Ensure relying parties are able to receive consistent data items and enumeration types regardless of delivery protocol. The data content delivered: evidence, claims, metadata is the same regardless of the technical protocol by which it is delivered (e.g. OIDC ID Assurance, Verifiable Credentials). The hypothesis is that this objective can achieved through:
- Layered Governance of attribute taxonomy
- Discovery mechanisms for the definition of an attribute
Relying Parties should receive back consistently formatted identity attributes (claims) regardless of which IdP it receives the response from.
IdPs regardless of type should be able to provide evidence and metadata to support identity attributes (claims).
Any governance process must not introduce unnecessary delays. It must be agile, extensible and must not become a blocker.
A layered approach is likely to be required by:
- Global / region / sector
- Taxonomy: name, type, format enumerations
- Assessment of existing attribute structures and definitions defined in common standards.
- Identify and document similarities and differences between existing standards
- Ensure awareness of existing and emerging translation approaches from one protocol to another (SIOP, 2-way switches)
- Create some example that illustrate the need for attribute definition and discovery
- Create a layered approach to describing attributes that could work across different protocols
- Define how discovery might work
- How might data taxonomy be governed on a global, regional and sectorial level?
The following organisations are contributing to this working group:
Barclays, Considrd Consulting, Consult Hyperion, DWP, Hindle Consulting, ID Crowd, II Consulting, Lexis Nexis Risk Solutions, Microsoft, NatWest, Radiam, Sopra Steria, Yoti.