User Agent Assurance: Difference between revisions
Jump to navigation
Jump to search
| Line 31: | Line 31: | ||
"min_platform":null, | "min_platform":null, | ||
"source": | "source": | ||
{ | |||
"developer":"Fred's software shop', | |||
"key": "...key..." | "key": "...key..." | ||
} | } | ||
Revision as of 21:07, 14 January 2021
Full Title or Meme
This is an abstract concept that covers any combination of software and hardware that can be assured to faithfully represent any part of a user's presence or intentions on the web.
Context
- This extends a prior effort to specify a means to report Software Compliance Attestation for Native Apps for US Healthcare to Web Apps and devices like FIDO2.
- There are two relevant standards, both of which are up for review on 2021-01-01
- ISO/IEC 29115 Entity Authentication Assurance
- Nist SP 800-63-3B
Solutions
Native Apps
{
"id": 1,
"name": "us.trustworthy.agent",
"version": "1",
"platform": "Android",
"min_platform": "23",
"source": null,
"jurisdiction": "us-wa",
"user_authn": null,
"dateRegistered": 1576358115,
"url": "https://trustregistry.us/csp",
"trust_registry": "US Healthcare Assurance Framework"
},
Web Apps
{
"id": 1,
"name": "us.trustworthy.agent",
"version": "1",
"platform": "ServiceWorker",
"min_platform":null,
"source":
{
"developer":"Fred's software shop',
"key": "...key..."
}
"jurisdiction": "us-wa",
"user_authn": null,
"dateRegistered": 1576358115,
"url": "https://trustregistry.us/csp",
"trust_registry": "US Healthcare Assurance Framework"
},
FIDO Authenticators
References
- Device Integrity supporting User Authentication Use case from 2013