Establishing the key principles that the trust framework needs to follow is vital to how the detail of the framework is written. Every aspect of the framework should be true to these principles.
To ensure the needs of the different parties are considered, OIX suggest that principles are split between the following, in order of precedence:
This does not imply that any Relying Party principle should be compromised in favour of a User principle, rather that in the design of a detailed trust framework the implementation should ensure the User principle is met first.
Principles should be written in plain language, particularly those aimed at the User.
OIX has undertaken a review of principles implemented in different trust frameworks and has produced the following User principles written in plain language. These principles are the 4 Cs:
The User principles should be shared with end users. The Trustmark is a good way afford users access to, and to explain, these principles.
These user-based principles map to a set of architectural and governance principles for the Digital ID Trust Framework: