This is the home for the Kantara-convened community discussion on NISTIR 8112 Attribute Metadata public draft.
Public Draft Open for Comments: https://pages.nist.gov/NISTIR-8112/
HTML rendering of current document version: https://pages.nist.gov/NISTIR-8112/NISTIR-8112.html
github repo: https://github.com/usnistgov/NISTIR-8112
Questions posed by NIST:
Some specific questions we are interested in answering both in the short and long term include:
- Does this bring value to federated scenarios and identity solutions?
- Would your community or organization profile this schema to support a specific solution or sector?
- Is the body of attribute and attribute value metadata complete? What is missing? What should be removed?
- Is the categorization adequate and complete? Did we miss anything that is critical to improve trust and confidence in decision making based on federated attributes?
- Is trust-time vs. run-time sufficiently considered? Should the defined attribute metadata be shifted among these two lifecycle phases?
- Is the delineation between attribute and attribute value metadata clear and are both required in this schema?
- Is level of effort required to integrate and leverage the schema commensurate with the value of the schema?
- Does the addition of the metadata negatively impact performance of systems?