[KI-LC] Trust Framework Meta Model (TFMM) WG charter for LC review and approval
kantara at bobpinheiro.com
Tue Mar 29 12:47:46 EDT 2011
So it would appear then that an Identity Assurance Framework differs
from a Trust Framework in two major regards:
An IAF (as currently defined by KI IAF 2.0) focuses strictly on the
assurance levels of identity assertions from IdP to RP. There is only
one type of RP, which is an entity providing services to the subject/end
user. The assertions refer strictly to the identity of the subject.
The IAF defines responsibilities and liabilities for only 3 kinds of
actors: subjects/end users, service providers/relying parties, and
identity providers/credential service providers.
A TF is an expanded version of an IAF in which assertions can involve
claims other than those strictly pertaining to identity; e.g.,
age-related claims, membership-related claims, etc. The set of actors
is expanded to include other entities such as attribute providers,
federation operators, registration authorities, etc. Each of these
actors carries with it certain responsibilities. Trust relationships
between actors implies that there is an expectation by one actor (the
relying party) that the other will behave in a certain way. Privacy
considerations are reflected in a trust relationship between a service
provider and a subject, and between an identity provider and a subject.
In these cases, the subject becomes a relying party.
So basically an IAF is a subset or slimmed-down version of a TF.
Privacy (as well as other potential expectations) is not defined in the
IAF, but will be part of a TF.
I'm assuming the purpose behind defining a TF meta-model is that any
real-world deployment of a trust community based on the IAF would be
perceived as deficient in certain regards, and those deficiencies would
be corrected with an appropriate TF. For example, IAF doesn't include
privacy considerations, but a TF would.
On 3/29/2011 10:41 AM, John Bradley wrote:
> A trust framework comprises more actors than are considered in scope
> for the IAF. Those actors include RP, Federation operators,
> Attribute providers, User controlled personal information stores.
> This page may help explain.
> John B.
> On 2011-03-29, at 10:29 AM, Frazier-McElveen, Myisha wrote:
>> In my view a Trust Framework encompasses the broader trust
>> relationship under which a federated exchange of identity would
>> occur. So the assurance of the identity bound to the credential is
>> one component. The privacy concerns of the transaction would be
>> another component. The legal and liability aspect could be another
>> component. But the Trust Framework would consider ALL components
>> that would facilitate trust relationship and federated exchange of
>> identity information.
>> /*Myisha Frazier-McElveen*/
>> Identity Management Practice Manager
>> 13873 Park Center Road
>> Herndon, VA 20171
>> (O) 703-766-6203
>> (M) 240-751-7780
>> *From:* lc-bounces at kantarainitiative.org
>> <mailto:lc-bounces at kantarainitiative.org> on behalf of Bob Pinheiro
>> *Sent:* Tue 3/29/2011 10:28 AM
>> *To:* lc at kantarainitiative.org <mailto:lc at kantarainitiative.org>
>> *Subject:* Re: [KI-LC] Trust Framework Meta Model (TFMM) WG charter
>> for LC review and approval
>> I'd like to make sure I understand the difference between a Trust
>> Framework and an Identity Assurance Framework. My understanding is
>> that an Identity Assurance Framework is concerned strictly with
>> providing assurance about the identity of an individual (and perhaps
>> other entities as well), whereas a Trust Framework is concerned with
>> providing assurance of more generalized claims. So in practical
>> terms, the Service Assessment Criteria for an IAF is strictly limited
>> to identity proofing of individuals (or other entities), whereas the
>> corresponding criteria for a TF is concerned with verification of
>> other non-identifier attributes that define a claim. Other than
>> that, they are basically the same.
>> Is that correct? Or are there other differences?
>> Bob P.
>> On 3/17/2011 5:41 PM, Eve Maler wrote:
>>> Folks-- I've just accepted this charter for consideration. Please
>>> review, comment on the list, and be prepared to vote on approval of
>>> this charter at our Mar 30 meeting. Thanks!
>>> Begin forwarded message:
>>>> *From: *Joni Brennan <joni at ieee-isto.org <mailto:joni at ieee-isto.org>>
>>>> *Date: *17 March 2011 9:20:40 AM PDT
>>>> *To: *Eve Maler <eve at xmlgrrl.com <mailto:eve at xmlgrrl.com>>
>>>> *Cc: *Rainer Hörbe <rainer at hoerbe.at <mailto:rainer at hoerbe.at>>,
>>>> John Bradley <jbradley at mac.com <mailto:jbradley at mac.com>>, Anna
>>>> Ticktin <annaticktin at me.com <mailto:annaticktin at me.com>>
>>>> *Subject: **Draft TFMM WG Charter for LC consideration*
>>>> Hi Eve,
>>>> Attached is the draft TFMM WG charter that we briefly spoke about
>>>> yesterday on the LC call. Rainer would be the convener and he
>>>> feels the draft charter is ready to move forward in the LC. John
>>>> Bradley has also been close to the development of this charter and
>>>> John may represent to answer questions in the case that Rainer is
>>>> not available to do so.
>>>> When you have a moment please have a review of the Draft charter
>>>> and advise if/when it's ready to move forward in LC. Also worth
>>>> noting that the stakeholders of this group are already in a sense
>>>> 'working' so I think it's fair to say that they'd like to move
>>>> forward as speedily as possible to form this WG for the focused
>>>> purpose of developing the TFMM.
>>>> Please advise if there are questions or with confirmation that the
>>>> charter is ready to move forward.
>>>> Thanks much,
>>>> Joni Brennan
>>>> Kantara Initiative | Executive Director
>>>> voice:+1 732-226-4223
>>>> email: joni @ ieee-isto.org <http://ieee-isto.org/>
>>>> gtalk: jonibrennan
>>>> skype: upon request
>>>> Join the conversation on the community@ list -
>>> Eve Maler http://www.xmlgrrl.com/blog
>>> +1 425 345 6756 http://www.twitter.com/xmlgrrl
>>> LC mailing list
>>> LC at kantarainitiative.org
>> LC mailing list
>> LC at kantarainitiative.org <mailto:LC at kantarainitiative.org>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the LC