The UK Trust Frameworks forum’s objective to is review and provide feedback on the UK Digital Identity and Attribute Trust Framework (DIATF).
The group reflects on implementation issues that are being experienced in the market place and suggests how these issues might be addressed through improvements or clarifications in the framework.
It also looks are proposed changes that DCMS are planning to implement and provides feedback on ‘consultation topics’ that DCMS come to the market with from time to time.
The aim of the group is to help DCMS evolve the trust framework to ensure it works for all parties - users, relying parties and ID Providers.
Recent topics explored and commented upon include:
- Trust Framework roles - is a clearer separation between reusable ID provide (wallet) and attribute provider required.
- Relying Party flow down terms - what does the framework need to cover Vs what is naturally dealt with in contacts between ID Providers and Relying Parties.
- User Agreement - how explicit is this required to be?
- Framework standards and testing for ID proofing and verification techniques - for documents / selfies in particular.
- Richness of GPG45 options is giving relying parties concerns - RPs want filtering, control and transparency.
- How will DCMS address inconsistencies in ID proofing regulation / guidance across different sectors in a planned and consistent way. e.g. passport expiry treatment.
- IDSP use of Authenticators. Appropriate authenticators for the use case. How/When is binding being done? Are strong authenticators always required for reusable ID account management access.
- How is inclusion going to be addressed?
- Interoperability of IDs across use cases – how this is to be encouraged?
This group is open to any OIX member. OIX Members do not need to be certified to the UK DIAFT to be part of this forum.