Difference between revisions of "Attribute Attestation"

From MgmtWiki
Jump to: navigation, search
(Context)
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
==Full Title or Meme==
 
==Full Title or Meme==
The qualified Electronic Attribute Attestations (qEAAs) were introduced in eIDAS2 [10] for use with the EUDI Wallet.  
+
A data construct designed to carry information about a small number of a subject's [[Attribute]]s while not resulting in the identification of that subject.  An example [[Attribute]] would be the age of the holder of a certificate with that attribute.
Hence, Article 24 in eIDAS2 has been updated to allow for QTSPs to issue qualified Electronic Attribute Attestations  
+
 
(qEAAs) as well as Qualified Certificates.
+
==Context==
Furthermore, eIDAS2 Article 24.1a <ref>“Proposal for a Regulation of the European Parliament and of the Council amending Regulation (EU) No 910/2014 as regards  
+
* [https://csrc.nist.gov/pubs/ir/8480/ipd NIST IR 8480 (Initial Public Draft) Attribute Validation Services for Identity Management: Architecture, Security, Privacy, and Operational Considerations] 2024-10-07
establishing a framework for a European Digital Identity.” European Commission. June 2021. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:52021PC0281</ref> has been updated with respect to identification for issuance of qEEAs and  
+
* The qualified Electronic Attribute Attestations (qEAAs) were introduced in eIDAS2<ref>European Commission. ''Proposal for a Regulation of the European Parliament and of the Council amending Regulation (EU) No 910/2014 as regards establishing a framework for a European Digital Identity''  2021-06. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:52021PC0281</ref> for use with the EUDI Wallet. Hence, Article 24 in eIDAS2 has been updated to allow for QTSPs to issue qualified Electronic Attribute Attestations (qEAAs) as well as Qualified Certificates. Furthermore, eIDAS2 Article 24.1a  has been updated with respect to identification for issuance of qEEAs and Qualified Certificates: “by means of a notified electronic identification means which meets the requirements set out in Article 8 with regard to the assurance levels ‘substantial’ or ‘high’;” Another change to the eIDAS2 regulation with regards to QTSPs is that the proposed EU NIS2 directive will shift some of the auditing and reporting requirements to the supervisory bodies.
Qualified Certificates:
 
“by means of a notified electronic identification means which meets the requirements set out in Article 8 with regard to the  
 
assurance levels ‘substantial’ or ‘high’;”
 
Another change to the eIDAS2 regulation with regards to QTSPs is that the proposed EU NIS2 directive will shift some of  
 
the auditing and reporting requirements to the supervisory bodies.
 
  
“Proposal for a Regulation of the European Parliament and of the Council amending Regulation (EU) No 910/2014 as regards
 
establishing a framework for a European Digital Identity.” European Commission. June 2021. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:52021PC0281
 
 
==References==
 
==References==
  
 +
[[Category: Attribute]]
 
[[Category: Attestation]]
 
[[Category: Attestation]]

Latest revision as of 10:29, 12 November 2024

Full Title or Meme

A data construct designed to carry information about a small number of a subject's Attributes while not resulting in the identification of that subject. An example Attribute would be the age of the holder of a certificate with that attribute.

Context

  • NIST IR 8480 (Initial Public Draft) Attribute Validation Services for Identity Management: Architecture, Security, Privacy, and Operational Considerations 2024-10-07
  • The qualified Electronic Attribute Attestations (qEAAs) were introduced in eIDAS2[1] for use with the EUDI Wallet. Hence, Article 24 in eIDAS2 has been updated to allow for QTSPs to issue qualified Electronic Attribute Attestations (qEAAs) as well as Qualified Certificates. Furthermore, eIDAS2 Article 24.1a has been updated with respect to identification for issuance of qEEAs and Qualified Certificates: “by means of a notified electronic identification means which meets the requirements set out in Article 8 with regard to the assurance levels ‘substantial’ or ‘high’;” Another change to the eIDAS2 regulation with regards to QTSPs is that the proposed EU NIS2 directive will shift some of the auditing and reporting requirements to the supervisory bodies.

References

  1. European Commission. Proposal for a Regulation of the European Parliament and of the Council amending Regulation (EU) No 910/2014 as regards establishing a framework for a European Digital Identity 2021-06. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:52021PC0281