Define and publish a high-level guide for a Trust Frameworks through analysis of the ways this has been done to date across different regional trust frameworks.
- What should the framework contain?
- What Roles are there within the framework?
- How can it be governed? (existing paper on oversight authorities)
- What are the key consumer and relying party principles that must be supported?
- What is the role of a Trustmark in communicating the framework to consumers and relying parties?
- A Glossary is required that can be used for all OIX papers and guides going forward.
Overall Trust Framework elements layer design. (Required for OIX Guide)
- What are the key layers? Particularly for Interoperability.
- How should the layers be grouped?
- What rules, policies and procedures might be required at each layer.
Trust Framework roles (Required for OIX Directory)
- Participating Roles and how they interoperate.
- How different roles may often be played by one actor. Examples of this in different geographies.
- Operational roles for those running trust frameworks and schemes.
- Who sets and who is subject to each policy and procedure.
- How might contracts / legal agreements be structured for those participating in the framework
Consumer and Relying Party Principles
- Simple plain language principles.
- Why these 2 parties needs should dictate ALL principles that the framework will need to follow
- Principles precedents: Consumer, Relying Party, Scheme.
- What obligations should each role in the ecosystem should have to support each principle.
- What should a Trustmark convey to the user and relying party to support the principles.
- Should (or how should) a trustmark convey the level of trust a users ID has attained?
- Should there be single Trustmark in each nation / region?
The following organisations are contributing to this working group:
Consult Hyperian, UK Cabinet Office, Lexis Nexis, Miracl, NatWest Group, Octopus.sh, IAG, tScheme, Yoti, Innovate Identity, Identrust, Folio, iLabs, ID Crowd, Blockpass, IDEMIA, Open Identity Foundation.