Phase II IDEF Registry: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
m (→Open Issues) |
||
Line 17: | Line 17: | ||
* [[File%3ANoreen-UX_Guidelines-w_Requirements.pdf]] | * [[File%3ANoreen-UX_Guidelines-w_Requirements.pdf]] | ||
==Open Issues== | |||
Revision as of 17:49, 25 November 2018
Project details for Phase II should go here.. more to come.
Requirements Documents for Phase II
- Interop File:Interop Requirements Update.docx
- Privacy File:Privacy Requirements Update.docx
- Security File:Secure Requirements Update.docx
- Usable File:Usable Requirments Update.docx
Archive of Files provided by Noreen
- IDEF Registry Interviews - Post-Alpha_User_Research_Report.docx
- IDEF Registry Final Analysis IDEF_Registry_Interviews-Requirements-Analysis.xlsx
- File:Evaluation of Requirements-User Research Requirements and Scope.docx
- File:Noreen-UX Guidelines-w Requirements.pdf
Open Issues
after discussions with the team here are a few more thoughts:
- There will be multiple identifier frameworks which have their own set of identity requirements.
- Some of the frameworks will be IDEF compliant.
- All IDESG compliant frameworks will provide a machine-readable method to determine if a web site is a member of the framework
- Especially at the start most frameworks will not be IDEF compliant.
- How should an IDEF compliant entity deal with identifiers that are:
- from within their own framework, ie within Healthcare or within the education internet 2 framework,
- from an external framework that is still IDEF compliant, ie a student being transfer from a school client to the healthcare hospital or from a VA hospital with a PIV card to a public hospital that cannot read it
- from an external framework is is not IDEF compliant, ie from a social network site like Google, FB, Microsoft, etc.
- There is no advice available for entities that do not normally interact with the user on recovery and redress
- No standard has been found that helps to describe how a site with no user connectivity can meet any privacy or security guideline.