth-2/transaction-authorization-or-why-we-need-to-re-think-oauth-scopes-2326e2038948
- 2023-01-26T08:20:10+00:00
Mark Haine reporter
Thinking about profiles I would like to suggest several classes of profile that can be referenced in implementer’s documentation.

Evidence specifics - precisely how each type of evidence should be represented examples might include:
- Passport
- International Driving Licence
- UK Driving License
- Experian Credit reference
Assurance process representration specifics
- GPG45
- eIDAS
- NIST
‌

‌
- 2023-04-12T12:08:13+00:00
Mark Haine reporter
Question of managing profiles needs to be discussed
- 2023-04-12T15:32:25+00:00
Mark Haine reporter
- changed component to Assurance
- changed milestone to next stage (candidates)
- 2023-04-26T15:27:56+00:00
Mark Haine reporter
need to think about how to represent a VC as an electronic record that was used in establishing a level of assurance
- 2023-05-31T15:30:38+00:00
Mark Haine reporter
guidance from MikeJ is that an IANA registry is appropriate for lists of things (we are thinking standards schemas for representing evidence types and assurance types) and the the next step to achieve that is to write an RFC
- 2024-04-10T15:40:01+00:00
Log in to comment

Assignee: –

Type: bug

Priority: major

Status: new

Component: Assurance

Milestone: next stage (candidates)

Votes: 0

Watchers: 1

Jira: the preferred issue tracker for Bitbucket. Join the team!