Best Practices and Example for RP System: Difference between revisions
Mary Hodder (talk | contribs) (Begin page with Tom's brainstorm) |
Mary Hodder (talk | contribs) (More brainstorm on what is needed for RP system for IDESG) |
||
Line 5: | Line 5: | ||
Set up goals and start to build a use case for an example idp that we could promote to the industry. | Set up goals and start to build a use case for an example idp that we could promote to the industry. | ||
1. Now that the IDESG has established a self assessment, work on enabling the id ecosystem. | 1. Now that the IDESG has established a self assessment, work on enabling the id ecosystem. <br> | ||
2. Promote a Trustmark with UX collateral, images of various sizes for web sites. | 2. Promote a Trustmark with UX collateral, images of various sizes for web sites. <br> | ||
3. The IDESG web site itself should be an example of | 3. The IDESG web site itself should be an example of Guidelines. <br> | ||
4. There is an IdP which shows the | 4. There is an IdP which shows the Guidelines for that industry. <br> | ||
5. The various IDESG web sites become example of RP | 5. The various IDESG web sites become example of RP Guidelines. <br> | ||
6. The UXC work on suggestions for the look and feel of a | 6. The UXC work on suggestions for the look and feel of a Guidelines RP. <br> | ||
7. The UXC work on a use case for an IdP. | 7. The UXC work on a use case for an IdP. <br> | ||
8. Preliminary work on the IdP begins. | 8. Preliminary work on the IdP begins. <br> | ||
Questions: | |||
Necessitated by the issues with the existing rolls and the need for a new membership plan IDESG will put in place: | |||
:1. A modern individual respectful enrollment and registration system for identities as well as identity services. | |||
:2. IDESG will then use this as the authoritative source for member and registrant services. | |||
:3. As part of the IDESG membership plan we will issue credentials that adhere to our own principle | |||
:4. Provide not only member credentials for IDESG resources but also options for credentials that would be externally accepted. | |||
:5. IDESG will provide options for authentication and other services from members of the IDEF Registry | |||
:** a. In which case IDESG (or organizations certified by IDESG) will act as the independent 3rd party to assess their services. | |||
Will need to build for best practices: | |||
:* [[Privacy policy]] | |||
:* [[Terms of use]] | |||
:* Are there specific TOU and PP provisions that demonstrate how the IDEAL RP might deal with Identities in their policies. | |||
Other issues to look at: | |||
:* AV Certs |
Revision as of 17:54, 6 December 2016
Brainstorm from Tom:
Set up goals and start to build a use case for an example idp that we could promote to the industry.
1. Now that the IDESG has established a self assessment, work on enabling the id ecosystem.
2. Promote a Trustmark with UX collateral, images of various sizes for web sites.
3. The IDESG web site itself should be an example of Guidelines.
4. There is an IdP which shows the Guidelines for that industry.
5. The various IDESG web sites become example of RP Guidelines.
6. The UXC work on suggestions for the look and feel of a Guidelines RP.
7. The UXC work on a use case for an IdP.
8. Preliminary work on the IdP begins.
Questions:
Necessitated by the issues with the existing rolls and the need for a new membership plan IDESG will put in place:
- 1. A modern individual respectful enrollment and registration system for identities as well as identity services.
- 2. IDESG will then use this as the authoritative source for member and registrant services.
- 3. As part of the IDESG membership plan we will issue credentials that adhere to our own principle
- 4. Provide not only member credentials for IDESG resources but also options for credentials that would be externally accepted.
- 5. IDESG will provide options for authentication and other services from members of the IDEF Registry
- a. In which case IDESG (or organizations certified by IDESG) will act as the independent 3rd party to assess their services.
Will need to build for best practices:
- Privacy policy
- Terms of use
- Are there specific TOU and PP provisions that demonstrate how the IDEAL RP might deal with Identities in their policies.
Other issues to look at:
- AV Certs