Trust Service
From MgmtWiki
Revision as of 12:13, 15 November 2018 by Tom (talk | contribs) (→German Proposal for Identity and Trust Services)
Contents
Full Title or Meme
Any Web Site that reports on the depth of support that other sites or documents have for the principles of the Framework Profiles that they claim to support.
Context
- Any Web Site that wishes to acquire User Information should first present Assurance as to their trustworthiness to the User.
Problem
- There are few functional trust services today, for example:
- DOI
- DNSSEC
Solution
Compare with other solutions like:
- Attempts to make a trusted connection from a user to Web Site have included EV Certs and other attempt to over come the failings inherent in trusting any connection based on the URL have all failed. See the page Bearer Tokens Considered Harmful for details.
- Create a Trusted Identifier as a URN for web sites and then bind the token to that URN.
German Proposal for Identity and Trust Services
- Draft Instrument on Cross-Border Legal Recognition of Identity Management and Trust Services — Proposal by Germany (2018-11)
- There was a lot of irrelevant stuff from a technological standpoint, including an attempt to include block chain. The following seems to map to the technology:
- Extract from Pramble:
Assuming that uniform rules shall be based on respect for the freedom of parties to choose appropriate media, technologies, identification and trust services, taking into account the principles of technological neutrality and functional equivalence, to the extent in which the means selected by the parties are relevant to the purpose of the existing law; Recognizing the opportunity and feasibility of both centralized and decentralized systems of trust, and their utilization to accelerate progress and digital economy, including the trusted implementation of e-commerce and transport, electronic dispute settlement, creation of e-government and electronic public services, development of online training courses, e-healthcare, various electronic registries, electronic financial services
- Para I 3 - The transboundary environment of trust includes the following segments: Centralized, Self-regulating.
- Para II 1(1) - “Participants in the transboundary environment of trust” means public authorities, the Coordinating Council, trust service operators, distributed databases operators, and individuals and organizations;
- Para II 1(6) - “Trust services” mean services which confirm the veracity and genuineness of electronic documents and/or their details, including but not limited to services related to the creation and use of electronic signatures, electronic seals, electronic timestamps, electronic delivery and authentication of websites.
- Para II 1(10) - “Trust service operator” means an individual or a legal entity which complies with the requirements established by the Coordinating Council, holds a confirmation of compliance obtained through a procedure established by the Coordinating Council, and provides trust services within the centralized segment of the transboundary environment of trust;
- Para II 1(12) - “User” means a public authority, an individual, or an organization which is a sender or a receiver of electronic messages and/or electronic documents, including those sent through the services provided within the self-regulatory segment of the transboundary environment of trust
- Para II 1 (19) - “A qualified website authentication certificate” means an electronic confirmation that allows website authentication linking websites to a physical person or legal entity to which this confirmation was issued by the trust service operator which passed the conformity procedure pursuant to article 8, paragraph 6, of this [draft instrument], and which complies with the requirements of the Coordinating Council
- Para II 1
