Difference between revisions of "Self-issued Trust"
From MgmtWiki
(→Full Title or Meme) |
(→Full Title or Meme) |
||
| Line 1: | Line 1: | ||
==Full Title or Meme== | ==Full Title or Meme== | ||
| − | The core concept of [[Self-issued Identifier]]s is that the user can establish a trust relationship with a [[Relying Party]] (PR) that does not permit | + | The core concept of [[Self-issued Identifier]]s is that the user can establish a trust relationship with a [[Relying Party]] (PR) that does not permit sharing of any part of that relationship with a [[Trusted Third Party]]. |
==Context== | ==Context== | ||
Revision as of 05:30, 1 July 2021
Full Title or Meme
The core concept of Self-issued Identifiers is that the user can establish a trust relationship with a Relying Party (PR) that does not permit sharing of any part of that relationship with a Trusted Third Party.
Context
=Participants
- User
- Relying Party
- User Agent (aka SIOP wallet)
- Trusted Third Party (that is kept ignorant of any association between the user and the RP)
Problem
This entire concept is technically difficult (if not impossible) to pull off.
==Trust Relationshipts.
- The user trusts the RP to be telling the truth about its intent to honor the user's intentions wrt the user's data.
- The user trusts the SIOP to be fairly representing the RP.
- The user trusts the SIOP to protect the user's secrets (private keys and other credentials.)
- The user trusts the SIOP to faithfully present user intent to the RP.
- The RP trusts the SIOP to assist in the user authentication process (including user secrets and possibly user liveness.)
- Once a connex is established
