Interop Req 4: Difference between revisions

Latest revision as of 04:01, 28 June 2018

<< Back to Baseline Functional Requirements Index

INTEROP-4. STANDARDIZED DATA EXCHANGES

Entities that conduct digital identity management functions MUST use systems and processes to communicate and exchange identity-related data that conform to public open STANDARDS.

SUPPLEMENTAL GUIDANCE

This Requirement is that entities must use public open STANDARDS when conducting data interface and exchange transactions with THIRD-PARTIES. It does not require that entities must be capable to use all interface STANDARDS, but must be capable of using at least one. Sufficient options exist among nonproprietary published methods today.

This Requirement addresses transmission and exchange data protocols, reliable messaging, and database/repository/registry transactions, within which entities may offer, seek and obtain identity data. Please note, however, that this Requirement does not address formats or expressions for the identity data itself (which are addressed by INTEROP-2 (THIRD-PARTY CREDENTIALS) and INTEROP-3 (STANDARDIZED CREDENTIALS)), nor transport or protective methods and protocols (which are addressed separately in the IDESG Security Requirements SECURE-1 through SECURE-15)).

Regarding "digital identity management functions", see Appendix A.

REFERENCES

Reference for open standards: OMB Circular A-119: Federal Participation in the Development and Use of Voluntary Consensus Standards and in Conformity Assessment Activities, https://www.whitehouse.gov/omb/circulars_a119

Reference for roles, functions, and operations, IDESG Functional Model, https://workspace.idesg.org/kws/public/download.php/53/IDEF-Functional-Model-v1.0.pdf

Reference examples for interface and exchange protocols: