openid / ekyc-ida / issues / #1408 - Feedback on OIDC4IDA draft from Dima - part 1

Comments (5)

Hodari McClain

Quick review before diving in to make changes:

add word “protocol” after “OpenId Connect” on the 1st line
remove word “verified” from “for providing relying parties with verified claims about end-users“
add the following after “end-users” … ” that have a certain level of verification and/or additional metadata about the claim or the process of verification.”
replace “or identity assurance and verification. This extension facilitates the verification of the identity of a natural person.” with “for access control, entitlement decisions or input to further verification processes“ not sure i understand the intent here--as part of the same sentence?

Introduction:

first sentence of Introduction is repeat of first sentence of Abstract. replace “This specification defines an extension to OpenID Connect [OpenID] for providing relying parties with identity information,“ with “This extension to OpenID Connect [OpenID] standardises how relying parties request and receive identity information with additional assurance metadata,”
update”While authentication is an aspect of an OpenID Connect transaction, assurance is a property of a certain claim or a group of claims” to “While authentication is an aspect of an OpenID Connect transaction, assurance and associated verification and validation details, is a property of a certain claim or a group of claims.”
remove “by opt-in or similar mechanism”
remove “therefore“ from “Identity assurance therefore requires a way to convey assurance data“
remove whole paragraph “Note: This specifications fulfills the criteria for portability and interoperability mechanisms of Digital ID systems as defined in [FATF-Digital-Identity].“

Scope:

remove plurals from “This specification defines the technical mechanisms to allow relying parties to request verified claims“ so that it is “This specification is a definition the technical mechanism to allow a relying party to request one or more verified claim“
then add “about the end-user“ immediately after the previous wording

Terms and definitions:

claim: remove the text “SOURCE” and the associated new line
identity proofing: add ref for “OP”
Add new definition for “claim provider” that states it is synonymous with “claims provider” in OIDC Core
verified claim - should not start with plural “claims”

‌

2024-04-10T03:30:16+00:00

Mark Haine reporter

changed status to open

2024-04-10T13:32:49+00:00

Mark Haine reporter

changed component to Assurance
changed milestone to IDA Final

2024-04-10T13:33:07+00:00

Hodari McClain

for Dima’s suggested edit to terms and definitions/identity proofing, OP already has a ref in Introduction section; will stage the change and discuss

2024-04-27T02:05:56+00:00

Hodari McClain

PR#213

2024-04-27T02:41:35+00:00

Hodari McClain
Quick review before diving in to make changes:
1. add word “protocol” after “OpenId Connect” on the 1st line
2. remove word “verified” from “for providing relying parties with verified claims about end-users“
3. add the following after “end-users” … ” that have a certain level of verification and/or additional metadata about the claim or the process of verification.”
4. replace “or identity assurance and verification. This extension facilitates the verification of the identity of a natural person.” with “for access control, entitlement decisions or input to further verification processes“ not sure i understand the intent here--as part of the same sentence?
Introduction:
1. first sentence of Introduction is repeat of first sentence of Abstract. replace “This specification defines an extension to OpenID Connect [OpenID] for providing relying parties with identity information,“ with “This extension to OpenID Connect [OpenID] standardises how relying parties request and receive identity information with additional assurance metadata,”
2. update”While authentication is an aspect of an OpenID Connect transaction, assurance is a property of a certain claim or a group of claims” to “While authentication is an aspect of an OpenID Connect transaction, assurance and associated verification and validation details, is a property of a certain claim or a group of claims.”
3. remove “by opt-in or similar mechanism”
4. remove “therefore“ from “Identity assurance therefore requires a way to convey assurance data“
5. remove whole paragraph “Note: This specifications fulfills the criteria for portability and interoperability mechanisms of Digital ID systems as defined in [FATF-Digital-Identity].“
Scope:
1. remove plurals from “This specification defines the technical mechanisms to allow relying parties to request verified claims“ so that it is “This specification is a definition the technical mechanism to allow a relying party to request one or more verified claim“
2. then add “about the end-user“ immediately after the previous wording
Terms and definitions:
1. claim: remove the text “SOURCE” and the associated new line
2. identity proofing: add ref for “OP”
3. Add new definition for “claim provider” that states it is synonymous with “claims provider” in OIDC Core
4. verified claim - should not start with plural “claims”
‌

‌
- 2024-04-10T03:30:16+00:00
Mark Haine reporter
- changed status to open
- 2024-04-10T13:32:49+00:00
Mark Haine reporter
- changed component to Assurance
- changed milestone to IDA Final
- 2024-04-10T13:33:07+00:00
Hodari McClain
for Dima’s suggested edit to terms and definitions/identity proofing, OP already has a ref in Introduction section; will stage the change and discuss
- 2024-04-27T02:05:56+00:00
Hodari McClain
PR#213
- 2024-04-27T02:41:35+00:00
Log in to comment