Interop Req 2: Difference between revisions
m (13 revisions imported: Initial Upload of old pages from IDESG Wiki) |
(No difference)
|
Latest revision as of 04:01, 28 June 2018
<< Back to Baseline Functional Requirements Index
INTEROP-2. THIRD PARTY CREDENTIALS
Entities who issue credentials or assertions MUST issue them using content and methods that are capable of being consumed for multiple purposes and multiple recipients.
SUPPLEMENTAL GUIDANCE
This Requirement applies to entities that issue identity credentials and/or assertions and requires that the credentials/assertions issued by such entities may be accepted by multiple THIRD-PARTIES (such as RELYING PARTIES). This does not require that such credentials/assertions must be accepted by all THIRD-PARTIES; rather, the Requirement is that credentials/assertions may be accepted by multiple (more than one) THIRD-PARTIES. Single-purpose Identity credentials/assertions that are used exclusively for access to a single enterprise/online resource that are not permitted for authentication by any external THIRD-PARTY would not conform to this Requirement.
This Requirement addresses the format or expression of the credential or assertion data itself and policies for its use, and not its method of exchange, which is addressed in INTEROP-04 (STANDARDIZED DATA EXCHANGES)
REFERENCES
IDESG Functional Model: https://workspace.idesg.org/kws/public/download.php/53/IDEF-Functional-Model-v1.0.pdf
APPLIES TO ACTIVITIES
CREDENTIALING, AUTHENTICATION, AUTHORIZATION, INTERMEDIATION
KEYWORDS
ASSERTION, CREDENTIAL, INTEROPERABILITY, THIRD-PARTIES
Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |