Phase II IDEF Registry: Difference between revisions

Project details for Phase II were tracked here.

Phase III IDEF Registry takes up where this phase ended.

Phase II priority list

Requirements Documents for Phase II

• Interop File:Interop Requirements Update.docx
• Privacy File:Privacy Requirements Update.docx
• Security File:Secure Requirements Update.docx
• Usable File:Usable Requirments Update.docx

Archive of Files provided by Noreen

• IDEF Registry Interviews - Post-Alpha_User_Research_Report.docx
• IDEF Registry Final Analysis IDEF_Registry_Interviews-Requirements-Analysis.xlsx

• File:Evaluation of Requirements-User Research Requirements and Scope.docx
• File:Noreen-UX Guidelines-w Requirements.pdf

Open Issues

after discussions with the team here are a few more thoughts:

1. There will be multiple identifier frameworks which have their own set of identity requirements.
2. Some of the frameworks will be IDEF compliant.
3. All IDESG compliant frameworks will provide a machine-readable method to determine if a web site is a member of the framework
4. Especially at the start most frameworks will not be IDEF compliant.
5. How should an IDEF compliant entity deal with identifiers that are:
   1. from within their own framework, ie within Healthcare or within the education internet 2 framework,
   2. from an external framework that is still IDEF compliant, ie a student being transfer from a school client to the healthcare hospital or from a VA hospital with a PIV card to a public hospital that cannot read it
   3. from an external framework is is not IDEF compliant, ie from a social network site like Google, FB, Microsoft, etc.
6. There is no advice available for entities that do not normally interact with the user on recovery and redress
7. No standard has been found that helps to describe how a site with no user connectivity can meet any privacy or security guideline.

References