User Agent Assurance: Difference between revisions
Jump to navigation
Jump to search
| Line 9: | Line 9: | ||
==Solutions== | ==Solutions== | ||
===Native Apps=== | ===Native Apps=== | ||
This certifies that the named app has been certified according to all listed trust-registries. | |||
{ | { | ||
"id": 1, | "id": 1, | ||
Revision as of 21:11, 14 January 2021
Full Title or Meme
This is an abstract concept that covers any combination of software and hardware that can be assured to faithfully represent any part of a user's presence or intentions on the web.
Context
- This extends a prior effort to specify a means to report Software Compliance Attestation for Native Apps for US Healthcare to Web Apps and devices like FIDO2.
- There are two relevant standards, both of which are up for review on 2021-01-01
- ISO/IEC 29115 Entity Authentication Assurance
- Nist SP 800-63-3B
Solutions
Native Apps
This certifies that the named app has been certified according to all listed trust-registries.
{
"id": 1,
"name": "us.trustworthy.agent",
"version": "1",
"platform": "Android",
"min_platform": "23",
"source": null,
"jurisdiction": "us-wa",
"user_authn": null,
"dateRegistered": 1576358115,
"url": "https://trustregistry.us/csp",
"trust_registry": "US Healthcare Assurance Framework"
},
Web Apps
This MAAS gives "Fred's software shop' the certification and binding to a signing key.
{
"id": 1,
"name": "us.trustworthy.agent",
"version": "1",
"platform": "ServiceWorker",
"min_platform":null,
"source":
{
"developer":"Fred's software shop',
"key": "...key..."
}
"jurisdiction": "us-wa",
"user_authn": null,
"dateRegistered": 1576358115,
"url": "https://trustregistry.us/csp",
"trust_registry": "US Healthcare Assurance Framework"
},
FIDO Authenticators
References
- Device Integrity supporting User Authentication Use case from 2013