Credential Service Provider: Difference between revisions
Jump to navigation
Jump to search
(→Notes) |
(→Notes) |
||
Line 3: | Line 3: | ||
A trusted entity that issues or registers subscriber authenticators and issues [verifications of] electronic credentials to subscribers. A CSP may be an independent third party or issue credentials for its own use. | A trusted entity that issues or registers subscriber authenticators and issues [verifications of] electronic credentials to subscribers. A CSP may be an independent third party or issue credentials for its own use. | ||
== | ==Context== | ||
The slight change to the NIST wording was to meant to clarify that subscribers (or subjects) can create their own credentials is protected storage and ask the CSP to verify the security of those credentials. | The slight change to the NIST wording was to meant to clarify that subscribers (or subjects) can create their own credentials is protected storage and ask the CSP to verify the security of those credentials. | ||
Revision as of 19:14, 12 May 2020
Taxonomy Template:
Definition
A trusted entity that issues or registers subscriber authenticators and issues [verifications of] electronic credentials to subscribers. A CSP may be an independent third party or issue credentials for its own use.
Context
The slight change to the NIST wording was to meant to clarify that subscribers (or subjects) can create their own credentials is protected storage and ask the CSP to verify the security of those credentials.
Sources
- A trusted entity that issues or registers subscriber authenticators and issues electronic credentials to subscribers. A CSP may be an independent third party or issue credentials for its own use. (NIST SP 800-63-3)/
- A trusted entity that issues or registers Subscriber tokens and issues electronic credentials to Subscribers. The CSP may encompass Registration Authorities (RAs) and Verifiers that it operates. A CSP may be an independent third party, or may issue credentials for its own use. (Original proposal from IDESG)
- An entity that performs identity proofing, registration and issues some form of a subscriber token within some procedural context designed to convey a degree of trust.(Wallace)
- A trusted entity that issues credentials to Subscribers.(D'Agostino)
Status
Proposed Update