Difference between revisions of "Relying Party"

From MgmtWiki
Jump to: navigation, search
(Context)
(Context)
 
(4 intermediate revisions by the same user not shown)
Line 3: Line 3:
  
 
==Context==
 
==Context==
* The RP will often encompasses the [[OpenID Connect]] client role among other roles.
+
* An [[Entity]] that contains the role of RP:
* The RP may include the role of a [[Resource]] provider, but may not include the role of a provider of [[User Private Information]]; which does not preclude the [[Entity]] providing the RP role from providing other roles.
+
# here inlcudes the role of a [[Data Controller]] that contains user information and is required to meet the rules of one or more legal jurisdictions of as a custodian of that information,
 +
# will often encompasses the [[OpenID Connect]] client role among other roles.
 +
# may include the role of a [[Resource]] provider, but may not include the role of a provider of [[User Private Information]]; which does not preclude the [[Entity]] providing the RP role from providing other roles as well.
 +
 
 +
==Problems==
 +
* The RP is in a conflicting situation where has decided to hold user information for its own purposes, but is ethically and legally bound to respect the user's right to have control of their own information.
 +
==References==
  
 
[[Category: Glossary]]
 
[[Category: Glossary]]

Latest revision as of 10:16, 14 February 2021

Full Title or Meme

The Relying Party (RP) is a role in network based computer Entity that uses other web services to determine the identifiers, attributes, behaviors and inferences behind another web entity that is trying to access resources that it controls.

Context

  • An Entity that contains the role of RP:
  1. here inlcudes the role of a Data Controller that contains user information and is required to meet the rules of one or more legal jurisdictions of as a custodian of that information,
  2. will often encompasses the OpenID Connect client role among other roles.
  3. may include the role of a Resource provider, but may not include the role of a provider of User Private Information; which does not preclude the Entity providing the RP role from providing other roles as well.

Problems

  • The RP is in a conflicting situation where has decided to hold user information for its own purposes, but is ethically and legally bound to respect the user's right to have control of their own information.

References