Difference between revisions of "Self-issued Trust"

From MgmtWiki
Jump to: navigation, search
(Created page with "==Full Title or Meme== The core concept of [[Self-issued Identifier]s is that the user can establish a trust relationship with a Relying Party (PR) that does not permit st...")
(No difference)

Revision as of 05:29, 1 July 2021

Full Title or Meme

The core concept of [[Self-issued Identifier]s is that the user can establish a trust relationship with a Relying Party (PR) that does not permit string of any part of that relationship with a Trusted Third Party.

Context

=Participants

  1. User
  2. Relying Party
  3. User Agent (aka SIOP wallet)
  4. Trusted Third Party (that is kept ignorant of any association between the user and the RP)

Problem

This entire concept is technically difficult (if not impossible) to pull off.

==Trust Relationshipts.

  1. The user trusts the RP to be telling the truth about its intent to honor the user's intentions wrt the user's data.
  2. The user trusts the SIOP to be fairly representing the RP.
  3. The user trusts the SIOP to protect the user's secrets (private keys and other credentials.)
  4. The user trusts the SIOP to faithfully present user intent to the RP.
  5. The RP trusts the SIOP to assist in the user authentication process (including user secrets and possibly user liveness.)
  6. Once a connex is established 

References